* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 6be5335cb8c819f707e1424cc22d5a2cbc0daa4d
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Mar 19 09:30:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=6be5335c
Label system-config-printer applet properly on Arch Linux
It is used by system-config-printer, as shown by these AVC denials:
avc: denied { execute } for pid=1061 comm="system-config-p"
name="applet.py" dev="dm-0" ino=9568316
scontext=sysadm_u:sysadm_r:sysadm_t tcontext=system_u:object_r:usr_t
tclass=file permissive=1
avc: denied { execute_no_trans } for pid=1061
comm="system-config-p"
path="/usr/share/system-config-printer/applet.py" dev="dm-0"
ino=9568316 scontext=sysadm_u:sysadm_r:sysadm_t
tcontext=system_u:object_r:usr_t tclass=file permissive=1
policy/modules/kernel/corecommands.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index db76963..320f040 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -326,6 +326,7 @@ ifdef(`distro_gentoo',`
/usr/share/selinux/devel/policygentool -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/smolt/client(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/spamassassin/sa-update\.cron gen_context(system_u:object_r:bin_t,s0)
+/usr/share/system-config-printer/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/texmf/web2c/mktexdir -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/texmf-dist/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
@@ -384,7 +385,6 @@ ifdef(`distro_redhat', `
/usr/share/system-config-network/neat-control\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-nfs/nfs-export\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-nfs/system-config-nfs\.py -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/system-config-printer/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-rootpassword/system-config-rootpassword -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-samba/system-config-samba\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-securitylevel/system-config-securitylevel\.py -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2024-09-22 0:03 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2024-09-22 0:03 UTC (permalink / raw
To: gentoo-commits
commit: c0cd142f78e3bf2ed7a83595f3bbee985b00234a
Author: Yi Zhao <yi.zhao <AT> windriver <DOT> com>
AuthorDate: Fri Aug 30 03:46:34 2024 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Sep 21 22:28:29 2024 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c0cd142f
devices: add label vsock_device_t for /dev/vsock
Vsock is a Linux socket family designed to allow communication between a
VM and its hypervisor. Add a new label vsock_device_t for vsock device.
Signed-off-by: Yi Zhao <yi.zhao <AT> windriver.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.if | 54 ++++++++++++++++++++++++++++++++++++++++
policy/modules/kernel/devices.te | 6 +++++
3 files changed, 61 insertions(+)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index fb3010308..5d7d2a4c1 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -134,6 +134,7 @@ ifdef(`distro_suse', `
')
/dev/vbi.* -c gen_context(system_u:object_r:v4l_device_t,s0)
/dev/vbox.* -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
+/dev/vsock -c gen_context(system_u:object_r:vsock_device_t,s0)
/dev/vfio/.+ -c gen_context(system_u:object_r:vfio_device_t,s0)
/dev/vga_arbiter -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
/dev/vhci -c gen_context(system_u:object_r:vhost_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index aabc1b8e7..930f164e9 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5556,6 +5556,60 @@ interface(`dev_rwx_vmware',`
allow $1 vmware_device_t:chr_file { execute map };
')
+########################################
+## <summary>
+## Read the vsock device.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_read_vsock',`
+ gen_require(`
+ type device_t, vsock_device_t;
+ ')
+
+ read_chr_files_pattern($1, device_t, vsock_device_t)
+')
+
+########################################
+## <summary>
+## Write the vsock device.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_write_vsock',`
+ gen_require(`
+ type device_t, vsock_device_t;
+ ')
+
+ write_chr_files_pattern($1, device_t, vsock_device_t)
+')
+
+########################################
+## <summary>
+## Read and write the vsock device.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_rw_vsock',`
+ gen_require(`
+ type device_t, vsock_device_t;
+ ')
+
+ rw_chr_files_pattern($1, device_t, vsock_device_t)
+')
+
########################################
## <summary>
## Read from watchdog devices.
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index c06a77ade..255a30b09 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -402,6 +402,12 @@ dev_node(vhost_device_t)
type vmware_device_t;
dev_node(vmware_device_t)
+#
+# vsock_device_t is the type for /dev/vsock
+#
+type vsock_device_t;
+dev_node(vsock_device_t)
+
type watchdog_device_t;
dev_node(watchdog_device_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2024-03-01 19:56 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2024-03-01 19:56 UTC (permalink / raw
To: gentoo-commits
commit: 5c8203bfd90758d92cd93c786de8fe94e6d716ca
Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com>
AuthorDate: Thu Feb 22 17:00:48 2024 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Fri Mar 1 17:05:52 2024 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5c8203bf
fs: add support for virtiofs
Adopted from https://github.com/fedora-selinux/selinux-policy/commit/5580e9a576f759820dbc3387961ce58a959221dc
Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/filesystem.te | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index f21fc71e9..f9aa5f90b 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -41,6 +41,7 @@ fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr overlay gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ubifs gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr virtiofs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
@@ -203,6 +204,16 @@ optional_policy(`
init_mountpoint(tracefs_t)
')
+
+#
+# virtiofs_t is the default type for virtio file systems
+# and their files.
+#
+type virtiofs_t;
+fs_noxattr_type(virtiofs_t)
+files_mountpoint(virtiofs_t)
+genfscon virtiofs / gen_context(system_u:object_r:virtiofs_t,s0)
+
type vmblock_t;
fs_noxattr_type(vmblock_t)
files_mountpoint(vmblock_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2024-03-01 19:56 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2024-03-01 19:56 UTC (permalink / raw
To: gentoo-commits
commit: a1f8db5c896e3aef75922cf3ff53ccd53e00f79f
Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com>
AuthorDate: Thu Feb 22 17:00:43 2024 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Fri Mar 1 17:05:48 2024 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a1f8db5c
fs: mark memory pressure type as file
Associate the type memory_pressure_t with the attribute file_type, so
all attribute based rules apply, e.g. for unconfined_t.
Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 7ffac9812..f21fc71e9 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -100,6 +100,7 @@ genfscon cgroup2 / gen_context(system_u:object_r:cgroup_t,s0)
# the rest of the cgroup tree.
type memory_pressure_t;
typeattribute memory_pressure_t cgroup_types;
+files_type(memory_pressure_t)
dev_associate_sysfs(memory_pressure_t)
type configfs_t;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2023-02-13 15:35 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2023-02-13 15:35 UTC (permalink / raw
To: gentoo-commits
commit: fb931664be3edc23bc7641f910342590f4335e21
Author: Corentin LABBE <clabbe.montjoie <AT> gmail <DOT> com>
AuthorDate: Tue Jan 3 08:22:11 2023 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Mon Feb 13 15:19:30 2023 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=fb931664
mcelog: add missing file context for triggers
I got the following AVC:
allow mcelog_t mcelog_etc_t:file execute;
This is due do some trigger, not being set as bin_t
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 801 nov. 1 19:11 bus-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 1035 nov. 1 19:11 cache-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 1213 nov. 1 19:11 dimm-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 742 nov. 1 19:11 iomca-error-trigger
-rw-r-----. 1 root root system_u:object_r:mcelog_etc_t 7415 nov. 1 19:11 mcelog.conf
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1209 nov. 1 19:11 page-error-counter-replacement-trigger
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1656 nov. 1 19:11 page-error-post-sync-soft-trigger
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1640 nov. 1 19:11 page-error-pre-sync-soft-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 1308 nov. 1 19:11 page-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 1057 nov. 1 19:11 socket-memory-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t 947 nov. 1 19:11 unknown-error-trigger
Signed-off-by: Corentin LABBE <clabbe.montjoie <AT> gmail.com>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/corecommands.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 550f87047..1c3ce84e0 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -54,7 +54,7 @@ ifdef(`distro_redhat',`
/etc/mail/make -- gen_context(system_u:object_r:bin_t,s0)
-/etc/mcelog/.*-error-trigger -- gen_context(system_u:object_r:bin_t,s0)
+/etc/mcelog/.*-trigger -- gen_context(system_u:object_r:bin_t,s0)
/etc/mcelog/.*\.local -- gen_context(system_u:object_r:bin_t,s0)
ifdef(`distro_redhat',`
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2023-02-13 15:35 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2023-02-13 15:35 UTC (permalink / raw
To: gentoo-commits
commit: d576e9fc8214276f76f7f2a64aa277ce31798276
Author: Corentin LABBE <clabbe.montjoie <AT> gmail <DOT> com>
AuthorDate: Mon Dec 26 18:47:43 2022 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Mon Feb 13 15:19:49 2023 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d576e9fc
munin: add file context for common functions file
Some Munin plugins need to read the plugin.sh file providing common functions.
Signed-off-by: Corentin LABBE <clabbe.montjoie <AT> gmail.com>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/files.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 0c2de4bba..b22d97997 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -214,6 +214,8 @@ ifdef(`distro_gentoo',`
/usr/share/maven-bin-[^/]*/bin/m2\.conf -- gen_context(system_u:object_r:usr_t,s0)
')
+/usr/share/munin/plugins/plugin\.sh -- gen_context(system_u:object_r:usr_t,s0)
+
/usr/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
/usr/tmp/.* <<none>>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-11-02 14:42 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2022-11-02 14:42 UTC (permalink / raw
To: gentoo-commits
commit: 1ebe9e63c80eeabc60fbbbf21343db4d496f6186
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Sat Sep 24 04:24:11 2022 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Wed Nov 2 14:07:11 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1ebe9e63
corenet: add portcon for glusterfs
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 077aacf0e..749d9bace 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -149,6 +149,7 @@ network_port(gdomap, tcp,538,s0, udp,538,s0)
network_port(gds_db, tcp,3050,s0, udp,3050,s0)
network_port(git, tcp,9418,s0, udp,9418,s0)
network_port(glance_registry, tcp,9191,s0, udp,9191,s0)
+network_port(glusterd, tcp,24007,s0, tcp,24009,s0)
network_port(gopher, tcp,70,s0, udp,70,s0)
network_port(gpsd, tcp,2947,s0)
network_port(hadoop_datanode, tcp,50010,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-11-02 14:42 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2022-11-02 14:42 UTC (permalink / raw
To: gentoo-commits
commit: 2691ab991317ef15b9fbba6394c678aed2e3d758
Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Tue Sep 20 14:59:19 2022 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Wed Nov 2 14:07:00 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2691ab99
Drop audit_access allows.
This permission is only used for auditing purposes. It is a no-op for allows.
Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/devices.te | 6 +++---
policy/modules/kernel/files.te | 14 +++++++-------
policy/modules/kernel/filesystem.te | 14 +++++++-------
policy/modules/kernel/kernel.te | 24 ++++++++++++------------
policy/modules/kernel/storage.te | 4 ++--
5 files changed, 31 insertions(+), 31 deletions(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 49718cc26..5e2c77cbb 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -434,6 +434,6 @@ files_associate_tmp(device_node)
#
allow devices_unconfined_type self:capability sys_rawio;
-allow devices_unconfined_type device_node:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton audit_access execmod watch };
-allow devices_unconfined_type device_node:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton execmod audit_access watch };
-allow devices_unconfined_type mtrr_device_t:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton entrypoint execmod audit_access watch };
+allow devices_unconfined_type device_node:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton execmod watch };
+allow devices_unconfined_type device_node:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton execmod watch };
+allow devices_unconfined_type mtrr_device_t:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton entrypoint execmod watch };
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 2691a8611..e8fe42214 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -227,13 +227,13 @@ fs_associate_tmpfs(tmpfsfile)
#
# Create/access any file in a labeled filesystem;
-allow files_unconfined_type file_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton audit_access watch };
-allow files_unconfined_type file_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open audit_access execmod watch };
-allow files_unconfined_type file_type:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton audit_access execmod watch };
-allow files_unconfined_type file_type:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton audit_access execmod watch };
-allow files_unconfined_type file_type:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton audit_access execmod watch };
-allow files_unconfined_type file_type:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton audit_access watch };
-allow files_unconfined_type file_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton add_name remove_name reparent search rmdir audit_access execmod watch };
+allow files_unconfined_type file_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton watch };
+allow files_unconfined_type file_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open execmod watch };
+allow files_unconfined_type file_type:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton execmod watch };
+allow files_unconfined_type file_type:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton execmod watch };
+allow files_unconfined_type file_type:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton execmod watch };
+allow files_unconfined_type file_type:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton watch };
+allow files_unconfined_type file_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton add_name remove_name reparent search rmdir execmod watch };
# Mount/unmount any filesystem with the context= option.
allow files_unconfined_type file_type:filesystem { mount remount unmount getattr relabelfrom relabelto associate quotamod quotaget watch };
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 810bdaaa0..b3fd4abf8 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -339,13 +339,13 @@ allow filesystem_unconfined_type filesystem_type:filesystem { mount remount unmo
# Create/access other files. fs_type is to pick up various
# pseudo filesystem types that are applied to both the filesystem
# and its files.
-allow filesystem_unconfined_type filesystem_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton entrypoint audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton audit_access execmod watch };
-allow filesystem_unconfined_type filesystem_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton add_name remove_name reparent search rmdir audit_access execmod watch };
+allow filesystem_unconfined_type filesystem_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton entrypoint execmod watch };
+allow filesystem_unconfined_type filesystem_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open execmod watch };
+allow filesystem_unconfined_type filesystem_type:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton execmod watch };
+allow filesystem_unconfined_type filesystem_type:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton execmod watch };
+allow filesystem_unconfined_type filesystem_type:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton execmod watch };
+allow filesystem_unconfined_type filesystem_type:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton execmod watch };
+allow filesystem_unconfined_type filesystem_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton add_name remove_name reparent search rmdir execmod watch };
ifdef(`distro_gentoo',`
# Fix bug 535986 - Mark configfs_t as file type (and mountpoint probably as well)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index b4e5bdc0b..d44d07d16 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -548,22 +548,22 @@ if(secure_mode_insmod) {
# Rules for unconfined access to this module
#
-allow kern_unconfined proc_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton audit_access execmod watch };
-allow kern_unconfined proc_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open audit_access execmod watch };
-allow kern_unconfined proc_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton audit_access watch };
+allow kern_unconfined proc_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton execmod watch };
+allow kern_unconfined proc_type:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open execmod watch };
+allow kern_unconfined proc_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton watch };
-allow kern_unconfined sysctl_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton audit_access execmod watch };
-allow kern_unconfined sysctl_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton audit_access watch };
+allow kern_unconfined sysctl_type:dir { manage_dir_perms relabel_dir_perms append map execute quotaon mounton execmod watch };
+allow kern_unconfined sysctl_type:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton watch };
allow kern_unconfined kernel_t:system { ipc_info syslog_read syslog_mod syslog_console module_request module_load halt reboot status start stop enable disable reload };
-allow kern_unconfined unlabeled_t:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton audit_access watch };
-allow kern_unconfined unlabeled_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open audit_access execmod watch };
-allow kern_unconfined unlabeled_t:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton audit_access execmod watch };
-allow kern_unconfined unlabeled_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton audit_access execmod watch };
-allow kern_unconfined unlabeled_t:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton audit_access execmod watch };
-allow kern_unconfined unlabeled_t:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton audit_access watch };
-allow kern_unconfined unlabeled_t:dir { manage_dir_perms relabelfrom relabelto append map execute quotaon mounton add_name remove_name reparent search rmdir audit_access execmod watch };
+allow kern_unconfined unlabeled_t:file { manage_file_perms relabel_file_perms exec_file_perms quotaon mounton watch };
+allow kern_unconfined unlabeled_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms append map execute quotaon mounton open execmod watch };
+allow kern_unconfined unlabeled_t:sock_file { manage_sock_file_perms relabel_sock_file_perms map execute quotaon mounton execmod watch };
+allow kern_unconfined unlabeled_t:fifo_file { manage_fifo_file_perms relabel_fifo_file_perms map execute quotaon mounton execmod watch };
+allow kern_unconfined unlabeled_t:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton execmod watch };
+allow kern_unconfined unlabeled_t:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton watch };
+allow kern_unconfined unlabeled_t:dir { manage_dir_perms relabelfrom relabelto append map execute quotaon mounton add_name remove_name reparent search rmdir execmod watch };
allow kern_unconfined unlabeled_t:filesystem { mount remount unmount getattr relabelfrom relabelto associate quotamod quotaget watch };
allow kern_unconfined unlabeled_t:association { sendto recvfrom setcontext polmatch };
allow kern_unconfined unlabeled_t:packet { send recv relabelto forward_in forward_out };
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index dfe1a1663..7d30dc450 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -59,5 +59,5 @@ dev_node(tape_device_t)
# Unconfined access to this module
#
-allow storage_unconfined_type { fixed_disk_device_t removable_device_t }:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton audit_access execmod };
-allow storage_unconfined_type { scsi_generic_device_t tape_device_t }:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton execmod audit_access };
+allow storage_unconfined_type { fixed_disk_device_t removable_device_t }:blk_file { manage_blk_file_perms relabel_blk_file_perms map execute quotaon mounton execmod };
+allow storage_unconfined_type { scsi_generic_device_t tape_device_t }:chr_file { manage_chr_file_perms relabel_chr_file_perms map execute quotaon mounton execmod };
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-11-02 14:42 Kenton Groombridge
0 siblings, 0 replies; 268+ messages in thread
From: Kenton Groombridge @ 2022-11-02 14:42 UTC (permalink / raw
To: gentoo-commits
commit: ba34639d0cd5e156d5a9a21f853703a09a68b1d2
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Sat Sep 24 04:00:28 2022 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Wed Nov 2 14:07:05 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ba34639d
devices: add interface to rw infiniband devices
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/kernel/devices.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index ba652e81e..5ef1833c6 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -2404,6 +2404,24 @@ interface(`dev_rw_hyperv_vss',`
rw_chr_files_pattern($1, device_t, hyperv_vss_device_t)
')
+########################################
+## <summary>
+## Allow read/write access to InfiniBand devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_rw_infiniband',`
+ gen_require(`
+ type device_t, infiniband_device_t;
+ ')
+
+ rw_chr_files_pattern($1, device_t, infiniband_device_t)
+')
+
########################################
## <summary>
## Read the kernel messages
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-09-03 19:54 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2022-09-03 19:54 UTC (permalink / raw
To: gentoo-commits
commit: 892145a3471364d8e677878406a7884e6557ec2d
Author: Daniel Burgener <dburgener <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Tue Jul 19 21:47:43 2022 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Sep 3 18:41:55 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=892145a3
Drop explicit calls to seutil and kernel module interfaces in broad files interfaces
Historically, these calls were needed because the interfaces provided an
attribute used to check various assertions. However, that attribute was
dropped in 2005 with commit 15fefa4.
Keeping these calls in prevents removing these permissions from a call
to files_manage_all_files() with the $2 argument.
Signed-off-by: Daniel Burgener <dburgener <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/files.if | 8 --------
1 file changed, 8 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 6a082670..fb27ed18 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1239,10 +1239,6 @@ interface(`files_manage_all_files',`
manage_lnk_files_pattern($1, { file_type $2 }, { file_type $2 })
manage_fifo_files_pattern($1, { file_type $2 }, { file_type $2 })
manage_sock_files_pattern($1, { file_type $2 }, { file_type $2 })
-
- # satisfy the assertions:
- seutil_create_bin_policy($1)
- files_manage_kernel_modules($1)
')
########################################
@@ -1513,10 +1509,6 @@ interface(`files_manage_non_auth_files',`
manage_lnk_files_pattern($1, non_auth_file_type, non_auth_file_type)
manage_fifo_files_pattern($1, non_auth_file_type, non_auth_file_type)
manage_sock_files_pattern($1, non_auth_file_type, non_auth_file_type)
-
- # satisfy the assertions:
- seutil_create_bin_policy($1)
- files_manage_kernel_modules($1)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-02-07 2:14 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2022-02-07 2:14 UTC (permalink / raw
To: gentoo-commits
commit: 5ee13c254c0451f054558a0f22da48377311c551
Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Tue Feb 1 14:27:06 2022 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Feb 7 02:09:50 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5ee13c25
domain: Allow lockdown for all domains.
The checks for this class were removed in 5.16. This object
class will be removed in the future.
For more info:
https://lore.kernel.org/selinux/163243191040.178880.4295195865966623164.stgit@olly
Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/domain.te | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index 00cea380..2eff1d34 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -103,6 +103,11 @@ kernel_dontaudit_link_key(domain)
# create child processes in the domain
allow domain self:process { fork sigchld };
+# lockdown checks were removed in 5.16. The class will be removed
+# from the policy in the future. For reference:
+# https://lore.kernel.org/selinux/163243191040.178880.4295195865966623164.stgit@olly
+allow domain self:lockdown { integrity confidentiality };
+
# glibc get_nprocs requires read access to /sys/devices/system/cpu/online
dev_read_cpu_online(domain)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2022-01-30 1:22 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2022-01-30 1:22 UTC (permalink / raw
To: gentoo-commits
commit: fccd438443de08a9d13f8795297efc63f0e6cd19
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Thu Dec 2 18:32:04 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 30 01:12:42 2022 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=fccd4384
kernel: add filetrans interface for unlabeled dirs
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/kernel.if | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 30aca9ae..4cd35959 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2911,6 +2911,40 @@ interface(`kernel_dontaudit_read_unlabeled_files',`
dontaudit $1 unlabeled_t:file { getattr read };
')
+########################################
+## <summary>
+## Create an object in unlabeled directories
+## with a private type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <param name="private type">
+## <summary>
+## The type of the object to be created.
+## </summary>
+## </param>
+## <param name="object">
+## <summary>
+## The object class of the object being created.
+## </summary>
+## </param>
+## <param name="name" optional="true">
+## <summary>
+## The name of the object being created.
+## </summary>
+## </param>
+#
+interface(`kernel_unlabeled_filetrans',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ filetrans_pattern($1, unlabeled_t, $2, $3, $4)
+')
+
########################################
## <summary>
## Delete unlabeled symbolic links.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-21 23:02 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-21 23:02 UTC (permalink / raw
To: gentoo-commits
commit: 6b169e5b3fea0ec900448db18586475269f21612
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 20 22:44:53 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 21 22:38:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=6b169e5b
selinux: Add map perms
Lots of libselinux functions now map /sys/fs/selinux/status so add map
perms to other interfaces as well.
$ passwd user1
passwd: avc.c:73: avc_context_to_sid_raw: Assertion `avc_running'
failed.
Aborted
avc: denied { map } for pid=325 comm="passwd"
path="/sys/fs/selinux/status" dev="selinuxfs" ino=19 scontext=root:
sysadm_r:passwd_t tcontext=system_u:object_r:security_t tclass=file
permissive=1
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 18 +++++++++---------
policy/modules/kernel/selinux.te | 8 ++++----
2 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 13aa1e05..cb610c44 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -295,7 +295,7 @@ interface(`selinux_get_enforce_mode',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file read_file_perms;
+ allow $1 security_t:file mmap_read_file_perms;
')
########################################
@@ -363,7 +363,7 @@ interface(`selinux_read_policy',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file read_file_perms;
+ allow $1 security_t:file mmap_read_file_perms;
allow $1 security_t:security read_policy;
')
@@ -533,7 +533,7 @@ interface(`selinux_validate_context',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security check_context;
')
@@ -554,7 +554,7 @@ interface(`selinux_dontaudit_validate_context',`
')
dontaudit $1 security_t:dir list_dir_perms;
- dontaudit $1 security_t:file rw_file_perms;
+ dontaudit $1 security_t:file mmap_rw_file_perms;
dontaudit $1 security_t:security check_context;
')
@@ -577,7 +577,7 @@ interface(`selinux_compute_access_vector',`
dev_search_sysfs($1)
allow $1 self:netlink_selinux_socket create_socket_perms;
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security compute_av;
')
@@ -599,7 +599,7 @@ interface(`selinux_compute_create_context',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security compute_create;
')
@@ -621,7 +621,7 @@ interface(`selinux_compute_member',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security compute_member;
')
@@ -651,7 +651,7 @@ interface(`selinux_compute_relabel_context',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security compute_relabel;
')
@@ -672,7 +672,7 @@ interface(`selinux_compute_user_contexts',`
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file mmap_rw_file_perms;
allow $1 security_t:security compute_user;
')
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 0726fc44..707517e5 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -53,7 +53,7 @@ genfscon securityfs / gen_context(system_u:object_r:security_t,s0)
neverallow ~{ selinux_unconfined_type can_setenforce } security_t:security setenforce;
allow can_setenforce security_t:dir list_dir_perms;
-allow can_setenforce security_t:file rw_file_perms;
+allow can_setenforce security_t:file mmap_rw_file_perms;
dev_search_sysfs(can_setenforce)
@@ -71,7 +71,7 @@ if(secure_mode_policyload) {
neverallow ~{ selinux_unconfined_type can_load_policy } security_t:security load_policy;
allow can_load_policy security_t:dir list_dir_perms;
-allow can_load_policy security_t:file rw_file_perms;
+allow can_load_policy security_t:file mmap_rw_file_perms;
dev_search_sysfs(can_load_policy)
@@ -89,7 +89,7 @@ if(secure_mode_policyload) {
neverallow ~{ selinux_unconfined_type can_setsecparam } security_t:security setsecparam;
allow can_setsecparam security_t:dir list_dir_perms;
-allow can_setsecparam security_t:file rw_file_perms;
+allow can_setsecparam security_t:file mmap_rw_file_perms;
allow can_setsecparam security_t:security setsecparam;
auditallow can_setsecparam security_t:security setsecparam;
@@ -102,7 +102,7 @@ dev_search_sysfs(can_setsecparam)
# use SELinuxfs
allow selinux_unconfined_type security_t:dir list_dir_perms;
-allow selinux_unconfined_type security_t:file rw_file_perms;
+allow selinux_unconfined_type security_t:file mmap_rw_file_perms;
allow selinux_unconfined_type boolean_type:file read_file_perms;
# Access the security API.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-21 19:33 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-21 19:33 UTC (permalink / raw
To: gentoo-commits
commit: 0d8e0e0ca09e015b84f3bcfd371d0f3ba3818eec
Author: Jonathan Davies <jpds <AT> protonmail <DOT> com>
AuthorDate: Sun Nov 21 09:39:33 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 21 19:21:13 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0d8e0e0c
corecommands.if: Added corecmd_manage_bin_symlinks().
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/corecommands.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
index b20809ef..e5633704 100644
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@@ -333,6 +333,25 @@ interface(`corecmd_manage_bin_files',`
manage_files_pattern($1, bin_t, bin_t)
')
+########################################
+## <summary>
+## Manage symlinks for bin files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corecmd_manage_bin_symlinks',`
+ gen_require(`
+ type bin_t;
+ ')
+
+ corecmd_search_bin($1)
+ manage_lnk_files_pattern($1, bin_t, bin_t)
+')
+
########################################
## <summary>
## Relabel to and from the bin type.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-21 3:00 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-21 3:00 UTC (permalink / raw
To: gentoo-commits
commit: d153318cce412ac7ca5bebf1c80a675e33b2065f
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Wed Oct 13 17:38:09 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Nov 20 22:58:24 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d153318c
corenet: make netlabel_peer_t mcs constrained
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 2ab19f55..9deaa2ed 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -53,6 +53,7 @@ network_packet_simple(icmp)
#
type netlabel_peer_t;
sid netmsg gen_context(system_u:object_r:netlabel_peer_t,mls_systemhigh)
+mcs_constrained(netlabel_peer_t)
#
# port_t is the default type of INET port numbers.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-11 21:27 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-11 21:27 UTC (permalink / raw
To: gentoo-commits
commit: 419815b880c47346496b204e90499ace61984606
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Mon Nov 1 17:01:43 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Nov 11 21:26:50 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=419815b8
devices: make usbfs pseudofs instead of noxattrfs
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 56783d53..5a06ea82 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -306,7 +306,7 @@ dev_node(urandom_device_t)
#
type usbfs_t;
files_mountpoint(usbfs_t)
-fs_noxattr_type(usbfs_t)
+fs_pseudo_type(usbfs_t)
genfscon usbfs / gen_context(system_u:object_r:usbfs_t,s0)
genfscon usbdevfs / gen_context(system_u:object_r:usbfs_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-11 21:27 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-11 21:27 UTC (permalink / raw
To: gentoo-commits
commit: c428d96914b347500d42a2e959950845d52512e6
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Mon Nov 1 17:01:20 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Nov 11 21:26:50 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c428d969
fs: add pseudofs attribute and interfaces
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/filesystem.if | 21 +++++++++++++++++++++
policy/modules/kernel/filesystem.te | 3 ++-
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 22759baa..1c7beefd 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -43,6 +43,27 @@ interface(`fs_noxattr_type',`
typeattribute $1 noxattrfs;
')
+########################################
+## <summary>
+## Transform specified type into a filesystem
+## type which is a pseudo filesystem.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_pseudo_type',`
+ gen_require(`
+ attribute pseudofs;
+ ')
+
+ fs_type($1)
+
+ typeattribute $1 pseudofs;
+')
+
########################################
## <summary>
## Transform specified type into a filesystem
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 81a32650..ddd10c2a 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -9,6 +9,7 @@ attribute filesystem_image_file_type;
attribute filesystem_type;
attribute filesystem_unconfined_type;
attribute noxattrfs;
+attribute pseudofs;
attribute xattrfs;
##############################
@@ -104,7 +105,7 @@ files_mountpoint(ecryptfs_t)
genfscon ecryptfs / gen_context(system_u:object_r:ecryptfs_t,s0)
type efivarfs_t;
-fs_noxattr_type(efivarfs_t)
+fs_pseudo_type(efivarfs_t)
files_mountpoint(efivarfs_t)
genfscon efivarfs / gen_context(system_u:object_r:efivarfs_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-11-11 21:27 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-11-11 21:27 UTC (permalink / raw
To: gentoo-commits
commit: c3d38164d58c31023e6277a742708e11ee537ec7
Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com>
AuthorDate: Wed Oct 27 19:18:27 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Nov 11 21:26:50 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c3d38164
filesystem: add fs_use_trans for ramfs
Enable extended attributes for inodes on ramfs filesystems, similar to
tmpfs filesystems.
For example systemd uses ramfs for service credentials[1], and xattr
support is needed for per service based labeling[2].
[1]: https://www.freedesktop.org/software/systemd/man/systemd-creds.html
[2]: https://github.com/systemd/systemd/pull/21158
Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/filesystem.te | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index b12c65b8..81a32650 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -156,9 +156,9 @@ dev_associate_sysfs(pstore_t)
genfscon pstore / gen_context(system_u:object_r:pstore_t,s0)
type ramfs_t;
-fs_type(ramfs_t)
+fs_xattr_type(ramfs_t)
files_mountpoint(ramfs_t)
-genfscon ramfs / gen_context(system_u:object_r:ramfs_t,s0)
+fs_use_trans ramfs gen_context(system_u:object_r:ramfs_t,s0);
type romfs_t;
fs_type(romfs_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-09-05 16:00 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-09-05 16:00 UTC (permalink / raw
To: gentoo-commits
commit: 2ecd4fac78c9825154992be76dd941c2386deff4
Author: Jonathan Davies <jpds <AT> protonmail <DOT> com>
AuthorDate: Tue Jul 6 14:52:27 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 5 14:26:44 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2ecd4fac
devices.fc: Added missing Xen character files.
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/devices.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index a167126d..bd08f81d 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -198,8 +198,10 @@ ifdef(`distro_suse', `
/dev/xen/evtchn -c gen_context(system_u:object_r:xen_device_t,s0)
/dev/xen/gntdev -c gen_context(system_u:object_r:xen_device_t,s0)
/dev/xen/gntalloc -c gen_context(system_u:object_r:xen_device_t,s0)
+/dev/xen/hypercall -c gen_context(system_u:object_r:xen_device_t,s0)
/dev/xen/privcmd -c gen_context(system_u:object_r:xen_device_t,s0)
/dev/xen/xenbus -c gen_context(system_u:object_r:xen_device_t,s0)
+/dev/xen/xenbus_backend -c gen_context(system_u:object_r:xen_device_t,s0)
ifdef(`distro_debian',`
# this is a static /dev dir "backup mount"
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-09-05 16:00 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-09-05 16:00 UTC (permalink / raw
To: gentoo-commits
commit: c2cd4a6f79b4949857e4a4bd68bef6ea1496a255
Author: Markus Linnala <Markus.Linnala <AT> cybercom <DOT> com>
AuthorDate: Tue Jun 29 12:32:56 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 5 14:26:44 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c2cd4a6f
policy: files: files_get_etc_unit_status/files_{start,stop}_etc_service: fix require
Signed-off-by: Markus Linnala <Markus.Linnala <AT> cybercom.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/files.if | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 83f8b3f4..f772bfe8 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -3228,6 +3228,7 @@ interface(`files_exec_etc_files',`
interface(`files_get_etc_unit_status',`
gen_require(`
type etc_t;
+ class service status;
')
allow $1 etc_t:service status;
@@ -3246,6 +3247,7 @@ interface(`files_get_etc_unit_status',`
interface(`files_start_etc_service',`
gen_require(`
type etc_t;
+ class service start;
')
allow $1 etc_t:service start;
@@ -3264,6 +3266,7 @@ interface(`files_start_etc_service',`
interface(`files_stop_etc_service',`
gen_require(`
type etc_t;
+ class service stop;
')
allow $1 etc_t:service stop;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-04-03 3:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-04-03 3:10 UTC (permalink / raw
To: gentoo-commits
commit: 611eb9925f729ca91ddadfefa48fd0c0c39c24d9
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sat Mar 27 18:21:06 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Apr 2 18:54:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=611eb992
files, kernel, selinux: Module version bump.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/files.te | 2 +-
policy/modules/kernel/kernel.te | 2 +-
policy/modules/kernel/selinux.te | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index d97425eb..ff8f849a 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.30.1)
+policy_module(files, 1.30.2)
########################################
#
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 2bd3f924..ea8196b6 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.29.1)
+policy_module(kernel, 1.29.2)
########################################
#
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index ffe86460..a9efb73b 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -1,4 +1,4 @@
-policy_module(selinux, 1.18.1)
+policy_module(selinux, 1.18.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-04-03 3:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-04-03 3:10 UTC (permalink / raw
To: gentoo-commits
commit: c4d506d919d9584fb61e3ebfce7ee718eb866b27
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 19 19:50:06 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Apr 2 18:54:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c4d506d9
kernel: Add dontaudits when secure_mode_insmod is enabled.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/files.if | 19 +++++++++++++++++++
policy/modules/kernel/kernel.te | 15 ++++++++++++++-
2 files changed, 33 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 0687a435..349b8696 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -4369,6 +4369,25 @@ interface(`files_load_kernel_modules',`
allow $1 modules_object_t:system module_load;
')
+########################################
+## <summary>
+## Load kernel module files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_load_kernel_modules',`
+ gen_require(`
+ type modules_object_t;
+ ')
+
+ dontaudit $1 modules_object_t:file read_file_perms;
+ dontaudit $1 modules_object_t:system module_load;
+')
+
########################################
## <summary>
## List world-readable directories.
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index c44f49ed..2bd3f924 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -497,7 +497,20 @@ optional_policy(`
# Kernel module loading policy
#
-if( ! secure_mode_insmod ) {
+if(secure_mode_insmod) {
+ dontaudit can_load_kernmodule self:capability sys_module;
+ dontaudit can_load_kernmodule self:system module_load;
+
+ files_dontaudit_load_kernel_modules(can_load_kernmodule)
+
+ # load_module() calls stop_machine() which
+ # calls sched_setscheduler()
+ # gt: there seems to be no trace of the above, at
+ # least in kernel versions greater than 2.6.37...
+ dontaudit can_load_kernmodule self:capability sys_nice;
+ dontaudit can_load_kernmodule kernel_t:process setsched;
+ dontaudit can_load_kernmodule kernel_t:key search;
+} else {
allow can_load_kernmodule self:capability sys_module;
allow can_load_kernmodule self:system module_load;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-04-03 3:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-04-03 3:10 UTC (permalink / raw
To: gentoo-commits
commit: e9c469300bd10185540b0698ed074a98d86f4672
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 19 19:03:47 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Apr 2 18:54:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e9c46930
selinux: Change generic Boolean type to boolean_t.
This will prevent other security_t writers from setting Boolean pending
values, which could be activated unwittingly by setbool processes.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 7 ++++---
policy/modules/kernel/selinux.te | 5 ++++-
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 21d22ded..f8fcba98 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -391,17 +391,17 @@ interface(`selinux_read_policy',`
#
interface(`selinux_set_generic_booleans',`
gen_require(`
- type security_t;
+ type boolean_t, security_t;
bool secure_mode_setbool;
')
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file read_file_perms;
+ allow $1 boolean_t:file read_file_perms;
if(!secure_mode_setbool) {
- allow $1 security_t:file write_file_perms;
+ allow $1 { boolean_t security_t }:file write_file_perms;
allow $1 security_t:security setbool;
}
')
@@ -443,6 +443,7 @@ interface(`selinux_set_all_booleans',`
if (!secure_mode_setbool) {
allow $1 security_t:security setbool;
+ allow $1 security_t:file write_file_perms;
allow $1 { boolean_type -secure_mode_policyload_t }:file write_file_perms;
}
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 71147210..5bca43d3 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -26,6 +26,9 @@ attribute can_setenforce;
attribute can_setsecparam;
attribute selinux_unconfined_type;
+type boolean_t, boolean_type;
+genfscon selinuxfs /booleans/ -- gen_context(system_u:object_r:boolean_t,s0)
+
type secure_mode_policyload_t;
selinux_labeled_boolean(secure_mode_policyload_t, secure_mode_policyload)
@@ -34,7 +37,7 @@ selinux_labeled_boolean(secure_mode_policyload_t, secure_mode_policyload)
# the permissions in the security class. It is also
# applied to selinuxfs inodes.
#
-type security_t, boolean_type;
+type security_t;
files_mountpoint(security_t)
fs_type(security_t)
mls_trusted_object(security_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-04-03 3:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-04-03 3:10 UTC (permalink / raw
To: gentoo-commits
commit: 190cf9a6768816df3af34f6e991c5768da97c759
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 19 19:39:38 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Apr 2 18:54:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=190cf9a6
selinux: Add dontaudits when secure mode Booleans are enabled.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 13 +++++++++++--
policy/modules/kernel/selinux.te | 20 ++++++++++++++++----
2 files changed, 27 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 1a750a62..8225d499 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -400,7 +400,10 @@ interface(`selinux_set_generic_booleans',`
allow $1 security_t:dir list_dir_perms;
allow $1 boolean_t:file read_file_perms;
- if(!secure_mode_setbool) {
+ if(secure_mode_setbool) {
+ dontaudit $1 { boolean_t security_t }:file write_file_perms;
+ dontaudit $1 security_t:security setbool;
+ } else {
allow $1 { boolean_t security_t }:file write_file_perms;
allow $1 security_t:security setbool;
}
@@ -441,7 +444,11 @@ interface(`selinux_set_all_booleans',`
allow $1 boolean_type:file read_file_perms;
allow $1 secure_mode_policyload_t:file read_file_perms;
- if (!secure_mode_setbool) {
+ if (secure_mode_setbool) {
+ dontaudit $1 security_t:security setbool;
+ dontaudit $1 security_t:file write_file_perms;
+ dontaudit $1 { boolean_type -secure_mode_policyload_t }:file write_file_perms;
+ } else {
allow $1 security_t:security setbool;
allow $1 security_t:file write_file_perms;
allow $1 { boolean_type -secure_mode_policyload_t }:file write_file_perms;
@@ -449,6 +456,8 @@ interface(`selinux_set_all_booleans',`
if(!secure_mode_policyload && !secure_mode_setbool) {
allow $1 secure_mode_policyload_t:file write_file_perms;
+ } else {
+ dontaudit $1 secure_mode_policyload_t:file write_file_perms;
}
')
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 5bca43d3..ffe86460 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -57,7 +57,9 @@ allow can_setenforce security_t:file rw_file_perms;
dev_search_sysfs(can_setenforce)
-if(!secure_mode_policyload) {
+if(secure_mode_policyload) {
+ dontaudit can_setenforce security_t:security setenforce;
+} else {
allow can_setenforce security_t:security setenforce;
}
@@ -73,7 +75,9 @@ allow can_load_policy security_t:file rw_file_perms;
dev_search_sysfs(can_load_policy)
-if(!secure_mode_policyload) {
+if(secure_mode_policyload) {
+ dontaudit can_load_policy security_t:security load_policy;
+} else {
allow can_load_policy security_t:security load_policy;
}
@@ -104,18 +108,26 @@ allow selinux_unconfined_type boolean_type:file read_file_perms;
# Access the security API.
allow selinux_unconfined_type security_t:security { compute_av compute_create compute_member check_context compute_relabel compute_user setsecparam setcheckreqprot read_policy validate_trans };
-if (!secure_mode_policyload) {
+if (secure_mode_policyload) {
+ dontaudit selinux_unconfined_type security_t:security { load_policy setenforce };
+} else {
allow selinux_unconfined_type security_t:security { load_policy setenforce };
}
-if (!secure_mode_setbool) {
+if (secure_mode_setbool) {
+ dontaudit selinux_unconfined_type security_t:security setbool;
+} else {
allow selinux_unconfined_type security_t:security setbool;
}
if (secure_mode_policyload && !secure_mode_setbool) {
allow selinux_unconfined_type { boolean_type -secure_mode_policyload_t }:file write_file_perms;
+} else {
+ dontaudit selinux_unconfined_type { boolean_type -secure_mode_policyload_t }:file write_file_perms;
}
if (!secure_mode_policyload && !secure_mode_setbool) {
allow selinux_unconfined_type boolean_type:file write_file_perms;
+} else {
+ dontaudit selinux_unconfined_type boolean_type:file write_file_perms;
}
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-04-03 3:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-04-03 3:10 UTC (permalink / raw
To: gentoo-commits
commit: b5550e17809acca324fa926671fad42be7aa5f73
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 19 19:04:12 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Apr 2 18:54:58 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b5550e17
selinux: Set regular file for labeled Booleans genfscons.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index f8fcba98..1a750a62 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -40,7 +40,7 @@ interface(`selinux_labeled_boolean',`
# because of this statement, any module which
# calls this interface must be in the base module:
- genfscon selinuxfs /booleans/$2 gen_context(system_u:object_r:$1,s0)
+ genfscon selinuxfs /booleans/$2 -- gen_context(system_u:object_r:$1,s0)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-03-21 22:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-03-21 22:10 UTC (permalink / raw
To: gentoo-commits
commit: c12534ce37ed704aa6b0058c96e9c84ceb769653
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 12 14:57:36 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Mar 21 21:38:23 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c12534ce
selinux: Module version bump.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index a1b4ae3e..71147210 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -1,4 +1,4 @@
-policy_module(selinux, 1.18.0)
+policy_module(selinux, 1.18.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-03-21 22:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-03-21 22:10 UTC (permalink / raw
To: gentoo-commits
commit: 0458f4e2ec20f27f0cdc6a29c91e62bb65865075
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Mar 5 21:06:44 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Mar 21 21:38:23 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0458f4e2
selinux: Add a secure_mode_setbool Boolean.
Enabling this will disable all permissions for setting SELinux Booleans,
even for unconfined domains.
This does not affect setenforce. Enable secure_mode_policyload along with
secure_mode_setbool to fully lock the SELinux security interface.
Signed-off-by: Chris PeBenito <pebenito <AT> ieee.org>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 19 +++++++++++++------
policy/modules/kernel/selinux.te | 30 +++++++++++++++++++++++-------
2 files changed, 36 insertions(+), 13 deletions(-)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 43eebcd0..21d22ded 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -392,14 +392,18 @@ interface(`selinux_read_policy',`
interface(`selinux_set_generic_booleans',`
gen_require(`
type security_t;
+ bool secure_mode_setbool;
')
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 security_t:file rw_file_perms;
+ allow $1 security_t:file read_file_perms;
- allow $1 security_t:security setbool;
+ if(!secure_mode_setbool) {
+ allow $1 security_t:file write_file_perms;
+ allow $1 security_t:security setbool;
+ }
')
########################################
@@ -428,18 +432,21 @@ interface(`selinux_set_all_booleans',`
gen_require(`
type security_t, secure_mode_policyload_t;
attribute boolean_type;
- bool secure_mode_policyload;
+ bool secure_mode_policyload, secure_mode_setbool;
')
dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
- allow $1 { boolean_type -secure_mode_policyload_t }:file rw_file_perms;
+ allow $1 boolean_type:file read_file_perms;
allow $1 secure_mode_policyload_t:file read_file_perms;
- allow $1 security_t:security setbool;
+ if (!secure_mode_setbool) {
+ allow $1 security_t:security setbool;
+ allow $1 { boolean_type -secure_mode_policyload_t }:file write_file_perms;
+ }
- if(!secure_mode_policyload) {
+ if(!secure_mode_policyload && !secure_mode_setbool) {
allow $1 secure_mode_policyload_t:file write_file_perms;
}
')
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 3e4f2000..a1b4ae3e 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -7,13 +7,19 @@ policy_module(selinux, 1.18.0)
## <desc>
## <p>
-## Boolean to determine whether the system permits loading policy, setting
-## enforcing mode, and changing boolean values. Set this to true and you
-## have to reboot to set it back.
+## Boolean to determine whether the system permits loading policy, and setting
+## enforcing mode. Set this to true and you have to reboot to set it back.
## </p>
## </desc>
gen_bool(secure_mode_policyload,false)
+## <desc>
+## <p>
+## Boolean to determine whether the system permits setting Booelan values.
+## </p>
+## </desc>
+gen_bool(secure_mode_setbool,false)
+
attribute boolean_type;
attribute can_load_policy;
attribute can_setenforce;
@@ -91,12 +97,22 @@ dev_search_sysfs(can_setsecparam)
allow selinux_unconfined_type security_t:dir list_dir_perms;
allow selinux_unconfined_type security_t:file rw_file_perms;
allow selinux_unconfined_type boolean_type:file read_file_perms;
-allow selinux_unconfined_type { boolean_type -secure_mode_policyload_t }:file write_file_perms;
# Access the security API.
-allow selinux_unconfined_type security_t:security { compute_av compute_create compute_member check_context compute_relabel compute_user setbool setsecparam setcheckreqprot read_policy validate_trans };
+allow selinux_unconfined_type security_t:security { compute_av compute_create compute_member check_context compute_relabel compute_user setsecparam setcheckreqprot read_policy validate_trans };
-if(!secure_mode_policyload) {
+if (!secure_mode_policyload) {
allow selinux_unconfined_type security_t:security { load_policy setenforce };
- allow selinux_unconfined_type secure_mode_policyload_t:file write_file_perms;
+}
+
+if (!secure_mode_setbool) {
+ allow selinux_unconfined_type security_t:security setbool;
+}
+
+if (secure_mode_policyload && !secure_mode_setbool) {
+ allow selinux_unconfined_type { boolean_type -secure_mode_policyload_t }:file write_file_perms;
+}
+
+if (!secure_mode_policyload && !secure_mode_setbool) {
+ allow selinux_unconfined_type boolean_type:file write_file_perms;
}
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-01-11 1:27 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-01-11 1:27 UTC (permalink / raw
To: gentoo-commits
commit: d5515d5dcba81e818b43721fe0ac36dcd50315a6
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 10 23:15:56 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 10 23:15:56 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d5515d5d
Regenerate corenetwork
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/corenetwork.if | 570 ++++++++++++++++++++++++++++++++++-
policy/modules/kernel/corenetwork.te | 20 +-
2 files changed, 574 insertions(+), 16 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 9b19cea2..368ad3b7 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -1498,11 +1498,11 @@ interface(`corenet_udp_send_all_ports',`
#
interface(`corenet_sctp_bind_generic_port',`
gen_require(`
- type port_t, unreserved_port_t, ephemeral_port_t;
+ type port_t, unreserved_port_t;
attribute defined_port_type;
')
- allow $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_bind;
+ allow $1 { port_t unreserved_port_t }:sctp_socket name_bind;
dontaudit $1 defined_port_type:sctp_socket name_bind;
')
@@ -1571,10 +1571,10 @@ interface(`corenet_udp_sendrecv_all_ports',`
#
interface(`corenet_dontaudit_sctp_bind_generic_port',`
gen_require(`
- type port_t, unreserved_port_t, ephemeral_port_t;
+ type port_t, unreserved_port_t;
')
- dontaudit $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_bind;
+ dontaudit $1 { port_t unreserved_port_t }:sctp_socket name_bind;
')
########################################
@@ -1645,10 +1645,10 @@ interface(`corenet_udp_bind_all_ports',`
#
interface(`corenet_sctp_connect_generic_port',`
gen_require(`
- type port_t, unreserved_port_t,ephemeral_port_t;
+ type port_t, unreserved_port_t;
')
- allow $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_connect;
+ allow $1 { port_t unreserved_port_t }:sctp_socket name_connect;
')
########################################
@@ -2761,7 +2761,7 @@ interface(`corenet_dontaudit_raw_recvfrom_unlabeled',`
## Allow the specified domain to receive packets from an
## unlabeled connection. On machines that do not utilize
## labeled networking, this will be required on all
-## networking domains. On machines tha do utilize
+## networking domains. On machines that do utilize
## labeled networking, this will be required for any
## networking domain that is allowed to receive
## network traffic that does not have a label.
@@ -3339,13 +3339,7 @@ interface(`corenet_relabelto_all_server_packets',`
## </param>
#
interface(`corenet_sctp_recvfrom_unlabeled',`
- gen_require(`
- attribute corenet_unlabeled_type;
- ')
-
kernel_recvfrom_unlabeled_peer($1)
-
- typeattribute $1 corenet_unlabeled_type;
kernel_sendrecv_unlabeled_association($1)
')
@@ -3529,6 +3523,135 @@ interface(`corenet_unconfined',`
')
+########################################
+## <summary>
+## Send icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_icmp_packets',`
+ gen_require(`
+ type icmp_packet_t;
+ ')
+
+ allow $1 icmp_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_icmp_packets',`
+ gen_require(`
+ type icmp_packet_t;
+ ')
+
+ dontaudit $1 icmp_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_icmp_packets',`
+ gen_require(`
+ type icmp_packet_t;
+ ')
+
+ allow $1 icmp_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_icmp_packets',`
+ gen_require(`
+ type icmp_packet_t;
+ ')
+
+ dontaudit $1 icmp_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_icmp_packets',`
+ corenet_send_icmp_packets($1)
+ corenet_receive_icmp_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive icmp packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_icmp_packets',`
+ corenet_dontaudit_send_icmp_packets($1)
+ corenet_dontaudit_receive_icmp_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to icmp the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_icmp_packets',`
+ gen_require(`
+ type icmp_packet_t;
+ ')
+
+ allow $1 icmp_packet_t:packet relabelto;
+')
+
+
+
+
########################################
## <summary>
## Send and receive TCP traffic on the adb port.
@@ -9844,6 +9967,427 @@ interface(`corenet_relabelto_apertus_ldp_server_packets',`
+########################################
+## <summary>
+## Send and receive TCP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_aptcacher_port',`
+ refpolicywarn(`$0() has been deprecated, please remove.')
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_aptcacher_port',`
+ gen_require(`
+ type aptcacher_port_t;
+ ')
+
+ allow $1 aptcacher_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_aptcacher_port',`
+ gen_require(`
+ type aptcacher_port_t;
+ ')
+
+ allow $1 aptcacher_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the aptcacher port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_aptcacher_port',`
+ gen_require(`
+ type aptcacher_port_t;
+ ')
+
+ allow $1 aptcacher_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_aptcacher_client_packets',`
+ gen_require(`
+ type aptcacher_client_packet_t;
+ ')
+
+ allow $1 aptcacher_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_aptcacher_client_packets',`
+ gen_require(`
+ type aptcacher_client_packet_t;
+ ')
+
+ dontaudit $1 aptcacher_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_aptcacher_client_packets',`
+ gen_require(`
+ type aptcacher_client_packet_t;
+ ')
+
+ allow $1 aptcacher_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_aptcacher_client_packets',`
+ gen_require(`
+ type aptcacher_client_packet_t;
+ ')
+
+ dontaudit $1 aptcacher_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_aptcacher_client_packets',`
+ corenet_send_aptcacher_client_packets($1)
+ corenet_receive_aptcacher_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive aptcacher_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_aptcacher_client_packets',`
+ corenet_dontaudit_send_aptcacher_client_packets($1)
+ corenet_dontaudit_receive_aptcacher_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to aptcacher_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_aptcacher_client_packets',`
+ gen_require(`
+ type aptcacher_client_packet_t;
+ ')
+
+ allow $1 aptcacher_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_aptcacher_server_packets',`
+ gen_require(`
+ type aptcacher_server_packet_t;
+ ')
+
+ allow $1 aptcacher_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_aptcacher_server_packets',`
+ gen_require(`
+ type aptcacher_server_packet_t;
+ ')
+
+ dontaudit $1 aptcacher_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_aptcacher_server_packets',`
+ gen_require(`
+ type aptcacher_server_packet_t;
+ ')
+
+ allow $1 aptcacher_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_aptcacher_server_packets',`
+ gen_require(`
+ type aptcacher_server_packet_t;
+ ')
+
+ dontaudit $1 aptcacher_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_aptcacher_server_packets',`
+ corenet_send_aptcacher_server_packets($1)
+ corenet_receive_aptcacher_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive aptcacher_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_aptcacher_server_packets',`
+ corenet_dontaudit_send_aptcacher_server_packets($1)
+ corenet_dontaudit_receive_aptcacher_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to aptcacher_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_aptcacher_server_packets',`
+ gen_require(`
+ type aptcacher_server_packet_t;
+ ')
+
+ allow $1 aptcacher_server_packet_t:packet relabelto;
+')
+
+
+
+
########################################
## <summary>
## Send and receive TCP traffic on the armtechdaemon port.
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index d6499ceb..030df0c0 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.26.2)
+policy_module(corenetwork, 1.28.0)
########################################
#
@@ -46,6 +46,13 @@ dev_node(tun_tap_device_t)
#
type client_packet_t, packet_type, client_packet_type;
+#
+# ICMP and ICMPv6
+#
+
+type icmp_packet_t, packet_type;
+
+
#
# The netlabel_peer_t is used by the kernel's NetLabel subsystem for network
# connections using NetLabel which do not carry full SELinux contexts.
@@ -196,6 +203,13 @@ portcon tcp 539 gen_context(system_u:object_r:apertus_ldp_port_t,s0)
portcon udp 539 gen_context(system_u:object_r:apertus_ldp_port_t,s0)
+type aptcacher_port_t, port_type, defined_port_type;
+type aptcacher_client_packet_t, packet_type, client_packet_type;
+type aptcacher_server_packet_t, packet_type, server_packet_type;
+typeattribute aptcacher_port_t unreserved_port_type;
+portcon tcp 3142 gen_context(system_u:object_r:aptcacher_port_t,s0)
+
+
type armtechdaemon_port_t, port_type, defined_port_type;
type armtechdaemon_client_packet_t, packet_type, client_packet_type;
type armtechdaemon_server_packet_t, packet_type, server_packet_type;
@@ -1850,7 +1864,7 @@ type winshadow_port_t, port_type, defined_port_type;
type winshadow_client_packet_t, packet_type, client_packet_type;
type winshadow_server_packet_t, packet_type, server_packet_type;
typeattribute winshadow_port_t unreserved_port_type;
-portcon tcp 3161 gen_context(system_u:object_r:winshadow_port_t,s0)
+portcon tcp 3261 gen_context(system_u:object_r:winshadow_port_t,s0)
portcon udp 3261 gen_context(system_u:object_r:winshadow_port_t,s0)
@@ -2011,7 +2025,7 @@ sid netif gen_context(system_u:object_r:netif_t,s0 - mls_systemhigh)
ifdef(`enable_mls',`
-gen_require(`type unlabeled_t;')
+gen_require(`type unlabeled_t;') #selint-disable:S-001
type lo_netif_t, netif_type;
netifcon lo gen_context(system_u:object_r:lo_netif_t,s0 - mls_systemhigh) gen_context(system_u:object_r:unlabeled_t,s0 - mls_systemhigh)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2021-01-11 1:27 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2021-01-11 1:27 UTC (permalink / raw
To: gentoo-commits
commit: a164a2d6e18255bbc842d3cee8edb63882e9e2c2
Author: Peter Morrow <pemorrow <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Tue Dec 15 15:19:30 2020 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 10 21:52:17 2021 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a164a2d6
selinux: add selinux_get_all_booleans() interface
Allow the caller to read the state of selinuxfs booleans.
Signed-off-by: Peter Morrow <pemorrow <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/selinux.if | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index bf70d3c4..43eebcd0 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -444,6 +444,30 @@ interface(`selinux_set_all_booleans',`
}
')
+########################################
+## <summary>
+## Allow caller to get the state of all Booleans to
+## view conditional portions of the policy.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`selinux_get_all_booleans',`
+ gen_require(`
+ type security_t;
+ attribute boolean_type;
+ ')
+
+ dev_search_sysfs($1)
+
+ allow $1 security_t:dir list_dir_perms;
+ allow $1 boolean_type:file read_file_perms;
+')
+
########################################
## <summary>
## Allow caller to set SELinux access vector cache parameters.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2020-10-13 3:02 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2020-10-13 3:02 UTC (permalink / raw
To: gentoo-commits
commit: b84ca9b9648ba7f073ad7513c4b610b7f0dfbdfc
Author: Antoine Tenart <antoine.tenart <AT> bootlin <DOT> com>
AuthorDate: Mon Sep 7 15:08:12 2020 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Oct 11 21:14:40 2020 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b84ca9b9
corecommands: add entry for Busybox shell
Fixes:
vc: denied { execute } for pid=87 comm="login" name="sh" dev="vda"
ino=408 scontext=system_u:system_r:local_login_t
tcontext=system_u:object_r:bin_t tclass=file permissive=1
Signed-off-by: Antoine Tenart <antoine.tenart <AT> bootlin.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 5ced3c67..07a09873 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -157,6 +157,7 @@ ifdef(`distro_gentoo',`
/usr/bin/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/scponly -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/scponlyc -- gen_context(system_u:object_r:shell_exec_t,s0)
+/usr/bin/sh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/smrsh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/tcsh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/yash -- gen_context(system_u:object_r:shell_exec_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2020-02-15 7:33 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2020-02-15 7:33 UTC (permalink / raw
To: gentoo-commits
commit: 19e44f812e0bd3bca6ffdcded4d7e96d41a4e614
Author: bauen1 <j2468h <AT> gmail <DOT> com>
AuthorDate: Sat Jan 25 13:19:00 2020 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Feb 15 07:30:57 2020 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=19e44f81
kernel/corecommands: fix the label of xfce4 helpers (on debian)
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/kernel/corecommands.fc | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 75667c04..0be85be3 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -244,15 +244,34 @@ ifdef(`distro_gentoo',`
/usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-compose-mail-1 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/xfce4/exo-2/exo-helper-2 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/panel/migrate -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/panel/wrapper -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/xfce4/panel/wrapper-1\.0 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/xfce4/panel/wrapper-2\.0 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/session/balou-export-theme -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/session/balou-install-theme -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0)
+ifdef(`distro_debian',`
+/usr/lib/[^/]+/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/exo-2/exo-helper-2 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/panel/migrate -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/panel/wrapper -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/panel/wrapper-1\.0 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/panel/wrapper-2\.0 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/session/balou-export-theme -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/session/balou-install-theme -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]+/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0)
+')
+
/usr/lib/couchdb/erlang/lib/couch-[0-9.]+/priv/couchspawnkillable -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/debug/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-07-13 7:01 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-07-13 7:01 UTC (permalink / raw
To: gentoo-commits
commit: 86a0e854927db91b4a978fe92a63e3edb5256927
Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Fri May 31 17:44:49 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jul 13 06:43:14 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=86a0e854
devices: Add type for /dev/daxX.Y.
Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.te | 6 ++++++
2 files changed, 7 insertions(+)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 3b9be43f..bdff6b1a 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -21,6 +21,7 @@
/dev/controlD64 -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
/dev/crash -c gen_context(system_u:object_r:crash_device_t,mls_systemhigh)
/dev/dahdi/.* -c gen_context(system_u:object_r:sound_device_t,s0)
+/dev/dax[0-9]\.[0-9] -c gen_context(system_u:object_r:dax_device_t,mls_systemhigh)
/dev/dmfm -c gen_context(system_u:object_r:sound_device_t,s0)
/dev/dmmidi.* -c gen_context(system_u:object_r:sound_device_t,s0)
/dev/dsp.* -c gen_context(system_u:object_r:sound_device_t,s0)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index a0331212..88a4246e 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -82,6 +82,12 @@ dev_node(crash_device_t)
type crypt_device_t;
dev_node(crypt_device_t)
+#
+# Type for /dev/dax*.*
+#
+type dax_device_t;
+dev_node(dax_device_t)
+
#
# dlm_misc_device_t is the type of /dev/misc/dlm.*
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-07-13 7:01 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-07-13 7:01 UTC (permalink / raw
To: gentoo-commits
commit: 5ff9a8876e58544ab99a22441e272dcb94b0525b
Author: Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Fri May 31 17:42:42 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jul 13 06:43:14 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5ff9a887
storage: Add fc entry for /dev/pmem*
Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/storage.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 926327bd..b6dfcd9f 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -41,6 +41,7 @@
/dev/pcd[0-3] -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pd[a-d][^/]* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pg[0-3] -c gen_context(system_u:object_r:removable_device_t,s0)
+/dev/pmem[0-9]* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/ps3d.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/ram.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/(raw/)?rawctl -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-03-26 10:17 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-03-26 10:17 UTC (permalink / raw
To: gentoo-commits
commit: 0d797afccb4ad5dd993c25bf217303343127901d
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon Mar 25 10:03:18 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Mar 25 10:05:25 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0d797afc
corenetwork: regenerate for query scripts
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/corenetwork.if | 646 +++++++++++++++++++++++++++++------
policy/modules/kernel/corenetwork.te | 26 +-
2 files changed, 556 insertions(+), 116 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index d7473484..e6fbf90f 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -215,6 +215,60 @@ interface(`corenet_spd_type',`
typeattribute $1 ipsec_spd_type;
')
+########################################
+## <summary>
+## Define type to be an infiniband pkey type
+## </summary>
+## <desc>
+## <p>
+## Define type to be an infiniband pkey type
+## </p>
+## <p>
+## This is for supporting third party modules and its
+## use is not allowed in upstream reference policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Type to be used for infiniband pkeys.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_pkey',`
+ gen_require(`
+ attribute ibpkey_type;
+ ')
+
+ typeattribute $1 ibpkey_type;
+')
+
+########################################
+## <summary>
+## Define type to be an infiniband endport
+## </summary>
+## <desc>
+## <p>
+## Define type to be an infiniband endport
+## </p>
+## <p>
+## This is for supporting third party modules and its
+## use is not allowed in upstream reference policy.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Type to be used for infiniband endports.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_endport',`
+ gen_require(`
+ attribute ibendport_type;
+ ')
+
+ typeattribute $1 ibendport_type;
+')
+
########################################
## <summary>
## Send and receive TCP network traffic on generic interfaces.
@@ -584,6 +638,24 @@ interface(`corenet_raw_send_all_if',`
allow $1 netif_type:netif { rawip_send egress };
')
+########################################
+## <summary>
+## Send and receive SCTP network traffic on generic nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_sendrecv_generic_node',`
+ gen_require(`
+ type node_t;
+ ')
+
+ allow $1 node_t:node { sendto recvfrom };
+')
+
########################################
## <summary>
## Receive raw IP packets on all interfaces.
@@ -791,6 +863,24 @@ interface(`corenet_raw_sendrecv_generic_node',`
corenet_raw_receive_generic_node($1)
')
+########################################
+## <summary>
+## Bind SCTP sockets to generic nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_bind_generic_node',`
+ gen_require(`
+ type node_t;
+ ')
+
+ allow $1 node_t:sctp_socket node_bind;
+')
+
########################################
## <summary>
## Bind TCP sockets to generic nodes.
@@ -985,6 +1075,24 @@ interface(`corenet_dontaudit_udp_send_all_nodes',`
dontaudit $1 node_type:node { udp_send sendto };
')
+########################################
+## <summary>
+## Send and receive SCTP network traffic on all nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_sendrecv_all_nodes',`
+ gen_require(`
+ attribute node_type;
+ ')
+
+ allow $1 node_type:node { sendto recvfrom };
+')
+
########################################
## <summary>
## Receive UDP network traffic on all nodes.
@@ -1177,6 +1285,25 @@ interface(`corenet_tcp_sendrecv_generic_port',`
allow $1 port_t:tcp_socket { send_msg recv_msg };
')
+########################################
+## <summary>
+## Bind SCTP sockets to all nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_bind_all_nodes',`
+ gen_require(`
+ attribute node_type;
+ ')
+
+ allow $1 node_type:sctp_socket node_bind;
+')
+
+
########################################
## <summary>
## Do not audit send and receive TCP network traffic on generic ports.
@@ -1384,6 +1511,26 @@ interface(`corenet_udp_send_all_ports',`
allow $1 port_type:udp_socket send_msg;
')
+########################################
+## <summary>
+## Bind SCTP sockets to generic ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_bind_generic_port',`
+ gen_require(`
+ type port_t, unreserved_port_t, ephemeral_port_t;
+ attribute defined_port_type;
+ ')
+
+ allow $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_bind;
+ dontaudit $1 defined_port_type:sctp_socket name_bind;
+')
+
########################################
## <summary>
## Receive UDP network traffic on all ports.
@@ -1441,6 +1588,25 @@ interface(`corenet_udp_sendrecv_all_ports',`
corenet_udp_receive_all_ports($1)
')
+########################################
+## <summary>
+## Do not audit attempts to bind SCTP
+## sockets to generic ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_sctp_bind_generic_port',`
+ gen_require(`
+ type port_t, unreserved_port_t, ephemeral_port_t;
+ ')
+
+ dontaudit $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_bind;
+')
+
########################################
## <summary>
## Bind TCP sockets to all ports.
@@ -1497,6 +1663,24 @@ interface(`corenet_udp_bind_all_ports',`
allow $1 self:capability net_bind_service;
')
+########################################
+## <summary>
+## Connect SCTP sockets to generic ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_connect_generic_port',`
+ gen_require(`
+ type port_t, unreserved_port_t,ephemeral_port_t;
+ ')
+
+ allow $1 { port_t unreserved_port_t ephemeral_port_t }:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Do not audit attepts to bind UDP sockets to any ports.
@@ -1668,6 +1852,25 @@ interface(`corenet_tcp_bind_reserved_port',`
allow $1 self:capability net_bind_service;
')
+########################################
+## <summary>
+## Bind SCTP sockets to all ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_bind_all_ports',`
+ gen_require(`
+ attribute port_type;
+ ')
+
+ allow $1 port_type:sctp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
########################################
## <summary>
## Bind UDP sockets to generic reserved ports.
@@ -1705,6 +1908,24 @@ interface(`corenet_tcp_connect_reserved_port',`
allow $1 reserved_port_t:tcp_socket name_connect;
')
+########################################
+## <summary>
+## Do not audit attempts to bind SCTP sockets to any ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_sctp_bind_all_ports',`
+ gen_require(`
+ attribute port_type;
+ ')
+
+ dontaudit $1 port_type:sctp_socket name_bind;
+')
+
########################################
## <summary>
## Send and receive TCP network traffic on all reserved ports.
@@ -1774,6 +1995,24 @@ interface(`corenet_udp_sendrecv_all_reserved_ports',`
corenet_udp_receive_all_reserved_ports($1)
')
+########################################
+## <summary>
+## Connect SCTP sockets to all ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_connect_all_ports',`
+ gen_require(`
+ attribute port_type;
+ ')
+
+ allow $1 port_type:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Bind TCP sockets to all reserved ports.
@@ -1848,6 +2087,25 @@ interface(`corenet_dontaudit_udp_bind_all_reserved_ports',`
dontaudit $1 reserved_port_type:udp_socket name_bind;
')
+########################################
+## <summary>
+## Do not audit attempts to connect SCTP sockets
+## to all ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_sctp_connect_all_ports',`
+ gen_require(`
+ attribute port_type;
+ ')
+
+ dontaudit $1 port_type:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Bind TCP sockets to all ports > 1024.
@@ -1902,6 +2160,24 @@ interface(`corenet_tcp_connect_all_reserved_ports',`
allow $1 reserved_port_type:tcp_socket name_connect;
')
+########################################
+## <summary>
+## Connect SCTP sockets to all ports > 1024.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_connect_all_unreserved_ports',`
+ gen_require(`
+ attribute unreserved_port_type;
+ ')
+
+ allow $1 unreserved_port_type:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Do not audit connect attempts to TCP sockets on
@@ -1995,6 +2271,63 @@ interface(`corenet_dontaudit_tcp_connect_all_rpc_ports',`
dontaudit $1 rpc_port_type:tcp_socket name_connect;
')
+########################################
+## <summary>
+## Bind SCTP sockets to generic reserved ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_bind_reserved_port',`
+ gen_require(`
+ type reserved_port_t;
+ ')
+
+ allow $1 reserved_port_t:sctp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Read the TUN/TAP virtual network device.
+## </summary>
+## <param name="domain">
+## <summary>
+## The domain read allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_read_tun_tap_dev',`
+ gen_require(`
+ type tun_tap_device_t;
+ ')
+
+ dev_list_all_dev_nodes($1)
+ allow $1 tun_tap_device_t:chr_file read_chr_file_perms;
+')
+
+########################################
+## <summary>
+## Write the TUN/TAP virtual network device.
+## </summary>
+## <param name="domain">
+## <summary>
+## The domain allowed write access.
+## </summary>
+## </param>
+#
+interface(`corenet_write_tun_tap_dev',`
+ gen_require(`
+ type tun_tap_device_t;
+ ')
+
+ dev_list_all_dev_nodes($1)
+ allow $1 tun_tap_device_t:chr_file write_chr_file_perms;
+')
+
########################################
## <summary>
## Read and write the TUN/TAP virtual network device.
@@ -2014,6 +2347,24 @@ interface(`corenet_rw_tun_tap_dev',`
allow $1 tun_tap_device_t:chr_file rw_chr_file_perms;
')
+########################################
+## <summary>
+## Connect SCTP sockets to generic reserved ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_connect_reserved_port',`
+ gen_require(`
+ type reserved_port_t;
+ ')
+
+ allow $1 reserved_port_t:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Do not audit attempts to read or write the TUN/TAP
@@ -2146,73 +2497,21 @@ interface(`corenet_dontaudit_udp_bind_all_rpc_ports',`
########################################
## <summary>
-## Send and receive messages on a
-## non-encrypted (no IPSEC) network
-## session.
+## Bind SCTP sockets to all reserved ports.
## </summary>
-## <desc>
-## <p>
-## Send and receive messages on a
-## non-encrypted (no IPSEC) network
-## session. (Deprecated)
-## </p>
-## <p>
-## The corenet_all_recvfrom_unlabeled() interface should be used instead
-## of this one.
-## </p>
-## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
-interface(`corenet_non_ipsec_sendrecv',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_all_recvfrom_unlabeled() instead.')
- corenet_all_recvfrom_unlabeled($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to send and receive
-## messages on a non-encrypted (no IPSEC) network
-## session.
-## </summary>
-## <desc>
-## <p>
-## Do not audit attempts to send and receive
-## messages on a non-encrypted (no IPSEC) network
-## session.
-## </p>
-## <p>
-## The corenet_dontaudit_all_recvfrom_unlabeled() interface should be
-## used instead of this one.
-## </p>
-## </desc>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`corenet_dontaudit_non_ipsec_sendrecv',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_dontaudit_all_recvfrom_unlabeled() instead.')
- corenet_dontaudit_all_recvfrom_unlabeled($1)
-')
+interface(`corenet_sctp_bind_all_reserved_ports',`
+ gen_require(`
+ attribute reserved_port_type;
+ ')
-########################################
-## <summary>
-## Receive TCP packets from a NetLabel connection.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`corenet_tcp_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_tcp_recvfrom_netlabel() instead.')
- corenet_tcp_recvfrom_netlabel($1)
+ allow $1 reserved_port_type:sctp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
@@ -2256,8 +2555,7 @@ interface(`corenet_tcp_recvfrom_unlabeled',`
########################################
## <summary>
-## Do not audit attempts to receive TCP packets from a NetLabel
-## connection.
+## Do not audit attempts to bind SCTP sockets to all reserved ports.
## </summary>
## <param name="domain">
## <summary>
@@ -2265,9 +2563,12 @@ interface(`corenet_tcp_recvfrom_unlabeled',`
## </summary>
## </param>
#
-interface(`corenet_dontaudit_tcp_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_dontaudit_tcp_recvfrom_netlabel() instead.')
- corenet_dontaudit_tcp_recvfrom_netlabel($1)
+interface(`corenet_dontaudit_sctp_bind_all_reserved_ports',`
+ gen_require(`
+ attribute reserved_port_type;
+ ')
+
+ dontaudit $1 reserved_port_type:sctp_socket name_bind;
')
########################################
@@ -2311,21 +2612,6 @@ interface(`corenet_dontaudit_tcp_recvfrom_unlabeled',`
kernel_dontaudit_sendrecv_unlabeled_association($1)
')
-########################################
-## <summary>
-## Receive UDP packets from a NetLabel connection.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`corenet_udp_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_udp_recvfrom_netlabel() instead.')
- corenet_udp_recvfrom_netlabel($1)
-')
-
########################################
## <summary>
## Receive UDP packets from a NetLabel connection.
@@ -2367,18 +2653,20 @@ interface(`corenet_udp_recvfrom_unlabeled',`
########################################
## <summary>
-## Do not audit attempts to receive UDP packets from a NetLabel
-## connection.
+## Bind SCTP sockets to all ports > 1024.
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit.
+## Domain allowed access.
## </summary>
## </param>
#
-interface(`corenet_dontaudit_udp_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_dontaudit_udp_recvfrom_netlabel($1) instead.')
- corenet_dontaudit_udp_recvfrom_netlabel($1)
+interface(`corenet_sctp_bind_all_unreserved_ports',`
+ gen_require(`
+ attribute unreserved_port_type;
+ ')
+
+ allow $1 unreserved_port_type:sctp_socket name_bind;
')
########################################
@@ -2422,21 +2710,6 @@ interface(`corenet_dontaudit_udp_recvfrom_unlabeled',`
kernel_dontaudit_sendrecv_unlabeled_association($1)
')
-########################################
-## <summary>
-## Receive Raw IP packets from a NetLabel connection.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`corenet_raw_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_raw_recvfrom_netlabel() instead.')
- corenet_raw_recvfrom_netlabel($1)
-')
-
########################################
## <summary>
## Receive Raw IP packets from a NetLabel connection.
@@ -2487,29 +2760,31 @@ interface(`corenet_raw_recvfrom_unlabeled',`
## </summary>
## </param>
#
-interface(`corenet_dontaudit_raw_recv_netlabel',`
- refpolicywarn(`$0($*) has been deprecated, use corenet_dontaudit_raw_recvfrom_netlabel() instead.')
- corenet_dontaudit_raw_recvfrom_netlabel($1)
+interface(`corenet_dontaudit_raw_recvfrom_netlabel',`
+ gen_require(`
+ type netlabel_peer_t;
+ ')
+
+ dontaudit $1 netlabel_peer_t:peer recv;
+ dontaudit $1 netlabel_peer_t:rawip_socket recvfrom;
')
########################################
## <summary>
-## Do not audit attempts to receive Raw IP packets from a NetLabel
-## connection.
+## Connect SCTP sockets to reserved ports.
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit.
+## Domain allowed access.
## </summary>
## </param>
#
-interface(`corenet_dontaudit_raw_recvfrom_netlabel',`
+interface(`corenet_sctp_connect_all_reserved_ports',`
gen_require(`
- type netlabel_peer_t;
+ attribute reserved_port_type;
')
- dontaudit $1 netlabel_peer_t:peer recv;
- dontaudit $1 netlabel_peer_t:rawip_socket recvfrom;
+ allow $1 reserved_port_type:sctp_socket name_connect;
')
########################################
@@ -2619,6 +2894,25 @@ interface(`corenet_dontaudit_all_recvfrom_unlabeled',`
kernel_dontaudit_sendrecv_unlabeled_association($1)
')
+########################################
+## <summary>
+## Do not audit attempts to connect SCTP sockets
+## all reserved ports.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_sctp_connect_all_reserved_ports',`
+ gen_require(`
+ attribute reserved_port_type;
+ ')
+
+ dontaudit $1 reserved_port_type:sctp_socket name_connect;
+')
+
########################################
## <summary>
## Do not audit attempts to receive packets from a NetLabel
@@ -2750,6 +3044,7 @@ interface(`corenet_raw_recvfrom_labeled',`
## </param>
#
interface(`corenet_all_recvfrom_labeled',`
+ corenet_sctp_recvfrom_labeled($1, $2)
corenet_tcp_recvfrom_labeled($1, $2)
corenet_udp_recvfrom_labeled($1, $2)
corenet_raw_recvfrom_labeled($1, $2)
@@ -3020,6 +3315,24 @@ interface(`corenet_send_all_server_packets',`
allow $1 server_packet_type:packet send;
')
+########################################
+## <summary>
+## Receive SCTP packets from a NetLabel connection.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_recvfrom_netlabel',`
+ gen_require(`
+ type netlabel_peer_t;
+ ')
+
+ allow $1 netlabel_peer_t:peer recv;
+')
+
########################################
## <summary>
## Receive all server packets.
@@ -3071,6 +3384,27 @@ interface(`corenet_relabelto_all_server_packets',`
allow $1 server_packet_type:packet relabelto;
')
+########################################
+## <summary>
+## Receive SCTP packets from an unlabled connection.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_recvfrom_unlabeled',`
+ gen_require(`
+ attribute corenet_unlabeled_type;
+ ')
+
+ kernel_recvfrom_unlabeled_peer($1)
+
+ typeattribute $1 corenet_unlabeled_type;
+ kernel_sendrecv_unlabeled_association($1)
+')
+
########################################
## <summary>
## Send all packets.
@@ -3140,6 +3474,98 @@ interface(`corenet_relabelto_all_packets',`
allow $1 packet_type:packet relabelto;
')
+########################################
+## <summary>
+## Access unlabeled infiniband pkeys.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_access_unlabeled_pkeys',`
+ kernel_ib_access_unlabeled_pkeys($1)
+')
+
+########################################
+## <summary>
+## Access all labeled infiniband pkeys.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_access_all_pkeys',`
+ gen_require(`
+ attribute ibpkey_type;
+ ')
+
+ allow $1 ibpkey_type:infiniband_pkey access;
+')
+
+########################################
+## <summary>
+## Manage subnets on all labeled Infiniband endports
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_manage_subnet_all_endports',`
+ gen_require(`
+ attribute ibendport_type;
+ ')
+
+ allow $1 ibendport_type:infiniband_endport manage_subnet;
+')
+
+########################################
+## <summary>
+## Manage subnet on all unlabeled Infiniband endports
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_ib_manage_subnet_unlabeled_endports',`
+ kernel_ib_manage_subnet_unlabeled_endports($1)
+')
+
+########################################
+## <summary>
+## Rules for receiving labeled SCTP packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <param name="peer_domain">
+## <summary>
+## Peer domain.
+## </summary>
+## </param>
+#
+interface(`corenet_sctp_recvfrom_labeled',`
+ allow { $1 $2 } self:association sendto;
+ allow $1 $2:association recvfrom;
+ allow $2 $1:association recvfrom;
+
+ allow $1 $2:peer recv;
+ allow $2 $1:peer recv;
+
+ # allow receiving packets from MLS-only peers using NetLabel
+ corenet_sctp_recvfrom_netlabel($1)
+ corenet_sctp_recvfrom_netlabel($2)
+')
+
########################################
## <summary>
## Unconfined access to network objects.
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index a7eb9045..707933c9 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.23.3)
+policy_module(corenetwork, 1.25.1)
########################################
#
@@ -20,6 +20,8 @@ attribute port_type;
attribute reserved_port_type;
attribute rpc_port_type;
attribute server_packet_type;
+attribute ibpkey_type;
+attribute ibendport_type;
# This is an optimization for { port_type -reserved_port_type }
attribute unreserved_port_type;
@@ -471,8 +473,10 @@ type dns_port_t, port_type, defined_port_type;
type dns_client_packet_t, packet_type, client_packet_type;
type dns_server_packet_t, packet_type, server_packet_type;
typeattribute dns_port_t reserved_port_type;
+typeattribute dns_port_t rpc_port_type;
portcon tcp 53 gen_context(system_u:object_r:dns_port_t,s0)
portcon udp 53 gen_context(system_u:object_r:dns_port_t,s0)
+portcon tcp 853 gen_context(system_u:object_r:dns_port_t,s0)
type dropbox_port_t, port_type, defined_port_type;
@@ -1969,9 +1973,12 @@ portcon tcp 8021 gen_context(system_u:object_r:zope_port_t,s0)
portcon udp 1024-65535 gen_context(system_u:object_r:unreserved_port_t, s0)
portcon tcp 1024-65535 gen_context(system_u:object_r:unreserved_port_t, s0)
portcon tcp 512-1023 gen_context(system_u:object_r:hi_reserved_port_t, s0)
+portcon sctp 1024-65535 gen_context(system_u:object_r:unreserved_port_t, s0)
+portcon sctp 512-1023 gen_context(system_u:object_r:hi_reserved_port_t, s0)
portcon udp 512-1023 gen_context(system_u:object_r:hi_reserved_port_t, s0)
portcon tcp 1-511 gen_context(system_u:object_r:reserved_port_t, s0)
portcon udp 1-511 gen_context(system_u:object_r:reserved_port_t, s0)
+portcon sctp 1-511 gen_context(system_u:object_r:reserved_port_t, s0)
########################################
#
@@ -2023,12 +2030,19 @@ typealias netif_t alias { lo_netif_t netif_lo_t };
# Unconfined access to this module
#
-allow corenet_unconfined_type node_type:node *;
-allow corenet_unconfined_type netif_type:netif *;
-allow corenet_unconfined_type packet_type:packet *;
+allow corenet_unconfined_type node_type:node { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send enforce_dest dccp_recv dccp_send recvfrom sendto };
+allow corenet_unconfined_type netif_type:netif { tcp_recv tcp_send udp_recv udp_send rawip_recv rawip_send dccp_recv dccp_send ingress egress };
+allow corenet_unconfined_type packet_type:packet { send recv relabelto flow_in flow_out forward_in forward_out };
allow corenet_unconfined_type port_type:tcp_socket { send_msg recv_msg name_connect };
+allow corenet_unconfined_type port_type:sctp_socket { send_msg recv_msg name_connect };
allow corenet_unconfined_type port_type:udp_socket { send_msg recv_msg };
# Bind to any network address.
-allow corenet_unconfined_type port_type:{ tcp_socket udp_socket rawip_socket } name_bind;
-allow corenet_unconfined_type node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
+allow corenet_unconfined_type port_type:{ tcp_socket udp_socket rawip_socket sctp_socket } name_bind;
+allow corenet_unconfined_type node_type:{ tcp_socket udp_socket rawip_socket sctp_socket } node_bind;
+
+# Infiniband
+corenet_ib_access_all_pkeys(corenet_unconfined_type)
+corenet_ib_manage_subnet_all_endports(corenet_unconfined_type)
+corenet_ib_access_unlabeled_pkeys(corenet_unconfined_type)
+corenet_ib_manage_subnet_unlabeled_endports(corenet_unconfined_type)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-03-26 10:17 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-03-26 10:17 UTC (permalink / raw
To: gentoo-commits
commit: 98f3eac837bb8fa985f1f3fe7090e17573c9f3a9
Author: Sugar, David <dsugar <AT> tresys <DOT> com>
AuthorDate: Tue Mar 5 22:32:44 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Mar 25 10:05:25 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=98f3eac8
Add interface to allow relabeling of iso 9660 filesystems.
I have a case where I'm labeling media with my own types to control
access. But that is requiring that I relabel from iso9660_t to my
own type. This interface allows that relabel.
type=AVC msg=audit(1551621984.372:919): avc: denied { relabelfrom } for pid=9717 comm="mount" scontext=staff_u:staff_r:mymedia_sudo_t:s0-s0:c0.c1023 tcontext=system_u:object_r:iso9660_t:s0 tclass=filesystem permissive=0
Signed-off-by: Dave Sugar <dsugar <AT> tresys.com>
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/filesystem.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 6da7cc22..603bfc28 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -2505,6 +2505,25 @@ interface(`fs_remount_iso9660_fs',`
allow $1 iso9660_t:filesystem remount;
')
+########################################
+## <summary>
+## Allow changing of the label of a
+## filesystem with iso9660 type
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_relabelfrom_iso9660_fs',`
+ gen_require(`
+ type iso9660_t;
+ ')
+
+ allow $1 iso9660_t:filesystem relabelfrom;
+')
+
########################################
## <summary>
## Unmount an iso9660 filesystem, which
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-02-10 6:18 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-02-10 6:18 UTC (permalink / raw
To: gentoo-commits
commit: b1b6e9dfd6982086f38e0e4e008d31777ee94255
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Feb 10 06:09:02 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb 10 06:09:02 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b1b6e9df
remove duplicated dev_dontaudit_read_sysfs files_dontaudit_read_etc_files
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/devices.if | 20 --------------------
policy/modules/kernel/files.if | 20 --------------------
2 files changed, 40 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 84b9d8fb..87fabe6f 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5236,26 +5236,6 @@ interface(`dev_unconfined',`
# We cannot use ifdef distro_gentoo for interfaces
-########################################
-## <summary>
-## Dont audit attempts to read hardware state information
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain for which the attempts do not need to be audited
-## </summary>
-## </param>
-#
-interface(`dev_dontaudit_read_sysfs',`
- gen_require(`
- type sysfs_t;
- ')
-
- dontaudit $1 sysfs_t:file read_file_perms;
- dontaudit $1 sysfs_t:dir list_dir_perms;
- dontaudit $1 sysfs_t:lnk_file read_lnk_file_perms;
-')
-
########################################
## <summary>
## Relabel cpu online hardware state information.
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 0ace4966..b4db9c89 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -7111,26 +7111,6 @@ interface(`files_dontaudit_read_etc_runtime',`
dontaudit $1 etc_runtime_t:file read_file_perms;
')
-########################################
-## <summary>
-## Do not audit attempts to read files
-## in /etc
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_read_etc_files',`
- gen_require(`
- type etc_t;
- ')
-
- dontaudit $1 etc_t:file { getattr read };
-')
-
-
#########################################
## <summary>
## List usr/src files
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-02-10 4:14 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-02-10 4:14 UTC (permalink / raw
To: gentoo-commits
commit: f2e3f0187d67264d9511dbbdbc3b40d898ac9eed
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat Jan 12 08:03:42 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb 10 04:11:25 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f2e3f018
kernel: introduce kernel_dontaudit_read_kernel_sysctl
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 5afc4802..de5ee946 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2012,6 +2012,24 @@ interface(`kernel_dontaudit_search_kernel_sysctl',`
dontaudit $1 sysctl_kernel_t:dir search;
')
+#######################################
+## <summary>
+## Do not audit attempted reading of kernel sysctls
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit accesses from
+## </summary>
+## </param>
+#
+interface(`kernel_dontaudit_read_kernel_sysctl',`
+ gen_require(`
+ type sysctl_kernel_t;
+ ')
+
+ dontaudit $1 sysctl_kernel_t:file read_file_perms;
+')
+
########################################
## <summary>
## Read generic crypto sysctls.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-02-10 4:14 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-02-10 4:14 UTC (permalink / raw
To: gentoo-commits
commit: 63ab6a3846fefa9040bd9a3b21bdfa8c84b5dc31
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat Jan 12 08:03:40 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb 10 04:11:25 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=63ab6a38
devices: introduce dev_dontaudit_read_sysfs
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/devices.if | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 0966a468..84b9d8fb 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4043,6 +4043,26 @@ interface(`dev_dontaudit_getattr_sysfs',`
dontaudit $1 sysfs_t:filesystem getattr;
')
+########################################
+## <summary>
+## Dont audit attempts to read hardware state information
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain for which the attempts do not need to be audited
+## </summary>
+## </param>
+#
+interface(`dev_dontaudit_read_sysfs',`
+ gen_require(`
+ type sysfs_t;
+ ')
+
+ dontaudit $1 sysfs_t:file read_file_perms;
+ dontaudit $1 sysfs_t:dir list_dir_perms;
+ dontaudit $1 sysfs_t:lnk_file read_lnk_file_perms;
+')
+
########################################
## <summary>
## mounton sysfs directories.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2019-02-10 4:14 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2019-02-10 4:14 UTC (permalink / raw
To: gentoo-commits
commit: 136b8a2b8c1ea3bb501b668de7401e01a87e780b
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat Jan 12 08:03:41 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb 10 04:11:25 2019 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=136b8a2b
files: introduce files_dontaudit_read_etc_files
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/kernel/files.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 4920809d..0ace4966 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -3405,6 +3405,25 @@ interface(`files_dontaudit_read_etc_runtime_files',`
dontaudit $1 etc_runtime_t:file { getattr read };
')
+########################################
+## <summary>
+## Do not audit attempts to read files
+## in /etc
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_read_etc_files',`
+ gen_require(`
+ type etc_t;
+ ')
+
+ dontaudit $1 etc_t:file { getattr read };
+')
+
########################################
## <summary>
## Do not audit attempts to write
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-09-11 9:06 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2018-09-11 9:06 UTC (permalink / raw
To: gentoo-commits
commit: cae8d35ee1c8db81725474f4ffd04b90a2ff2b91
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sun Jul 15 20:56:51 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 9 03:07:46 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=cae8d35e
devices: Module version bump.
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 79b9c8da..473ccf84 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.23.1)
+policy_module(devices, 1.23.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-09-11 9:06 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2018-09-11 9:06 UTC (permalink / raw
To: gentoo-commits
commit: c83e985052c5fac77e8895d4569aad3289f42d1e
Author: Jagannathan Raman <jag.raman <AT> oracle <DOT> com>
AuthorDate: Fri Jul 13 17:05:36 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 9 03:07:46 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c83e9850
vhost: Add /dev/vhost-scsi device of type vhost_device_t.
Signed-off-by: Jagannathan Raman <jag.raman <AT> oracle.com>
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.if | 2 +-
policy/modules/kernel/devices.te | 3 ++-
3 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index e206720b..5ec14acf 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -120,6 +120,7 @@ ifdef(`distro_suse', `
')
/dev/vfio/.+ -c gen_context(system_u:object_r:vfio_device_t,s0)
/dev/vhost-net -c gen_context(system_u:object_r:vhost_device_t,s0)
+/dev/vhost-scsi -c gen_context(system_u:object_r:vhost_device_t,s0)
/dev/vbi.* -c gen_context(system_u:object_r:v4l_device_t,s0)
/dev/vbox.* -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
/dev/vga_arbiter -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index f68d60ab..0966a468 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4839,7 +4839,7 @@ interface(`dev_relabelfrom_vfio_dev',`
############################
## <summary>
-## Allow read/write the vhost net device
+## Allow read/write the vhost devices
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 4ce5fecf..79b9c8da 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -286,7 +286,8 @@ type v4l_device_t;
dev_node(v4l_device_t)
#
-# vhost_device_t is the type for /dev/vhost-net
+# vhost_device_t is the type for vhost devices like
+# /dev/vhost-net and /dev/vhost-scsi
#
type vhost_device_t;
dev_node(vhost_device_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-07-12 14:37 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2018-07-12 14:37 UTC (permalink / raw
To: gentoo-commits
commit: 792f78b7b4b4289a8044c300fcbe02fb7ceab157
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Jul 10 15:03:14 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Jul 11 14:41:35 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=792f78b7
selinux: compute_access_vector requires creating netlink_selinux_sockets
policy/modules/kernel/selinux.if | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 8123b25f..6790e5d0 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -534,6 +534,7 @@ interface(`selinux_compute_access_vector',`
')
dev_search_sysfs($1)
+ allow $1 self:netlink_selinux_socket create_socket_perms;
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_av;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-06-09 5:24 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2018-06-09 5:24 UTC (permalink / raw
To: gentoo-commits
commit: 738d5a8078c3e287725862c78041e92f7f92dfcb
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Thu Jun 7 10:29:26 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Jun 8 11:10:51 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=738d5a80
corecommands: adjust gcc fcontext to also work on musl
policy/modules/kernel/corecommands.fc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 9bdcb747..3877b5f0 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -351,10 +351,10 @@ ifdef(`distro_debian',`
')
ifdef(`distro_gentoo', `
-/usr/[^/]+-[^/]+-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/[^/]+-[^/]+-linux-gnu/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/[^/]+-[^/]+-linux-gnu/[^/]+/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/[^/]+-[^/]+-linux-gnu/[^/]+/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/-]+-[^/-]+-linux-[^/-]+/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/-]+-[^/-]+-linux-[^/-]+/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/-]+-[^/-]+-linux-[^/-]+/[^/]+/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/-]+-[^/-]+-linux-[^/-]+/[^/]+/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/rcscripts/addons(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/rcscripts/sh(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-01-18 16:37 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2018-01-18 16:37 UTC (permalink / raw
To: gentoo-commits
commit: 3cfa359b54921eda7f449dd445dadd7e231e4eb3
Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com>
AuthorDate: Mon Jan 1 11:32:34 2018 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Jan 18 16:31:23 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=3cfa359b
filesystem: add fs_rw_inherited_hugetlbfs_files for apache module
policy/modules/kernel/filesystem.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 168f204a..7f245e29 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -2306,6 +2306,24 @@ interface(`fs_manage_hugetlbfs_dirs',`
########################################
## <summary>
+## Read and write inherited hugetlbfs files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_rw_inherited_hugetlbfs_files',`
+ gen_require(`
+ type hugetlbfs_t;
+ ')
+
+ allow $1 hugetlbfs_t:file rw_inherited_file_perms;
+')
+
+########################################
+## <summary>
## Read and write hugetlbfs files.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2018-01-18 16:37 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2018-01-18 16:37 UTC (permalink / raw
To: gentoo-commits
commit: f062077321cb890d203c806aa51c0e8ff3991990
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Fri Dec 15 21:48:23 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Jan 18 16:31:04 2018 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f0620773
corecommands: label systemd script directories bin_t
systemd defines in /usr/lib/systemd several directories which can
contain scripts or executable files:
- system-environment-generators/ and user-environment-generators/
documented in
https://www.freedesktop.org/software/systemd/man/systemd.environment-generator.html
- system-shutdown/ documented in
https://www.freedesktop.org/software/systemd/man/systemd-halt.service.html
- system-sleep/ documented in
https://www.freedesktop.org/software/systemd/man/systemd-suspend.service.html
Currently the content of these directories is labelled lib_t, which
causes the following AVC on Arch Linux:
avc: denied { execute_no_trans } for pid=10308 comm="systemd"
path="/usr/lib/systemd/system-environment-generators/10-arch"
dev="vda1" ino=543182 scontext=system_u:system_r:init_t
tcontext=system_u:object_r:lib_t tclass=file permissive=1
For information /usr/lib/systemd/system-environment-generators/10-arch
only defines $PATH and its content is available on
https://git.archlinux.org/svntogit/packages.git/tree/trunk/env-generator?h=packages/filesystem
policy/modules/kernel/corecommands.fc | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 6409fcdd..9bdcb747 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -225,7 +225,11 @@ ifdef(`distro_gentoo',`
/usr/lib/ssh(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/sudo/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/systemd/systemd.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/systemd/system-environment-generators(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/systemd/system-generators(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/systemd/system-shutdown(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/systemd/system-sleep(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/systemd/user-environment-generators(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/systemd/user-generators(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/udev/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-12-14 5:15 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-12-14 5:15 UTC (permalink / raw
To: gentoo-commits
commit: 1288708d6097b3d28587465b562b038d3df1bb14
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Wed Dec 13 18:15:36 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 14 04:55:22 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1288708d
storage: Add fcontexts for NVMe disks
NVMe has several dev nodes for each device:
/dev/nvme0 is a char device for communicating with the controller
/dev/nvme0n1 is the block device that stores the data.
/dev/nvme0n1p1 is the first partition
policy/modules/kernel/storage.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 375b10bc..c7e3ac0d 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -33,6 +33,8 @@
/dev/mspblk.* -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/mtd.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/nb[^/]+ -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+/dev/nvme[0-9]+ -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+/dev/nvme[0-9]n[^/]+ -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/optcd -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/p[fg][0-3] -b gen_context(system_u:object_r:removable_device_t,s0)
/dev/pcd[0-3] -b gen_context(system_u:object_r:removable_device_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-12-12 7:59 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-12-12 7:59 UTC (permalink / raw
To: gentoo-commits
commit: 023d49ed2fe5b7eb20e3b24a786e54993132ed18
Author: David Sugar <dsugar <AT> tresys <DOT> com>
AuthorDate: Wed Nov 29 21:14:17 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Dec 12 07:06:26 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=023d49ed
RHEL 7.4 has moved the location of /usr/libexec/sesh to /usr/libexec/sudo/sesh
Update file context to include label for new location.
See https://bugzilla.redhat.com/show_bug.cgi?id=1480791
Signed-off-by: Dave Sugar <dsugar <AT> tresys.com>
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 0d2fd27f..6409fcdd 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -265,6 +265,7 @@ ifdef(`distro_gentoo',`
/usr/libexec(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/libexec/git-core/git-shell -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/libexec/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
+/usr/libexec/sudo/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/libexec/openssh/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-11-05 8:01 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-11-05 8:01 UTC (permalink / raw
To: gentoo-commits
commit: 32b741ef487dcaa91d8cefc873a7cbf8c5d581d2
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Oct 31 05:37:07 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 5 06:38:35 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=32b741ef
files: fcontext for /etc/zfs/zpool.cache
policy/modules/kernel/files.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index e69a0025..6ed84ef9 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -72,6 +72,8 @@ ifdef(`distro_suse',`
/etc/sysconfig/iptables\.save -- gen_context(system_u:object_r:etc_runtime_t,s0)
/etc/sysconfig/firstboot -- gen_context(system_u:object_r:etc_runtime_t,s0)
+/etc/zfs/zpool.cache -- gen_context(system_u:object_r:etc_runtime_t,s0)
+
ifdef(`distro_gentoo', `
/etc/profile\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
/etc/csh\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-10-29 20:42 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-10-29 20:42 UTC (permalink / raw
To: gentoo-commits
commit: 92204f8b06a390b2fb39a505d0c48f9dfec4a41d
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Thu Oct 12 21:59:43 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Oct 29 12:59:08 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=92204f8b
files: Whitespace fix.
policy/modules/kernel/files.if | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index ec2c8999..a9557079 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6757,7 +6757,6 @@ interface(`files_relabel_all_pid_sock_files',`
relabel_sock_files_pattern($1, pidfile, pidfile)
')
-
########################################
## <summary>
## Relabel to/from all var_run (pid) files and directories
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-10-29 20:42 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-10-29 20:42 UTC (permalink / raw
To: gentoo-commits
commit: d46e984bba90f703233e36a3c77926f0e4711859
Author: Luis Ressel via refpolicy <refpolicy <AT> oss <DOT> tresys <DOT> com>
AuthorDate: Tue Oct 24 23:46:43 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Oct 29 12:59:50 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d46e984b
kernel/files.if: files_list_kernel_modules should grant read perms for symlinks
files_search_kernel_modules also grant this; there's a couple of
symlinks in /lib/modules/.
policy/modules/kernel/files.if | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index a9557079..05ca46a7 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -3966,6 +3966,7 @@ interface(`files_list_kernel_modules',`
')
allow $1 modules_object_t:dir list_dir_perms;
+ read_lnk_files_pattern($1, modules_object_t, modules_object_t)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-10-29 20:42 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-10-29 20:42 UTC (permalink / raw
To: gentoo-commits
commit: f7b55ae6e614572354d5a6f8449c1ed0f256f485
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Mon Oct 9 18:51:56 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Oct 29 12:59:08 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f7b55ae6
devices: Module version bump.
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 57ad955b..0882d522 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.21.3)
+policy_module(devices, 1.21.4)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-09-09 2:43 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-09-09 2:43 UTC (permalink / raw
To: gentoo-commits
commit: 50d84777aa23e2a300967350c8fcd35c0580d337
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Sep 8 15:52:12 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep 8 22:39:50 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=50d84777
Module version bump for patches from Nicolas Iooss.
policy/modules/kernel/corecommands.te | 2 +-
policy/modules/kernel/terminal.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index 7a22dc5f..bf025424 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.24.2)
+policy_module(corecommands, 1.24.3)
########################################
#
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index ff9ee502..2102238e 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -1,4 +1,4 @@
-policy_module(terminal, 1.17.0)
+policy_module(terminal, 1.17.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-09-09 2:43 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-09-09 2:43 UTC (permalink / raw
To: gentoo-commits
commit: 92348a31d3dba24301e1d48d8d87027c9aca64e3
Author: David Sugar <dsugar <AT> tresys <DOT> com>
AuthorDate: Tue Sep 5 14:17:50 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep 8 22:39:36 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=92348a31
Separate read and write interface for tun_tap_device_t
The following patch creates two additional interfaces for tun_tap_device_t to grant only read or only write access (rather than both read and write access). It is possible to open a tap device for only reading or only writing and this allows policy to match that use.
Signed-off-by: Dave Sugar <dsugar <AT> tresys.com>
policy/modules/kernel/corenetwork.if.in | 38 +++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if.in b/policy/modules/kernel/corenetwork.if.in
index 46e10d08..3671fa8e 100644
--- a/policy/modules/kernel/corenetwork.if.in
+++ b/policy/modules/kernel/corenetwork.if.in
@@ -2047,6 +2047,44 @@ interface(`corenet_dontaudit_tcp_connect_all_rpc_ports',`
########################################
## <summary>
+## Read the TUN/TAP virtual network device.
+## </summary>
+## <param name="domain">
+## <summary>
+## The domain read allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_read_tun_tap_dev',`
+ gen_require(`
+ type tun_tap_device_t;
+ ')
+
+ dev_list_all_dev_nodes($1)
+ allow $1 tun_tap_device_t:chr_file read_chr_file_perms;
+')
+
+########################################
+## <summary>
+## Write the TUN/TAP virtual network device.
+## </summary>
+## <param name="domain">
+## <summary>
+## The domain allowed write access.
+## </summary>
+## </param>
+#
+interface(`corenet_write_tun_tap_dev',`
+ gen_require(`
+ type tun_tap_device_t;
+ ')
+
+ dev_list_all_dev_nodes($1)
+ allow $1 tun_tap_device_t:chr_file write_chr_file_perms;
+')
+
+########################################
+## <summary>
## Read and write the TUN/TAP virtual network device.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-09-09 2:43 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-09-09 2:43 UTC (permalink / raw
To: gentoo-commits
commit: 5c027610b5a5091d5cb2ae20cf2ed62177128253
Author: Nicolas Iooss via refpolicy <refpolicy <AT> oss <DOT> tresys <DOT> com>
AuthorDate: Sat Aug 12 08:34:59 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep 8 22:39:50 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5c027610
terminal: /dev/pts exists in /dev filesystem
systemd tries to create /dev/pts directly with its context type
"devpts_t", but this is not allowed:
avc: denied { associate } for pid=1 comm="systemd" name="pts"
scontext=system_u:object_r:devpts_t
tcontext=system_u:object_r:device_t
tclass=filesystem permissive=1
policy/modules/kernel/terminal.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index f71fda4b..ff9ee502 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -25,6 +25,7 @@ dev_node(console_device_t)
# the type of the root directory of the file system.
#
type devpts_t;
+dev_associate(devpts_t)
files_mountpoint(devpts_t)
fs_associate_tmpfs(devpts_t)
fs_xattr_type(devpts_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-09-09 2:43 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-09-09 2:43 UTC (permalink / raw
To: gentoo-commits
commit: 549b6dbb3f5ae4e0645aa0bbc657187776c4f305
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Wed Sep 6 20:44:17 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Sep 8 22:39:50 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=549b6dbb
corecommands: label Arch Linux pacman's scripts as bin_t
On Arch Linux, the package manager uses hooks which execute scripts in
/usr/share/libalpm/scripts.
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 1b556308..37760a87 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -310,6 +310,7 @@ ifdef(`distro_gentoo',`
/usr/share/GNUstep/Makefiles/mkinstalldirs -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/hal/device-manager/hal-device-manager -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/hal/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/share/libalpm/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/mc/extfs/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/Modules/init(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/org.gnome.Weather/org\.gnome\.Weather\.Application -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-06-05 17:34 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-06-05 17:34 UTC (permalink / raw
To: gentoo-commits
commit: 9db4609a99bf45fc3f716fa52955a4982dffb145
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon Jun 5 17:33:42 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Jun 5 17:33:42 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9db4609a
filesystem: remove gentoo specific duplicated fs_cgroup_filetrans
policy/modules/kernel/filesystem.if | 37 -------------------------------------
1 file changed, 37 deletions(-)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 1db23012..295f3698 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -5399,40 +5399,3 @@ interface(`fs_unconfined',`
typeattribute $1 filesystem_unconfined_type;
')
-
-# gentoo specific under here but not allowed ifdef
-
-########################################
-## <summary>
-## Create an object in a cgroup tmpfs filesystem, with a private
-## type using a type transition.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private type">
-## <summary>
-## The type of the object to be created.
-## </summary>
-## </param>
-## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`fs_cgroup_filetrans',`
- gen_require(`
- type cgroup_t;
- ')
-
- allow $2 tmpfs_t:filesystem associate;
- filetrans_pattern($1, cgroup_t, $2, $3, $4)
-')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-06-05 17:25 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-06-05 17:25 UTC (permalink / raw
To: gentoo-commits
commit: 7fba64ce25f075ba187e57d510550999ed6d7094
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Mon Jun 5 00:45:13 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Jun 5 17:16:18 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=7fba64ce
filesystem: Fix error in fs_cgroup_filetrans().
policy/modules/kernel/filesystem.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index f28614f2..1db23012 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -975,7 +975,7 @@ interface(`fs_cgroup_filetrans',`
allow $2 tmpfs_t:filesystem associate;
filetrans_pattern($1, cgroup_t, $2, $3, $4)
- fs_search_sysfs($1)
+ dev_search_sysfs($1)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-06-05 17:25 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-06-05 17:25 UTC (permalink / raw
To: gentoo-commits
commit: 4c7c974d4a198a0c31bf95c4a32a9c7b70f57777
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Mon Jun 5 00:45:23 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Jun 5 17:16:18 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4c7c974d
Module version bumps for patches from Jason Zaman.
policy/modules/kernel/filesystem.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index afcb3b3f..23d1c0b4 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.22.9)
+policy_module(filesystem, 1.22.10)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-06-05 17:25 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-06-05 17:25 UTC (permalink / raw
To: gentoo-commits
commit: 8c64d75ad5512d94b6fb4705b546483e2a09837c
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Jun 4 16:33:44 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Jun 5 17:16:18 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=8c64d75a
filesystem: introduce fs_cgroup_filetrans interface
policy/modules/kernel/filesystem.if | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index c9c67369..f28614f2 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -944,6 +944,42 @@ interface(`fs_mounton_cgroup', `
########################################
## <summary>
+## Create an object in a cgroup tmpfs filesystem, with a private
+## type using a type transition.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <param name="private type">
+## <summary>
+## The type of the object to be created.
+## </summary>
+## </param>
+## <param name="object">
+## <summary>
+## The object class of the object being created.
+## </summary>
+## </param>
+## <param name="name" optional="true">
+## <summary>
+## The name of the object being created.
+## </summary>
+## </param>
+#
+interface(`fs_cgroup_filetrans',`
+ gen_require(`
+ type cgroup_t, tmpfs_t;
+ ')
+
+ allow $2 tmpfs_t:filesystem associate;
+ filetrans_pattern($1, cgroup_t, $2, $3, $4)
+ fs_search_sysfs($1)
+')
+
+########################################
+## <summary>
## Do not audit attempts to read
## dirs on a CIFS or SMB filesystem.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-05-18 17:03 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-05-18 17:03 UTC (permalink / raw
To: gentoo-commits
commit: b494138d68f12e694aa6b467270d405a417dd2c3
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun May 7 17:44:58 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu May 18 17:00:38 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b494138d
corecommands: add consolekit fcontexts
policy/modules/kernel/corecommands.fc | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index fe1a5e13..320044e9 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -173,8 +173,10 @@ ifdef(`distro_gentoo',`
/usr/lib/qt.*/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/wicd/monitor\.py -- gen_context(system_u:object_r:bin_t, s0)
/usr/lib/apt/methods.+ -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/ConsoleKit/run-seat.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/ConsoleKit/run-session.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ConsoleKit/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/ConsoleKit/run-session.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/courier(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/courier-imap/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/cups(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -332,7 +334,6 @@ ifdef(`distro_gentoo',`
/usr/X11R6/lib(64)?/X11/xkb/xkbcomp -- gen_context(system_u:object_r:bin_t,s0)
ifdef(`distro_debian',`
-/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/bug/.* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-05-07 16:09 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-05-07 16:09 UTC (permalink / raw
To: gentoo-commits
commit: 44fb56ddcb130bb46f67d5bc1a4dc124cb35fe59
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Sat Apr 29 18:17:47 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun May 7 15:53:18 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=44fb56dd
kernel: low-priority update
Update the kernel module with some low priority fixes.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/kernel/kernel.te | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 639b8454..87f5f9a4 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -276,6 +276,7 @@ dev_setattr_generic_blk_files(kernel_t)
dev_setattr_generic_chr_files(kernel_t)
dev_getattr_fs(kernel_t)
dev_getattr_sysfs(kernel_t)
+dev_write_kmsg(kernel_t)
# Mount root file system. Used when loading a policy
# from initrd, then mounting the root filesystem
@@ -384,6 +385,7 @@ optional_policy(`
optional_policy(`
plymouthd_read_lib_files(kernel_t)
+ plymouthd_read_pid_files(kernel_t)
plymouthd_read_spool_files(kernel_t)
term_use_ptmx(kernel_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-03-30 17:06 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-03-30 17:06 UTC (permalink / raw
To: gentoo-commits
commit: 25add4e46adc491ea4a753fc9177db349b9d8959
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Thu Mar 30 15:25:06 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Mar 30 15:25:06 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=25add4e4
corenetwork: regenerate files
policy/modules/kernel/corenetwork.if | 18981 +++++++++++++++++++--------------
policy/modules/kernel/corenetwork.te | 61 +-
2 files changed, 11101 insertions(+), 7941 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index ee210d40..d7473484 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -859,7 +859,7 @@ interface(`corenet_udp_bind_generic_node',`
########################################
## <summary>
-## Bind raw sockets to genric nodes.
+## Bind raw sockets to generic nodes.
## </summary>
## <param name="domain">
## <summary>
@@ -2757,12 +2757,12 @@ interface(`corenet_all_recvfrom_labeled',`
########################################
## <summary>
-## Make the specified type usable
-## for labeled ipsec.
+## Allow specified type to set the context of
+## a SPD entry for labeled ipsec associations.
## </summary>
## <param name="domain">
## <summary>
-## Type to be used for labeled ipsec.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -43917,6 +43917,449 @@ interface(`corenet_relabelto_kismet_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ dontaudit $1 kdeconnect_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ dontaudit $1 kdeconnect_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_kdeconnect_port',`
+ corenet_udp_send_kdeconnect_port($1)
+ corenet_udp_receive_kdeconnect_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_kdeconnect_port',`
+ corenet_dontaudit_udp_send_kdeconnect_port($1)
+ corenet_dontaudit_udp_receive_kdeconnect_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the kdeconnect port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_kdeconnect_port',`
+ gen_require(`
+ type kdeconnect_port_t;
+ ')
+
+ allow $1 kdeconnect_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_kdeconnect_client_packets',`
+ gen_require(`
+ type kdeconnect_client_packet_t;
+ ')
+
+ allow $1 kdeconnect_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_kdeconnect_client_packets',`
+ gen_require(`
+ type kdeconnect_client_packet_t;
+ ')
+
+ dontaudit $1 kdeconnect_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_kdeconnect_client_packets',`
+ gen_require(`
+ type kdeconnect_client_packet_t;
+ ')
+
+ allow $1 kdeconnect_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_kdeconnect_client_packets',`
+ gen_require(`
+ type kdeconnect_client_packet_t;
+ ')
+
+ dontaudit $1 kdeconnect_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_kdeconnect_client_packets',`
+ corenet_send_kdeconnect_client_packets($1)
+ corenet_receive_kdeconnect_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive kdeconnect_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_kdeconnect_client_packets',`
+ corenet_dontaudit_send_kdeconnect_client_packets($1)
+ corenet_dontaudit_receive_kdeconnect_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to kdeconnect_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_kdeconnect_client_packets',`
+ gen_require(`
+ type kdeconnect_client_packet_t;
+ ')
+
+ allow $1 kdeconnect_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_kdeconnect_server_packets',`
+ gen_require(`
+ type kdeconnect_server_packet_t;
+ ')
+
+ allow $1 kdeconnect_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_kdeconnect_server_packets',`
+ gen_require(`
+ type kdeconnect_server_packet_t;
+ ')
+
+ dontaudit $1 kdeconnect_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_kdeconnect_server_packets',`
+ gen_require(`
+ type kdeconnect_server_packet_t;
+ ')
+
+ allow $1 kdeconnect_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_kdeconnect_server_packets',`
+ gen_require(`
+ type kdeconnect_server_packet_t;
+ ')
+
+ dontaudit $1 kdeconnect_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_kdeconnect_server_packets',`
+ corenet_send_kdeconnect_server_packets($1)
+ corenet_receive_kdeconnect_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive kdeconnect_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_kdeconnect_server_packets',`
+ corenet_dontaudit_send_kdeconnect_server_packets($1)
+ corenet_dontaudit_receive_kdeconnect_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to kdeconnect_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_kdeconnect_server_packets',`
+ gen_require(`
+ type kdeconnect_server_packet_t;
+ ')
+
+ allow $1 kdeconnect_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the kprop port.
## </summary>
## <param name="domain">
@@ -46132,6 +46575,449 @@ interface(`corenet_relabelto_lirc_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ dontaudit $1 llmnr_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ dontaudit $1 llmnr_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_llmnr_port',`
+ corenet_udp_send_llmnr_port($1)
+ corenet_udp_receive_llmnr_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_llmnr_port',`
+ corenet_dontaudit_udp_send_llmnr_port($1)
+ corenet_dontaudit_udp_receive_llmnr_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the llmnr port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_llmnr_port',`
+ gen_require(`
+ type llmnr_port_t;
+ ')
+
+ allow $1 llmnr_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_llmnr_client_packets',`
+ gen_require(`
+ type llmnr_client_packet_t;
+ ')
+
+ allow $1 llmnr_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_llmnr_client_packets',`
+ gen_require(`
+ type llmnr_client_packet_t;
+ ')
+
+ dontaudit $1 llmnr_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_llmnr_client_packets',`
+ gen_require(`
+ type llmnr_client_packet_t;
+ ')
+
+ allow $1 llmnr_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_llmnr_client_packets',`
+ gen_require(`
+ type llmnr_client_packet_t;
+ ')
+
+ dontaudit $1 llmnr_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_llmnr_client_packets',`
+ corenet_send_llmnr_client_packets($1)
+ corenet_receive_llmnr_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive llmnr_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_llmnr_client_packets',`
+ corenet_dontaudit_send_llmnr_client_packets($1)
+ corenet_dontaudit_receive_llmnr_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to llmnr_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_llmnr_client_packets',`
+ gen_require(`
+ type llmnr_client_packet_t;
+ ')
+
+ allow $1 llmnr_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_llmnr_server_packets',`
+ gen_require(`
+ type llmnr_server_packet_t;
+ ')
+
+ allow $1 llmnr_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_llmnr_server_packets',`
+ gen_require(`
+ type llmnr_server_packet_t;
+ ')
+
+ dontaudit $1 llmnr_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_llmnr_server_packets',`
+ gen_require(`
+ type llmnr_server_packet_t;
+ ')
+
+ allow $1 llmnr_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_llmnr_server_packets',`
+ gen_require(`
+ type llmnr_server_packet_t;
+ ')
+
+ dontaudit $1 llmnr_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_llmnr_server_packets',`
+ corenet_send_llmnr_server_packets($1)
+ corenet_receive_llmnr_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive llmnr_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_llmnr_server_packets',`
+ corenet_dontaudit_send_llmnr_server_packets($1)
+ corenet_dontaudit_receive_llmnr_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to llmnr_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_llmnr_server_packets',`
+ gen_require(`
+ type llmnr_server_packet_t;
+ ')
+
+ allow $1 llmnr_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the lmtp port.
## </summary>
## <param name="domain">
@@ -49233,7 +50119,7 @@ interface(`corenet_relabelto_mmcc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the monopd port.
+## Send and receive TCP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49242,17 +50128,17 @@ interface(`corenet_relabelto_mmcc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_monopd_port',`
+interface(`corenet_tcp_sendrecv_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mon_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the monopd port.
+## Send UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49261,17 +50147,17 @@ interface(`corenet_tcp_sendrecv_monopd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_monopd_port',`
+interface(`corenet_udp_send_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:udp_socket send_msg;
+ allow $1 mon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the monopd port.
+## Do not audit attempts to send UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49280,17 +50166,17 @@ interface(`corenet_udp_send_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_monopd_port',`
+interface(`corenet_dontaudit_udp_send_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- dontaudit $1 monopd_port_t:udp_socket send_msg;
+ dontaudit $1 mon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the monopd port.
+## Receive UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49299,17 +50185,17 @@ interface(`corenet_dontaudit_udp_send_monopd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_monopd_port',`
+interface(`corenet_udp_receive_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:udp_socket recv_msg;
+ allow $1 mon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the monopd port.
+## Do not audit attempts to receive UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49318,17 +50204,17 @@ interface(`corenet_udp_receive_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_monopd_port',`
+interface(`corenet_dontaudit_udp_receive_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- dontaudit $1 monopd_port_t:udp_socket recv_msg;
+ dontaudit $1 mon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the monopd port.
+## Send and receive UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49337,15 +50223,15 @@ interface(`corenet_dontaudit_udp_receive_monopd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_monopd_port',`
- corenet_udp_send_monopd_port($1)
- corenet_udp_receive_monopd_port($1)
+interface(`corenet_udp_sendrecv_mon_port',`
+ corenet_udp_send_mon_port($1)
+ corenet_udp_receive_mon_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the monopd port.
+## UDP traffic on the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49354,14 +50240,14 @@ interface(`corenet_udp_sendrecv_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
- corenet_dontaudit_udp_send_monopd_port($1)
- corenet_dontaudit_udp_receive_monopd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mon_port',`
+ corenet_dontaudit_udp_send_mon_port($1)
+ corenet_dontaudit_udp_receive_mon_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the monopd port.
+## Bind TCP sockets to the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49370,18 +50256,18 @@ interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_monopd_port',`
+interface(`corenet_tcp_bind_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:tcp_socket name_bind;
+ allow $1 mon_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the monopd port.
+## Bind UDP sockets to the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49390,18 +50276,18 @@ interface(`corenet_tcp_bind_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_monopd_port',`
+interface(`corenet_udp_bind_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:udp_socket name_bind;
+ allow $1 mon_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the monopd port.
+## Make a TCP connection to the mon port.
## </summary>
## <param name="domain">
## <summary>
@@ -49409,18 +50295,18 @@ interface(`corenet_udp_bind_monopd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_monopd_port',`
+interface(`corenet_tcp_connect_mon_port',`
gen_require(`
- type monopd_port_t;
+ type mon_port_t;
')
- allow $1 monopd_port_t:tcp_socket name_connect;
+ allow $1 mon_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send monopd_client packets.
+## Send mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49429,17 +50315,17 @@ interface(`corenet_tcp_connect_monopd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_monopd_client_packets',`
+interface(`corenet_send_mon_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type mon_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet send;
+ allow $1 mon_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send monopd_client packets.
+## Do not audit attempts to send mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49448,17 +50334,17 @@ interface(`corenet_send_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_monopd_client_packets',`
+interface(`corenet_dontaudit_send_mon_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type mon_client_packet_t;
')
- dontaudit $1 monopd_client_packet_t:packet send;
+ dontaudit $1 mon_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive monopd_client packets.
+## Receive mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49467,17 +50353,17 @@ interface(`corenet_dontaudit_send_monopd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_monopd_client_packets',`
+interface(`corenet_receive_mon_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type mon_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet recv;
+ allow $1 mon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive monopd_client packets.
+## Do not audit attempts to receive mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49486,17 +50372,17 @@ interface(`corenet_receive_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_monopd_client_packets',`
+interface(`corenet_dontaudit_receive_mon_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type mon_client_packet_t;
')
- dontaudit $1 monopd_client_packet_t:packet recv;
+ dontaudit $1 mon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive monopd_client packets.
+## Send and receive mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49505,14 +50391,14 @@ interface(`corenet_dontaudit_receive_monopd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_monopd_client_packets',`
- corenet_send_monopd_client_packets($1)
- corenet_receive_monopd_client_packets($1)
+interface(`corenet_sendrecv_mon_client_packets',`
+ corenet_send_mon_client_packets($1)
+ corenet_receive_mon_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive monopd_client packets.
+## Do not audit attempts to send and receive mon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49521,14 +50407,14 @@ interface(`corenet_sendrecv_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
- corenet_dontaudit_send_monopd_client_packets($1)
- corenet_dontaudit_receive_monopd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mon_client_packets',`
+ corenet_dontaudit_send_mon_client_packets($1)
+ corenet_dontaudit_receive_mon_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to monopd_client the packet type.
+## Relabel packets to mon_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49536,18 +50422,18 @@ interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_monopd_client_packets',`
+interface(`corenet_relabelto_mon_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type mon_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet relabelto;
+ allow $1 mon_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send monopd_server packets.
+## Send mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49556,17 +50442,17 @@ interface(`corenet_relabelto_monopd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_monopd_server_packets',`
+interface(`corenet_send_mon_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type mon_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet send;
+ allow $1 mon_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send monopd_server packets.
+## Do not audit attempts to send mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49575,17 +50461,17 @@ interface(`corenet_send_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_monopd_server_packets',`
+interface(`corenet_dontaudit_send_mon_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type mon_server_packet_t;
')
- dontaudit $1 monopd_server_packet_t:packet send;
+ dontaudit $1 mon_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive monopd_server packets.
+## Receive mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49594,17 +50480,17 @@ interface(`corenet_dontaudit_send_monopd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_monopd_server_packets',`
+interface(`corenet_receive_mon_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type mon_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet recv;
+ allow $1 mon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive monopd_server packets.
+## Do not audit attempts to receive mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49613,17 +50499,17 @@ interface(`corenet_receive_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_monopd_server_packets',`
+interface(`corenet_dontaudit_receive_mon_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type mon_server_packet_t;
')
- dontaudit $1 monopd_server_packet_t:packet recv;
+ dontaudit $1 mon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive monopd_server packets.
+## Send and receive mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49632,14 +50518,14 @@ interface(`corenet_dontaudit_receive_monopd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_monopd_server_packets',`
- corenet_send_monopd_server_packets($1)
- corenet_receive_monopd_server_packets($1)
+interface(`corenet_sendrecv_mon_server_packets',`
+ corenet_send_mon_server_packets($1)
+ corenet_receive_mon_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive monopd_server packets.
+## Do not audit attempts to send and receive mon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49648,14 +50534,14 @@ interface(`corenet_sendrecv_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
- corenet_dontaudit_send_monopd_server_packets($1)
- corenet_dontaudit_receive_monopd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mon_server_packets',`
+ corenet_dontaudit_send_mon_server_packets($1)
+ corenet_dontaudit_receive_mon_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to monopd_server the packet type.
+## Relabel packets to mon_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49663,12 +50549,12 @@ interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_monopd_server_packets',`
+interface(`corenet_relabelto_mon_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type mon_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet relabelto;
+ allow $1 mon_server_packet_t:packet relabelto;
')
@@ -49676,7 +50562,7 @@ interface(`corenet_relabelto_monopd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mountd port.
+## Send and receive TCP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49685,17 +50571,17 @@ interface(`corenet_relabelto_monopd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mountd_port',`
+interface(`corenet_tcp_sendrecv_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 monit_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mountd port.
+## Send UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49704,17 +50590,17 @@ interface(`corenet_tcp_sendrecv_mountd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mountd_port',`
+interface(`corenet_udp_send_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:udp_socket send_msg;
+ allow $1 monit_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mountd port.
+## Do not audit attempts to send UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49723,17 +50609,17 @@ interface(`corenet_udp_send_mountd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mountd_port',`
+interface(`corenet_dontaudit_udp_send_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- dontaudit $1 mountd_port_t:udp_socket send_msg;
+ dontaudit $1 monit_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mountd port.
+## Receive UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49742,17 +50628,17 @@ interface(`corenet_dontaudit_udp_send_mountd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mountd_port',`
+interface(`corenet_udp_receive_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:udp_socket recv_msg;
+ allow $1 monit_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mountd port.
+## Do not audit attempts to receive UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49761,17 +50647,17 @@ interface(`corenet_udp_receive_mountd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mountd_port',`
+interface(`corenet_dontaudit_udp_receive_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- dontaudit $1 mountd_port_t:udp_socket recv_msg;
+ dontaudit $1 monit_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mountd port.
+## Send and receive UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49780,15 +50666,15 @@ interface(`corenet_dontaudit_udp_receive_mountd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mountd_port',`
- corenet_udp_send_mountd_port($1)
- corenet_udp_receive_mountd_port($1)
+interface(`corenet_udp_sendrecv_monit_port',`
+ corenet_udp_send_monit_port($1)
+ corenet_udp_receive_monit_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mountd port.
+## UDP traffic on the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49797,14 +50683,14 @@ interface(`corenet_udp_sendrecv_mountd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mountd_port',`
- corenet_dontaudit_udp_send_mountd_port($1)
- corenet_dontaudit_udp_receive_mountd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_monit_port',`
+ corenet_dontaudit_udp_send_monit_port($1)
+ corenet_dontaudit_udp_receive_monit_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mountd port.
+## Bind TCP sockets to the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49813,18 +50699,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mountd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mountd_port',`
+interface(`corenet_tcp_bind_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:tcp_socket name_bind;
+ allow $1 monit_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mountd port.
+## Bind UDP sockets to the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49833,18 +50719,18 @@ interface(`corenet_tcp_bind_mountd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mountd_port',`
+interface(`corenet_udp_bind_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:udp_socket name_bind;
+ allow $1 monit_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mountd port.
+## Make a TCP connection to the monit port.
## </summary>
## <param name="domain">
## <summary>
@@ -49852,18 +50738,18 @@ interface(`corenet_udp_bind_mountd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mountd_port',`
+interface(`corenet_tcp_connect_monit_port',`
gen_require(`
- type mountd_port_t;
+ type monit_port_t;
')
- allow $1 mountd_port_t:tcp_socket name_connect;
+ allow $1 monit_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mountd_client packets.
+## Send monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49872,17 +50758,17 @@ interface(`corenet_tcp_connect_mountd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mountd_client_packets',`
+interface(`corenet_send_monit_client_packets',`
gen_require(`
- type mountd_client_packet_t;
+ type monit_client_packet_t;
')
- allow $1 mountd_client_packet_t:packet send;
+ allow $1 monit_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mountd_client packets.
+## Do not audit attempts to send monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49891,17 +50777,17 @@ interface(`corenet_send_mountd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mountd_client_packets',`
+interface(`corenet_dontaudit_send_monit_client_packets',`
gen_require(`
- type mountd_client_packet_t;
+ type monit_client_packet_t;
')
- dontaudit $1 mountd_client_packet_t:packet send;
+ dontaudit $1 monit_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mountd_client packets.
+## Receive monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49910,17 +50796,17 @@ interface(`corenet_dontaudit_send_mountd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mountd_client_packets',`
+interface(`corenet_receive_monit_client_packets',`
gen_require(`
- type mountd_client_packet_t;
+ type monit_client_packet_t;
')
- allow $1 mountd_client_packet_t:packet recv;
+ allow $1 monit_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mountd_client packets.
+## Do not audit attempts to receive monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49929,17 +50815,17 @@ interface(`corenet_receive_mountd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mountd_client_packets',`
+interface(`corenet_dontaudit_receive_monit_client_packets',`
gen_require(`
- type mountd_client_packet_t;
+ type monit_client_packet_t;
')
- dontaudit $1 mountd_client_packet_t:packet recv;
+ dontaudit $1 monit_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mountd_client packets.
+## Send and receive monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49948,14 +50834,14 @@ interface(`corenet_dontaudit_receive_mountd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mountd_client_packets',`
- corenet_send_mountd_client_packets($1)
- corenet_receive_mountd_client_packets($1)
+interface(`corenet_sendrecv_monit_client_packets',`
+ corenet_send_monit_client_packets($1)
+ corenet_receive_monit_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mountd_client packets.
+## Do not audit attempts to send and receive monit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49964,14 +50850,14 @@ interface(`corenet_sendrecv_mountd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mountd_client_packets',`
- corenet_dontaudit_send_mountd_client_packets($1)
- corenet_dontaudit_receive_mountd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_monit_client_packets',`
+ corenet_dontaudit_send_monit_client_packets($1)
+ corenet_dontaudit_receive_monit_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mountd_client the packet type.
+## Relabel packets to monit_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49979,18 +50865,18 @@ interface(`corenet_dontaudit_sendrecv_mountd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mountd_client_packets',`
+interface(`corenet_relabelto_monit_client_packets',`
gen_require(`
- type mountd_client_packet_t;
+ type monit_client_packet_t;
')
- allow $1 mountd_client_packet_t:packet relabelto;
+ allow $1 monit_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mountd_server packets.
+## Send monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49999,17 +50885,17 @@ interface(`corenet_relabelto_mountd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mountd_server_packets',`
+interface(`corenet_send_monit_server_packets',`
gen_require(`
- type mountd_server_packet_t;
+ type monit_server_packet_t;
')
- allow $1 mountd_server_packet_t:packet send;
+ allow $1 monit_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mountd_server packets.
+## Do not audit attempts to send monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50018,17 +50904,17 @@ interface(`corenet_send_mountd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mountd_server_packets',`
+interface(`corenet_dontaudit_send_monit_server_packets',`
gen_require(`
- type mountd_server_packet_t;
+ type monit_server_packet_t;
')
- dontaudit $1 mountd_server_packet_t:packet send;
+ dontaudit $1 monit_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mountd_server packets.
+## Receive monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50037,17 +50923,17 @@ interface(`corenet_dontaudit_send_mountd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mountd_server_packets',`
+interface(`corenet_receive_monit_server_packets',`
gen_require(`
- type mountd_server_packet_t;
+ type monit_server_packet_t;
')
- allow $1 mountd_server_packet_t:packet recv;
+ allow $1 monit_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mountd_server packets.
+## Do not audit attempts to receive monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50056,17 +50942,17 @@ interface(`corenet_receive_mountd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mountd_server_packets',`
+interface(`corenet_dontaudit_receive_monit_server_packets',`
gen_require(`
- type mountd_server_packet_t;
+ type monit_server_packet_t;
')
- dontaudit $1 mountd_server_packet_t:packet recv;
+ dontaudit $1 monit_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mountd_server packets.
+## Send and receive monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50075,14 +50961,14 @@ interface(`corenet_dontaudit_receive_mountd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mountd_server_packets',`
- corenet_send_mountd_server_packets($1)
- corenet_receive_mountd_server_packets($1)
+interface(`corenet_sendrecv_monit_server_packets',`
+ corenet_send_monit_server_packets($1)
+ corenet_receive_monit_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mountd_server packets.
+## Do not audit attempts to send and receive monit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50091,14 +50977,14 @@ interface(`corenet_sendrecv_mountd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mountd_server_packets',`
- corenet_dontaudit_send_mountd_server_packets($1)
- corenet_dontaudit_receive_mountd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_monit_server_packets',`
+ corenet_dontaudit_send_monit_server_packets($1)
+ corenet_dontaudit_receive_monit_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mountd_server the packet type.
+## Relabel packets to monit_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50106,12 +50992,12 @@ interface(`corenet_dontaudit_sendrecv_mountd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mountd_server_packets',`
+interface(`corenet_relabelto_monit_server_packets',`
gen_require(`
- type mountd_server_packet_t;
+ type monit_server_packet_t;
')
- allow $1 mountd_server_packet_t:packet relabelto;
+ allow $1 monit_server_packet_t:packet relabelto;
')
@@ -50119,7 +51005,7 @@ interface(`corenet_relabelto_mountd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the movaz_ssc port.
+## Send and receive TCP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50128,17 +51014,17 @@ interface(`corenet_relabelto_mountd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_movaz_ssc_port',`
+interface(`corenet_tcp_sendrecv_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 monopd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the movaz_ssc port.
+## Send UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50147,17 +51033,17 @@ interface(`corenet_tcp_sendrecv_movaz_ssc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_movaz_ssc_port',`
+interface(`corenet_udp_send_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:udp_socket send_msg;
+ allow $1 monopd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the movaz_ssc port.
+## Do not audit attempts to send UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50166,17 +51052,17 @@ interface(`corenet_udp_send_movaz_ssc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_movaz_ssc_port',`
+interface(`corenet_dontaudit_udp_send_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- dontaudit $1 movaz_ssc_port_t:udp_socket send_msg;
+ dontaudit $1 monopd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the movaz_ssc port.
+## Receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50185,17 +51071,17 @@ interface(`corenet_dontaudit_udp_send_movaz_ssc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_movaz_ssc_port',`
+interface(`corenet_udp_receive_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:udp_socket recv_msg;
+ allow $1 monopd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the movaz_ssc port.
+## Do not audit attempts to receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50204,17 +51090,17 @@ interface(`corenet_udp_receive_movaz_ssc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_movaz_ssc_port',`
+interface(`corenet_dontaudit_udp_receive_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- dontaudit $1 movaz_ssc_port_t:udp_socket recv_msg;
+ dontaudit $1 monopd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the movaz_ssc port.
+## Send and receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50223,15 +51109,15 @@ interface(`corenet_dontaudit_udp_receive_movaz_ssc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_movaz_ssc_port',`
- corenet_udp_send_movaz_ssc_port($1)
- corenet_udp_receive_movaz_ssc_port($1)
+interface(`corenet_udp_sendrecv_monopd_port',`
+ corenet_udp_send_monopd_port($1)
+ corenet_udp_receive_monopd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the movaz_ssc port.
+## UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50240,14 +51126,14 @@ interface(`corenet_udp_sendrecv_movaz_ssc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_movaz_ssc_port',`
- corenet_dontaudit_udp_send_movaz_ssc_port($1)
- corenet_dontaudit_udp_receive_movaz_ssc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
+ corenet_dontaudit_udp_send_monopd_port($1)
+ corenet_dontaudit_udp_receive_monopd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the movaz_ssc port.
+## Bind TCP sockets to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50256,18 +51142,18 @@ interface(`corenet_dontaudit_udp_sendrecv_movaz_ssc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_movaz_ssc_port',`
+interface(`corenet_tcp_bind_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:tcp_socket name_bind;
+ allow $1 monopd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the movaz_ssc port.
+## Bind UDP sockets to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50276,18 +51162,18 @@ interface(`corenet_tcp_bind_movaz_ssc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_movaz_ssc_port',`
+interface(`corenet_udp_bind_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:udp_socket name_bind;
+ allow $1 monopd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the movaz_ssc port.
+## Make a TCP connection to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50295,18 +51181,18 @@ interface(`corenet_udp_bind_movaz_ssc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_movaz_ssc_port',`
+interface(`corenet_tcp_connect_monopd_port',`
gen_require(`
- type movaz_ssc_port_t;
+ type monopd_port_t;
')
- allow $1 movaz_ssc_port_t:tcp_socket name_connect;
+ allow $1 monopd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send movaz_ssc_client packets.
+## Send monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50315,17 +51201,17 @@ interface(`corenet_tcp_connect_movaz_ssc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_movaz_ssc_client_packets',`
+interface(`corenet_send_monopd_client_packets',`
gen_require(`
- type movaz_ssc_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 movaz_ssc_client_packet_t:packet send;
+ allow $1 monopd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send movaz_ssc_client packets.
+## Do not audit attempts to send monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50334,17 +51220,17 @@ interface(`corenet_send_movaz_ssc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_movaz_ssc_client_packets',`
+interface(`corenet_dontaudit_send_monopd_client_packets',`
gen_require(`
- type movaz_ssc_client_packet_t;
+ type monopd_client_packet_t;
')
- dontaudit $1 movaz_ssc_client_packet_t:packet send;
+ dontaudit $1 monopd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive movaz_ssc_client packets.
+## Receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50353,17 +51239,17 @@ interface(`corenet_dontaudit_send_movaz_ssc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_movaz_ssc_client_packets',`
+interface(`corenet_receive_monopd_client_packets',`
gen_require(`
- type movaz_ssc_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 movaz_ssc_client_packet_t:packet recv;
+ allow $1 monopd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive movaz_ssc_client packets.
+## Do not audit attempts to receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50372,17 +51258,17 @@ interface(`corenet_receive_movaz_ssc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_movaz_ssc_client_packets',`
+interface(`corenet_dontaudit_receive_monopd_client_packets',`
gen_require(`
- type movaz_ssc_client_packet_t;
+ type monopd_client_packet_t;
')
- dontaudit $1 movaz_ssc_client_packet_t:packet recv;
+ dontaudit $1 monopd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive movaz_ssc_client packets.
+## Send and receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50391,14 +51277,14 @@ interface(`corenet_dontaudit_receive_movaz_ssc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_movaz_ssc_client_packets',`
- corenet_send_movaz_ssc_client_packets($1)
- corenet_receive_movaz_ssc_client_packets($1)
+interface(`corenet_sendrecv_monopd_client_packets',`
+ corenet_send_monopd_client_packets($1)
+ corenet_receive_monopd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive movaz_ssc_client packets.
+## Do not audit attempts to send and receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50407,14 +51293,14 @@ interface(`corenet_sendrecv_movaz_ssc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_movaz_ssc_client_packets',`
- corenet_dontaudit_send_movaz_ssc_client_packets($1)
- corenet_dontaudit_receive_movaz_ssc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
+ corenet_dontaudit_send_monopd_client_packets($1)
+ corenet_dontaudit_receive_monopd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to movaz_ssc_client the packet type.
+## Relabel packets to monopd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50422,18 +51308,18 @@ interface(`corenet_dontaudit_sendrecv_movaz_ssc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_movaz_ssc_client_packets',`
+interface(`corenet_relabelto_monopd_client_packets',`
gen_require(`
- type movaz_ssc_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 movaz_ssc_client_packet_t:packet relabelto;
+ allow $1 monopd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send movaz_ssc_server packets.
+## Send monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50442,17 +51328,17 @@ interface(`corenet_relabelto_movaz_ssc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_movaz_ssc_server_packets',`
+interface(`corenet_send_monopd_server_packets',`
gen_require(`
- type movaz_ssc_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 movaz_ssc_server_packet_t:packet send;
+ allow $1 monopd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send movaz_ssc_server packets.
+## Do not audit attempts to send monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50461,17 +51347,17 @@ interface(`corenet_send_movaz_ssc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_movaz_ssc_server_packets',`
+interface(`corenet_dontaudit_send_monopd_server_packets',`
gen_require(`
- type movaz_ssc_server_packet_t;
+ type monopd_server_packet_t;
')
- dontaudit $1 movaz_ssc_server_packet_t:packet send;
+ dontaudit $1 monopd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive movaz_ssc_server packets.
+## Receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50480,17 +51366,17 @@ interface(`corenet_dontaudit_send_movaz_ssc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_movaz_ssc_server_packets',`
+interface(`corenet_receive_monopd_server_packets',`
gen_require(`
- type movaz_ssc_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 movaz_ssc_server_packet_t:packet recv;
+ allow $1 monopd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive movaz_ssc_server packets.
+## Do not audit attempts to receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50499,17 +51385,17 @@ interface(`corenet_receive_movaz_ssc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_movaz_ssc_server_packets',`
+interface(`corenet_dontaudit_receive_monopd_server_packets',`
gen_require(`
- type movaz_ssc_server_packet_t;
+ type monopd_server_packet_t;
')
- dontaudit $1 movaz_ssc_server_packet_t:packet recv;
+ dontaudit $1 monopd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive movaz_ssc_server packets.
+## Send and receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50518,14 +51404,14 @@ interface(`corenet_dontaudit_receive_movaz_ssc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_movaz_ssc_server_packets',`
- corenet_send_movaz_ssc_server_packets($1)
- corenet_receive_movaz_ssc_server_packets($1)
+interface(`corenet_sendrecv_monopd_server_packets',`
+ corenet_send_monopd_server_packets($1)
+ corenet_receive_monopd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive movaz_ssc_server packets.
+## Do not audit attempts to send and receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50534,14 +51420,14 @@ interface(`corenet_sendrecv_movaz_ssc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_movaz_ssc_server_packets',`
- corenet_dontaudit_send_movaz_ssc_server_packets($1)
- corenet_dontaudit_receive_movaz_ssc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
+ corenet_dontaudit_send_monopd_server_packets($1)
+ corenet_dontaudit_receive_monopd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to movaz_ssc_server the packet type.
+## Relabel packets to monopd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50549,12 +51435,12 @@ interface(`corenet_dontaudit_sendrecv_movaz_ssc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_movaz_ssc_server_packets',`
+interface(`corenet_relabelto_monopd_server_packets',`
gen_require(`
- type movaz_ssc_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 movaz_ssc_server_packet_t:packet relabelto;
+ allow $1 monopd_server_packet_t:packet relabelto;
')
@@ -50562,7 +51448,7 @@ interface(`corenet_relabelto_movaz_ssc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mpd port.
+## Send and receive TCP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50571,17 +51457,17 @@ interface(`corenet_relabelto_movaz_ssc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mpd_port',`
+interface(`corenet_tcp_sendrecv_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mountd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mpd port.
+## Send UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50590,17 +51476,17 @@ interface(`corenet_tcp_sendrecv_mpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mpd_port',`
+interface(`corenet_udp_send_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:udp_socket send_msg;
+ allow $1 mountd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mpd port.
+## Do not audit attempts to send UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50609,17 +51495,17 @@ interface(`corenet_udp_send_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mpd_port',`
+interface(`corenet_dontaudit_udp_send_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- dontaudit $1 mpd_port_t:udp_socket send_msg;
+ dontaudit $1 mountd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mpd port.
+## Receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50628,17 +51514,17 @@ interface(`corenet_dontaudit_udp_send_mpd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mpd_port',`
+interface(`corenet_udp_receive_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:udp_socket recv_msg;
+ allow $1 mountd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mpd port.
+## Do not audit attempts to receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50647,17 +51533,17 @@ interface(`corenet_udp_receive_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mpd_port',`
+interface(`corenet_dontaudit_udp_receive_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- dontaudit $1 mpd_port_t:udp_socket recv_msg;
+ dontaudit $1 mountd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mpd port.
+## Send and receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50666,15 +51552,15 @@ interface(`corenet_dontaudit_udp_receive_mpd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mpd_port',`
- corenet_udp_send_mpd_port($1)
- corenet_udp_receive_mpd_port($1)
+interface(`corenet_udp_sendrecv_mountd_port',`
+ corenet_udp_send_mountd_port($1)
+ corenet_udp_receive_mountd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mpd port.
+## UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50683,14 +51569,14 @@ interface(`corenet_udp_sendrecv_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
- corenet_dontaudit_udp_send_mpd_port($1)
- corenet_dontaudit_udp_receive_mpd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mountd_port',`
+ corenet_dontaudit_udp_send_mountd_port($1)
+ corenet_dontaudit_udp_receive_mountd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mpd port.
+## Bind TCP sockets to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50699,18 +51585,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mpd_port',`
+interface(`corenet_tcp_bind_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:tcp_socket name_bind;
+ allow $1 mountd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mpd port.
+## Bind UDP sockets to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50719,18 +51605,18 @@ interface(`corenet_tcp_bind_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mpd_port',`
+interface(`corenet_udp_bind_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:udp_socket name_bind;
+ allow $1 mountd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mpd port.
+## Make a TCP connection to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -50738,18 +51624,18 @@ interface(`corenet_udp_bind_mpd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mpd_port',`
+interface(`corenet_tcp_connect_mountd_port',`
gen_require(`
- type mpd_port_t;
+ type mountd_port_t;
')
- allow $1 mpd_port_t:tcp_socket name_connect;
+ allow $1 mountd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mpd_client packets.
+## Send mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50758,17 +51644,17 @@ interface(`corenet_tcp_connect_mpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mpd_client_packets',`
+interface(`corenet_send_mountd_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet send;
+ allow $1 mountd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mpd_client packets.
+## Do not audit attempts to send mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50777,17 +51663,17 @@ interface(`corenet_send_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mpd_client_packets',`
+interface(`corenet_dontaudit_send_mountd_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type mountd_client_packet_t;
')
- dontaudit $1 mpd_client_packet_t:packet send;
+ dontaudit $1 mountd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mpd_client packets.
+## Receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50796,17 +51682,17 @@ interface(`corenet_dontaudit_send_mpd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mpd_client_packets',`
+interface(`corenet_receive_mountd_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet recv;
+ allow $1 mountd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mpd_client packets.
+## Do not audit attempts to receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50815,17 +51701,17 @@ interface(`corenet_receive_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mpd_client_packets',`
+interface(`corenet_dontaudit_receive_mountd_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type mountd_client_packet_t;
')
- dontaudit $1 mpd_client_packet_t:packet recv;
+ dontaudit $1 mountd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mpd_client packets.
+## Send and receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50834,14 +51720,14 @@ interface(`corenet_dontaudit_receive_mpd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mpd_client_packets',`
- corenet_send_mpd_client_packets($1)
- corenet_receive_mpd_client_packets($1)
+interface(`corenet_sendrecv_mountd_client_packets',`
+ corenet_send_mountd_client_packets($1)
+ corenet_receive_mountd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mpd_client packets.
+## Do not audit attempts to send and receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50850,14 +51736,14 @@ interface(`corenet_sendrecv_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
- corenet_dontaudit_send_mpd_client_packets($1)
- corenet_dontaudit_receive_mpd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mountd_client_packets',`
+ corenet_dontaudit_send_mountd_client_packets($1)
+ corenet_dontaudit_receive_mountd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mpd_client the packet type.
+## Relabel packets to mountd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50865,18 +51751,18 @@ interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mpd_client_packets',`
+interface(`corenet_relabelto_mountd_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet relabelto;
+ allow $1 mountd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mpd_server packets.
+## Send mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50885,17 +51771,17 @@ interface(`corenet_relabelto_mpd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mpd_server_packets',`
+interface(`corenet_send_mountd_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet send;
+ allow $1 mountd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mpd_server packets.
+## Do not audit attempts to send mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50904,17 +51790,17 @@ interface(`corenet_send_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mpd_server_packets',`
+interface(`corenet_dontaudit_send_mountd_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type mountd_server_packet_t;
')
- dontaudit $1 mpd_server_packet_t:packet send;
+ dontaudit $1 mountd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mpd_server packets.
+## Receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50923,17 +51809,17 @@ interface(`corenet_dontaudit_send_mpd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mpd_server_packets',`
+interface(`corenet_receive_mountd_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet recv;
+ allow $1 mountd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mpd_server packets.
+## Do not audit attempts to receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50942,17 +51828,17 @@ interface(`corenet_receive_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mpd_server_packets',`
+interface(`corenet_dontaudit_receive_mountd_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type mountd_server_packet_t;
')
- dontaudit $1 mpd_server_packet_t:packet recv;
+ dontaudit $1 mountd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mpd_server packets.
+## Send and receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50961,14 +51847,14 @@ interface(`corenet_dontaudit_receive_mpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mpd_server_packets',`
- corenet_send_mpd_server_packets($1)
- corenet_receive_mpd_server_packets($1)
+interface(`corenet_sendrecv_mountd_server_packets',`
+ corenet_send_mountd_server_packets($1)
+ corenet_receive_mountd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mpd_server packets.
+## Do not audit attempts to send and receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50977,14 +51863,14 @@ interface(`corenet_sendrecv_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
- corenet_dontaudit_send_mpd_server_packets($1)
- corenet_dontaudit_receive_mpd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mountd_server_packets',`
+ corenet_dontaudit_send_mountd_server_packets($1)
+ corenet_dontaudit_receive_mountd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mpd_server the packet type.
+## Relabel packets to mountd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50992,12 +51878,12 @@ interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mpd_server_packets',`
+interface(`corenet_relabelto_mountd_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet relabelto;
+ allow $1 mountd_server_packet_t:packet relabelto;
')
@@ -51005,7 +51891,7 @@ interface(`corenet_relabelto_mpd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the msgsrvr port.
+## Send and receive TCP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51014,17 +51900,17 @@ interface(`corenet_relabelto_mpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_msgsrvr_port',`
+interface(`corenet_tcp_sendrecv_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 movaz_ssc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the msgsrvr port.
+## Send UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51033,17 +51919,17 @@ interface(`corenet_tcp_sendrecv_msgsrvr_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_msgsrvr_port',`
+interface(`corenet_udp_send_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:udp_socket send_msg;
+ allow $1 movaz_ssc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the msgsrvr port.
+## Do not audit attempts to send UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51052,17 +51938,17 @@ interface(`corenet_udp_send_msgsrvr_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_msgsrvr_port',`
+interface(`corenet_dontaudit_udp_send_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- dontaudit $1 msgsrvr_port_t:udp_socket send_msg;
+ dontaudit $1 movaz_ssc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the msgsrvr port.
+## Receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51071,17 +51957,17 @@ interface(`corenet_dontaudit_udp_send_msgsrvr_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_msgsrvr_port',`
+interface(`corenet_udp_receive_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:udp_socket recv_msg;
+ allow $1 movaz_ssc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the msgsrvr port.
+## Do not audit attempts to receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51090,17 +51976,17 @@ interface(`corenet_udp_receive_msgsrvr_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_msgsrvr_port',`
+interface(`corenet_dontaudit_udp_receive_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- dontaudit $1 msgsrvr_port_t:udp_socket recv_msg;
+ dontaudit $1 movaz_ssc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the msgsrvr port.
+## Send and receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51109,15 +51995,15 @@ interface(`corenet_dontaudit_udp_receive_msgsrvr_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_msgsrvr_port',`
- corenet_udp_send_msgsrvr_port($1)
- corenet_udp_receive_msgsrvr_port($1)
+interface(`corenet_udp_sendrecv_movaz_ssc_port',`
+ corenet_udp_send_movaz_ssc_port($1)
+ corenet_udp_receive_movaz_ssc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the msgsrvr port.
+## UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51126,14 +52012,14 @@ interface(`corenet_udp_sendrecv_msgsrvr_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_msgsrvr_port',`
- corenet_dontaudit_udp_send_msgsrvr_port($1)
- corenet_dontaudit_udp_receive_msgsrvr_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_movaz_ssc_port',`
+ corenet_dontaudit_udp_send_movaz_ssc_port($1)
+ corenet_dontaudit_udp_receive_movaz_ssc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the msgsrvr port.
+## Bind TCP sockets to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51142,18 +52028,18 @@ interface(`corenet_dontaudit_udp_sendrecv_msgsrvr_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_msgsrvr_port',`
+interface(`corenet_tcp_bind_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:tcp_socket name_bind;
+ allow $1 movaz_ssc_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the msgsrvr port.
+## Bind UDP sockets to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51162,18 +52048,18 @@ interface(`corenet_tcp_bind_msgsrvr_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_msgsrvr_port',`
+interface(`corenet_udp_bind_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:udp_socket name_bind;
+ allow $1 movaz_ssc_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the msgsrvr port.
+## Make a TCP connection to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -51181,18 +52067,18 @@ interface(`corenet_udp_bind_msgsrvr_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_msgsrvr_port',`
+interface(`corenet_tcp_connect_movaz_ssc_port',`
gen_require(`
- type msgsrvr_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 msgsrvr_port_t:tcp_socket name_connect;
+ allow $1 movaz_ssc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send msgsrvr_client packets.
+## Send movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51201,17 +52087,17 @@ interface(`corenet_tcp_connect_msgsrvr_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msgsrvr_client_packets',`
+interface(`corenet_send_movaz_ssc_client_packets',`
gen_require(`
- type msgsrvr_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 msgsrvr_client_packet_t:packet send;
+ allow $1 movaz_ssc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msgsrvr_client packets.
+## Do not audit attempts to send movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51220,17 +52106,17 @@ interface(`corenet_send_msgsrvr_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msgsrvr_client_packets',`
+interface(`corenet_dontaudit_send_movaz_ssc_client_packets',`
gen_require(`
- type msgsrvr_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- dontaudit $1 msgsrvr_client_packet_t:packet send;
+ dontaudit $1 movaz_ssc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive msgsrvr_client packets.
+## Receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51239,17 +52125,17 @@ interface(`corenet_dontaudit_send_msgsrvr_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msgsrvr_client_packets',`
+interface(`corenet_receive_movaz_ssc_client_packets',`
gen_require(`
- type msgsrvr_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 msgsrvr_client_packet_t:packet recv;
+ allow $1 movaz_ssc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msgsrvr_client packets.
+## Do not audit attempts to receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51258,17 +52144,17 @@ interface(`corenet_receive_msgsrvr_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msgsrvr_client_packets',`
+interface(`corenet_dontaudit_receive_movaz_ssc_client_packets',`
gen_require(`
- type msgsrvr_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- dontaudit $1 msgsrvr_client_packet_t:packet recv;
+ dontaudit $1 movaz_ssc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msgsrvr_client packets.
+## Send and receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51277,14 +52163,14 @@ interface(`corenet_dontaudit_receive_msgsrvr_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msgsrvr_client_packets',`
- corenet_send_msgsrvr_client_packets($1)
- corenet_receive_msgsrvr_client_packets($1)
+interface(`corenet_sendrecv_movaz_ssc_client_packets',`
+ corenet_send_movaz_ssc_client_packets($1)
+ corenet_receive_movaz_ssc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msgsrvr_client packets.
+## Do not audit attempts to send and receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51293,14 +52179,14 @@ interface(`corenet_sendrecv_msgsrvr_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msgsrvr_client_packets',`
- corenet_dontaudit_send_msgsrvr_client_packets($1)
- corenet_dontaudit_receive_msgsrvr_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_movaz_ssc_client_packets',`
+ corenet_dontaudit_send_movaz_ssc_client_packets($1)
+ corenet_dontaudit_receive_movaz_ssc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to msgsrvr_client the packet type.
+## Relabel packets to movaz_ssc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51308,18 +52194,18 @@ interface(`corenet_dontaudit_sendrecv_msgsrvr_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msgsrvr_client_packets',`
+interface(`corenet_relabelto_movaz_ssc_client_packets',`
gen_require(`
- type msgsrvr_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 msgsrvr_client_packet_t:packet relabelto;
+ allow $1 movaz_ssc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send msgsrvr_server packets.
+## Send movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51328,17 +52214,17 @@ interface(`corenet_relabelto_msgsrvr_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msgsrvr_server_packets',`
+interface(`corenet_send_movaz_ssc_server_packets',`
gen_require(`
- type msgsrvr_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 msgsrvr_server_packet_t:packet send;
+ allow $1 movaz_ssc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msgsrvr_server packets.
+## Do not audit attempts to send movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51347,17 +52233,17 @@ interface(`corenet_send_msgsrvr_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msgsrvr_server_packets',`
+interface(`corenet_dontaudit_send_movaz_ssc_server_packets',`
gen_require(`
- type msgsrvr_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- dontaudit $1 msgsrvr_server_packet_t:packet send;
+ dontaudit $1 movaz_ssc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive msgsrvr_server packets.
+## Receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51366,17 +52252,17 @@ interface(`corenet_dontaudit_send_msgsrvr_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msgsrvr_server_packets',`
+interface(`corenet_receive_movaz_ssc_server_packets',`
gen_require(`
- type msgsrvr_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 msgsrvr_server_packet_t:packet recv;
+ allow $1 movaz_ssc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msgsrvr_server packets.
+## Do not audit attempts to receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51385,17 +52271,17 @@ interface(`corenet_receive_msgsrvr_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msgsrvr_server_packets',`
+interface(`corenet_dontaudit_receive_movaz_ssc_server_packets',`
gen_require(`
- type msgsrvr_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- dontaudit $1 msgsrvr_server_packet_t:packet recv;
+ dontaudit $1 movaz_ssc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msgsrvr_server packets.
+## Send and receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51404,14 +52290,14 @@ interface(`corenet_dontaudit_receive_msgsrvr_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msgsrvr_server_packets',`
- corenet_send_msgsrvr_server_packets($1)
- corenet_receive_msgsrvr_server_packets($1)
+interface(`corenet_sendrecv_movaz_ssc_server_packets',`
+ corenet_send_movaz_ssc_server_packets($1)
+ corenet_receive_movaz_ssc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msgsrvr_server packets.
+## Do not audit attempts to send and receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51420,14 +52306,14 @@ interface(`corenet_sendrecv_msgsrvr_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msgsrvr_server_packets',`
- corenet_dontaudit_send_msgsrvr_server_packets($1)
- corenet_dontaudit_receive_msgsrvr_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_movaz_ssc_server_packets',`
+ corenet_dontaudit_send_movaz_ssc_server_packets($1)
+ corenet_dontaudit_receive_movaz_ssc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to msgsrvr_server the packet type.
+## Relabel packets to movaz_ssc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51435,12 +52321,12 @@ interface(`corenet_dontaudit_sendrecv_msgsrvr_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msgsrvr_server_packets',`
+interface(`corenet_relabelto_movaz_ssc_server_packets',`
gen_require(`
- type msgsrvr_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 msgsrvr_server_packet_t:packet relabelto;
+ allow $1 movaz_ssc_server_packet_t:packet relabelto;
')
@@ -51448,7 +52334,7 @@ interface(`corenet_relabelto_msgsrvr_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the msnp port.
+## Send and receive TCP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51457,17 +52343,17 @@ interface(`corenet_relabelto_msgsrvr_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_msnp_port',`
+interface(`corenet_tcp_sendrecv_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mpd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the msnp port.
+## Send UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51476,17 +52362,17 @@ interface(`corenet_tcp_sendrecv_msnp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_msnp_port',`
+interface(`corenet_udp_send_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:udp_socket send_msg;
+ allow $1 mpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the msnp port.
+## Do not audit attempts to send UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51495,17 +52381,17 @@ interface(`corenet_udp_send_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_msnp_port',`
+interface(`corenet_dontaudit_udp_send_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- dontaudit $1 msnp_port_t:udp_socket send_msg;
+ dontaudit $1 mpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the msnp port.
+## Receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51514,17 +52400,17 @@ interface(`corenet_dontaudit_udp_send_msnp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_msnp_port',`
+interface(`corenet_udp_receive_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:udp_socket recv_msg;
+ allow $1 mpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the msnp port.
+## Do not audit attempts to receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51533,17 +52419,17 @@ interface(`corenet_udp_receive_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_msnp_port',`
+interface(`corenet_dontaudit_udp_receive_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- dontaudit $1 msnp_port_t:udp_socket recv_msg;
+ dontaudit $1 mpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the msnp port.
+## Send and receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51552,15 +52438,15 @@ interface(`corenet_dontaudit_udp_receive_msnp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_msnp_port',`
- corenet_udp_send_msnp_port($1)
- corenet_udp_receive_msnp_port($1)
+interface(`corenet_udp_sendrecv_mpd_port',`
+ corenet_udp_send_mpd_port($1)
+ corenet_udp_receive_mpd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the msnp port.
+## UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51569,14 +52455,14 @@ interface(`corenet_udp_sendrecv_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
- corenet_dontaudit_udp_send_msnp_port($1)
- corenet_dontaudit_udp_receive_msnp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
+ corenet_dontaudit_udp_send_mpd_port($1)
+ corenet_dontaudit_udp_receive_mpd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the msnp port.
+## Bind TCP sockets to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51585,18 +52471,18 @@ interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_msnp_port',`
+interface(`corenet_tcp_bind_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:tcp_socket name_bind;
+ allow $1 mpd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the msnp port.
+## Bind UDP sockets to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51605,18 +52491,18 @@ interface(`corenet_tcp_bind_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_msnp_port',`
+interface(`corenet_udp_bind_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:udp_socket name_bind;
+ allow $1 mpd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the msnp port.
+## Make a TCP connection to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51624,18 +52510,18 @@ interface(`corenet_udp_bind_msnp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_msnp_port',`
+interface(`corenet_tcp_connect_mpd_port',`
gen_require(`
- type msnp_port_t;
+ type mpd_port_t;
')
- allow $1 msnp_port_t:tcp_socket name_connect;
+ allow $1 mpd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send msnp_client packets.
+## Send mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51644,17 +52530,17 @@ interface(`corenet_tcp_connect_msnp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msnp_client_packets',`
+interface(`corenet_send_mpd_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet send;
+ allow $1 mpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msnp_client packets.
+## Do not audit attempts to send mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51663,17 +52549,17 @@ interface(`corenet_send_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msnp_client_packets',`
+interface(`corenet_dontaudit_send_mpd_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type mpd_client_packet_t;
')
- dontaudit $1 msnp_client_packet_t:packet send;
+ dontaudit $1 mpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive msnp_client packets.
+## Receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51682,17 +52568,17 @@ interface(`corenet_dontaudit_send_msnp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msnp_client_packets',`
+interface(`corenet_receive_mpd_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet recv;
+ allow $1 mpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msnp_client packets.
+## Do not audit attempts to receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51701,17 +52587,17 @@ interface(`corenet_receive_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msnp_client_packets',`
+interface(`corenet_dontaudit_receive_mpd_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type mpd_client_packet_t;
')
- dontaudit $1 msnp_client_packet_t:packet recv;
+ dontaudit $1 mpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msnp_client packets.
+## Send and receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51720,14 +52606,14 @@ interface(`corenet_dontaudit_receive_msnp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msnp_client_packets',`
- corenet_send_msnp_client_packets($1)
- corenet_receive_msnp_client_packets($1)
+interface(`corenet_sendrecv_mpd_client_packets',`
+ corenet_send_mpd_client_packets($1)
+ corenet_receive_mpd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msnp_client packets.
+## Do not audit attempts to send and receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51736,14 +52622,14 @@ interface(`corenet_sendrecv_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
- corenet_dontaudit_send_msnp_client_packets($1)
- corenet_dontaudit_receive_msnp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
+ corenet_dontaudit_send_mpd_client_packets($1)
+ corenet_dontaudit_receive_mpd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to msnp_client the packet type.
+## Relabel packets to mpd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51751,18 +52637,18 @@ interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msnp_client_packets',`
+interface(`corenet_relabelto_mpd_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet relabelto;
+ allow $1 mpd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send msnp_server packets.
+## Send mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51771,17 +52657,17 @@ interface(`corenet_relabelto_msnp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msnp_server_packets',`
+interface(`corenet_send_mpd_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet send;
+ allow $1 mpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msnp_server packets.
+## Do not audit attempts to send mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51790,17 +52676,17 @@ interface(`corenet_send_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msnp_server_packets',`
+interface(`corenet_dontaudit_send_mpd_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type mpd_server_packet_t;
')
- dontaudit $1 msnp_server_packet_t:packet send;
+ dontaudit $1 mpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive msnp_server packets.
+## Receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51809,17 +52695,17 @@ interface(`corenet_dontaudit_send_msnp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msnp_server_packets',`
+interface(`corenet_receive_mpd_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet recv;
+ allow $1 mpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msnp_server packets.
+## Do not audit attempts to receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51828,17 +52714,17 @@ interface(`corenet_receive_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msnp_server_packets',`
+interface(`corenet_dontaudit_receive_mpd_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type mpd_server_packet_t;
')
- dontaudit $1 msnp_server_packet_t:packet recv;
+ dontaudit $1 mpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msnp_server packets.
+## Send and receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51847,14 +52733,14 @@ interface(`corenet_dontaudit_receive_msnp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msnp_server_packets',`
- corenet_send_msnp_server_packets($1)
- corenet_receive_msnp_server_packets($1)
+interface(`corenet_sendrecv_mpd_server_packets',`
+ corenet_send_mpd_server_packets($1)
+ corenet_receive_mpd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msnp_server packets.
+## Do not audit attempts to send and receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51863,14 +52749,14 @@ interface(`corenet_sendrecv_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
- corenet_dontaudit_send_msnp_server_packets($1)
- corenet_dontaudit_receive_msnp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
+ corenet_dontaudit_send_mpd_server_packets($1)
+ corenet_dontaudit_receive_mpd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to msnp_server the packet type.
+## Relabel packets to mpd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51878,12 +52764,12 @@ interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msnp_server_packets',`
+interface(`corenet_relabelto_mpd_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet relabelto;
+ allow $1 mpd_server_packet_t:packet relabelto;
')
@@ -51891,7 +52777,7 @@ interface(`corenet_relabelto_msnp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mssql port.
+## Send and receive TCP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51900,17 +52786,17 @@ interface(`corenet_relabelto_msnp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mssql_port',`
+interface(`corenet_tcp_sendrecv_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 msgsrvr_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mssql port.
+## Send UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51919,17 +52805,17 @@ interface(`corenet_tcp_sendrecv_mssql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mssql_port',`
+interface(`corenet_udp_send_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:udp_socket send_msg;
+ allow $1 msgsrvr_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mssql port.
+## Do not audit attempts to send UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51938,17 +52824,17 @@ interface(`corenet_udp_send_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mssql_port',`
+interface(`corenet_dontaudit_udp_send_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- dontaudit $1 mssql_port_t:udp_socket send_msg;
+ dontaudit $1 msgsrvr_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mssql port.
+## Receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51957,17 +52843,17 @@ interface(`corenet_dontaudit_udp_send_mssql_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mssql_port',`
+interface(`corenet_udp_receive_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:udp_socket recv_msg;
+ allow $1 msgsrvr_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mssql port.
+## Do not audit attempts to receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51976,17 +52862,17 @@ interface(`corenet_udp_receive_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mssql_port',`
+interface(`corenet_dontaudit_udp_receive_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- dontaudit $1 mssql_port_t:udp_socket recv_msg;
+ dontaudit $1 msgsrvr_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mssql port.
+## Send and receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -51995,15 +52881,15 @@ interface(`corenet_dontaudit_udp_receive_mssql_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mssql_port',`
- corenet_udp_send_mssql_port($1)
- corenet_udp_receive_mssql_port($1)
+interface(`corenet_udp_sendrecv_msgsrvr_port',`
+ corenet_udp_send_msgsrvr_port($1)
+ corenet_udp_receive_msgsrvr_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mssql port.
+## UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -52012,14 +52898,14 @@ interface(`corenet_udp_sendrecv_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
- corenet_dontaudit_udp_send_mssql_port($1)
- corenet_dontaudit_udp_receive_mssql_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_msgsrvr_port',`
+ corenet_dontaudit_udp_send_msgsrvr_port($1)
+ corenet_dontaudit_udp_receive_msgsrvr_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mssql port.
+## Bind TCP sockets to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -52028,18 +52914,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mssql_port',`
+interface(`corenet_tcp_bind_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 msgsrvr_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the mssql port.
+## Bind UDP sockets to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -52048,18 +52934,18 @@ interface(`corenet_tcp_bind_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mssql_port',`
+interface(`corenet_udp_bind_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 msgsrvr_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the mssql port.
+## Make a TCP connection to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -52067,18 +52953,18 @@ interface(`corenet_udp_bind_mssql_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mssql_port',`
+interface(`corenet_tcp_connect_msgsrvr_port',`
gen_require(`
- type mssql_port_t;
+ type msgsrvr_port_t;
')
- allow $1 mssql_port_t:tcp_socket name_connect;
+ allow $1 msgsrvr_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mssql_client packets.
+## Send msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52087,17 +52973,17 @@ interface(`corenet_tcp_connect_mssql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mssql_client_packets',`
+interface(`corenet_send_msgsrvr_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet send;
+ allow $1 msgsrvr_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mssql_client packets.
+## Do not audit attempts to send msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52106,17 +52992,17 @@ interface(`corenet_send_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mssql_client_packets',`
+interface(`corenet_dontaudit_send_msgsrvr_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- dontaudit $1 mssql_client_packet_t:packet send;
+ dontaudit $1 msgsrvr_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mssql_client packets.
+## Receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52125,17 +53011,17 @@ interface(`corenet_dontaudit_send_mssql_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mssql_client_packets',`
+interface(`corenet_receive_msgsrvr_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet recv;
+ allow $1 msgsrvr_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mssql_client packets.
+## Do not audit attempts to receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52144,17 +53030,17 @@ interface(`corenet_receive_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mssql_client_packets',`
+interface(`corenet_dontaudit_receive_msgsrvr_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- dontaudit $1 mssql_client_packet_t:packet recv;
+ dontaudit $1 msgsrvr_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mssql_client packets.
+## Send and receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52163,14 +53049,14 @@ interface(`corenet_dontaudit_receive_mssql_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mssql_client_packets',`
- corenet_send_mssql_client_packets($1)
- corenet_receive_mssql_client_packets($1)
+interface(`corenet_sendrecv_msgsrvr_client_packets',`
+ corenet_send_msgsrvr_client_packets($1)
+ corenet_receive_msgsrvr_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mssql_client packets.
+## Do not audit attempts to send and receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52179,14 +53065,14 @@ interface(`corenet_sendrecv_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
- corenet_dontaudit_send_mssql_client_packets($1)
- corenet_dontaudit_receive_mssql_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_msgsrvr_client_packets',`
+ corenet_dontaudit_send_msgsrvr_client_packets($1)
+ corenet_dontaudit_receive_msgsrvr_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mssql_client the packet type.
+## Relabel packets to msgsrvr_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52194,18 +53080,18 @@ interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mssql_client_packets',`
+interface(`corenet_relabelto_msgsrvr_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet relabelto;
+ allow $1 msgsrvr_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mssql_server packets.
+## Send msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52214,17 +53100,17 @@ interface(`corenet_relabelto_mssql_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mssql_server_packets',`
+interface(`corenet_send_msgsrvr_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet send;
+ allow $1 msgsrvr_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mssql_server packets.
+## Do not audit attempts to send msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52233,17 +53119,17 @@ interface(`corenet_send_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mssql_server_packets',`
+interface(`corenet_dontaudit_send_msgsrvr_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- dontaudit $1 mssql_server_packet_t:packet send;
+ dontaudit $1 msgsrvr_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mssql_server packets.
+## Receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52252,17 +53138,17 @@ interface(`corenet_dontaudit_send_mssql_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mssql_server_packets',`
+interface(`corenet_receive_msgsrvr_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet recv;
+ allow $1 msgsrvr_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mssql_server packets.
+## Do not audit attempts to receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52271,17 +53157,17 @@ interface(`corenet_receive_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mssql_server_packets',`
+interface(`corenet_dontaudit_receive_msgsrvr_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- dontaudit $1 mssql_server_packet_t:packet recv;
+ dontaudit $1 msgsrvr_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mssql_server packets.
+## Send and receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52290,14 +53176,14 @@ interface(`corenet_dontaudit_receive_mssql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mssql_server_packets',`
- corenet_send_mssql_server_packets($1)
- corenet_receive_mssql_server_packets($1)
+interface(`corenet_sendrecv_msgsrvr_server_packets',`
+ corenet_send_msgsrvr_server_packets($1)
+ corenet_receive_msgsrvr_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mssql_server packets.
+## Do not audit attempts to send and receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52306,14 +53192,14 @@ interface(`corenet_sendrecv_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
- corenet_dontaudit_send_mssql_server_packets($1)
- corenet_dontaudit_receive_mssql_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_msgsrvr_server_packets',`
+ corenet_dontaudit_send_msgsrvr_server_packets($1)
+ corenet_dontaudit_receive_msgsrvr_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mssql_server the packet type.
+## Relabel packets to msgsrvr_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52321,12 +53207,12 @@ interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mssql_server_packets',`
+interface(`corenet_relabelto_msgsrvr_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet relabelto;
+ allow $1 msgsrvr_server_packet_t:packet relabelto;
')
@@ -52334,7 +53220,7 @@ interface(`corenet_relabelto_mssql_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ms_streaming port.
+## Send and receive TCP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52343,17 +53229,17 @@ interface(`corenet_relabelto_mssql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ms_streaming_port',`
+interface(`corenet_tcp_sendrecv_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 msnp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ms_streaming port.
+## Send UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52362,17 +53248,17 @@ interface(`corenet_tcp_sendrecv_ms_streaming_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ms_streaming_port',`
+interface(`corenet_udp_send_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:udp_socket send_msg;
+ allow $1 msnp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ms_streaming port.
+## Do not audit attempts to send UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52381,17 +53267,17 @@ interface(`corenet_udp_send_ms_streaming_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ms_streaming_port',`
+interface(`corenet_dontaudit_udp_send_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- dontaudit $1 ms_streaming_port_t:udp_socket send_msg;
+ dontaudit $1 msnp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ms_streaming port.
+## Receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52400,17 +53286,17 @@ interface(`corenet_dontaudit_udp_send_ms_streaming_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ms_streaming_port',`
+interface(`corenet_udp_receive_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:udp_socket recv_msg;
+ allow $1 msnp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ms_streaming port.
+## Do not audit attempts to receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52419,17 +53305,17 @@ interface(`corenet_udp_receive_ms_streaming_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ms_streaming_port',`
+interface(`corenet_dontaudit_udp_receive_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- dontaudit $1 ms_streaming_port_t:udp_socket recv_msg;
+ dontaudit $1 msnp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ms_streaming port.
+## Send and receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52438,15 +53324,15 @@ interface(`corenet_dontaudit_udp_receive_ms_streaming_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ms_streaming_port',`
- corenet_udp_send_ms_streaming_port($1)
- corenet_udp_receive_ms_streaming_port($1)
+interface(`corenet_udp_sendrecv_msnp_port',`
+ corenet_udp_send_msnp_port($1)
+ corenet_udp_receive_msnp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ms_streaming port.
+## UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52455,14 +53341,14 @@ interface(`corenet_udp_sendrecv_ms_streaming_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ms_streaming_port',`
- corenet_dontaudit_udp_send_ms_streaming_port($1)
- corenet_dontaudit_udp_receive_ms_streaming_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
+ corenet_dontaudit_udp_send_msnp_port($1)
+ corenet_dontaudit_udp_receive_msnp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ms_streaming port.
+## Bind TCP sockets to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52471,18 +53357,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ms_streaming_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ms_streaming_port',`
+interface(`corenet_tcp_bind_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:tcp_socket name_bind;
+ allow $1 msnp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ms_streaming port.
+## Bind UDP sockets to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52491,18 +53377,18 @@ interface(`corenet_tcp_bind_ms_streaming_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ms_streaming_port',`
+interface(`corenet_udp_bind_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:udp_socket name_bind;
+ allow $1 msnp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ms_streaming port.
+## Make a TCP connection to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -52510,18 +53396,18 @@ interface(`corenet_udp_bind_ms_streaming_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ms_streaming_port',`
+interface(`corenet_tcp_connect_msnp_port',`
gen_require(`
- type ms_streaming_port_t;
+ type msnp_port_t;
')
- allow $1 ms_streaming_port_t:tcp_socket name_connect;
+ allow $1 msnp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ms_streaming_client packets.
+## Send msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52530,17 +53416,17 @@ interface(`corenet_tcp_connect_ms_streaming_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ms_streaming_client_packets',`
+interface(`corenet_send_msnp_client_packets',`
gen_require(`
- type ms_streaming_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 ms_streaming_client_packet_t:packet send;
+ allow $1 msnp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ms_streaming_client packets.
+## Do not audit attempts to send msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52549,17 +53435,17 @@ interface(`corenet_send_ms_streaming_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ms_streaming_client_packets',`
+interface(`corenet_dontaudit_send_msnp_client_packets',`
gen_require(`
- type ms_streaming_client_packet_t;
+ type msnp_client_packet_t;
')
- dontaudit $1 ms_streaming_client_packet_t:packet send;
+ dontaudit $1 msnp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ms_streaming_client packets.
+## Receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52568,17 +53454,17 @@ interface(`corenet_dontaudit_send_ms_streaming_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ms_streaming_client_packets',`
+interface(`corenet_receive_msnp_client_packets',`
gen_require(`
- type ms_streaming_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 ms_streaming_client_packet_t:packet recv;
+ allow $1 msnp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ms_streaming_client packets.
+## Do not audit attempts to receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52587,17 +53473,17 @@ interface(`corenet_receive_ms_streaming_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ms_streaming_client_packets',`
+interface(`corenet_dontaudit_receive_msnp_client_packets',`
gen_require(`
- type ms_streaming_client_packet_t;
+ type msnp_client_packet_t;
')
- dontaudit $1 ms_streaming_client_packet_t:packet recv;
+ dontaudit $1 msnp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ms_streaming_client packets.
+## Send and receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52606,14 +53492,14 @@ interface(`corenet_dontaudit_receive_ms_streaming_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ms_streaming_client_packets',`
- corenet_send_ms_streaming_client_packets($1)
- corenet_receive_ms_streaming_client_packets($1)
+interface(`corenet_sendrecv_msnp_client_packets',`
+ corenet_send_msnp_client_packets($1)
+ corenet_receive_msnp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ms_streaming_client packets.
+## Do not audit attempts to send and receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52622,14 +53508,14 @@ interface(`corenet_sendrecv_ms_streaming_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ms_streaming_client_packets',`
- corenet_dontaudit_send_ms_streaming_client_packets($1)
- corenet_dontaudit_receive_ms_streaming_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
+ corenet_dontaudit_send_msnp_client_packets($1)
+ corenet_dontaudit_receive_msnp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ms_streaming_client the packet type.
+## Relabel packets to msnp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52637,18 +53523,18 @@ interface(`corenet_dontaudit_sendrecv_ms_streaming_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ms_streaming_client_packets',`
+interface(`corenet_relabelto_msnp_client_packets',`
gen_require(`
- type ms_streaming_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 ms_streaming_client_packet_t:packet relabelto;
+ allow $1 msnp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ms_streaming_server packets.
+## Send msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52657,17 +53543,17 @@ interface(`corenet_relabelto_ms_streaming_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ms_streaming_server_packets',`
+interface(`corenet_send_msnp_server_packets',`
gen_require(`
- type ms_streaming_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 ms_streaming_server_packet_t:packet send;
+ allow $1 msnp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ms_streaming_server packets.
+## Do not audit attempts to send msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52676,17 +53562,17 @@ interface(`corenet_send_ms_streaming_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ms_streaming_server_packets',`
+interface(`corenet_dontaudit_send_msnp_server_packets',`
gen_require(`
- type ms_streaming_server_packet_t;
+ type msnp_server_packet_t;
')
- dontaudit $1 ms_streaming_server_packet_t:packet send;
+ dontaudit $1 msnp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ms_streaming_server packets.
+## Receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52695,17 +53581,17 @@ interface(`corenet_dontaudit_send_ms_streaming_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ms_streaming_server_packets',`
+interface(`corenet_receive_msnp_server_packets',`
gen_require(`
- type ms_streaming_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 ms_streaming_server_packet_t:packet recv;
+ allow $1 msnp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ms_streaming_server packets.
+## Do not audit attempts to receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52714,17 +53600,17 @@ interface(`corenet_receive_ms_streaming_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ms_streaming_server_packets',`
+interface(`corenet_dontaudit_receive_msnp_server_packets',`
gen_require(`
- type ms_streaming_server_packet_t;
+ type msnp_server_packet_t;
')
- dontaudit $1 ms_streaming_server_packet_t:packet recv;
+ dontaudit $1 msnp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ms_streaming_server packets.
+## Send and receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52733,14 +53619,14 @@ interface(`corenet_dontaudit_receive_ms_streaming_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ms_streaming_server_packets',`
- corenet_send_ms_streaming_server_packets($1)
- corenet_receive_ms_streaming_server_packets($1)
+interface(`corenet_sendrecv_msnp_server_packets',`
+ corenet_send_msnp_server_packets($1)
+ corenet_receive_msnp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ms_streaming_server packets.
+## Do not audit attempts to send and receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52749,14 +53635,14 @@ interface(`corenet_sendrecv_ms_streaming_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ms_streaming_server_packets',`
- corenet_dontaudit_send_ms_streaming_server_packets($1)
- corenet_dontaudit_receive_ms_streaming_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
+ corenet_dontaudit_send_msnp_server_packets($1)
+ corenet_dontaudit_receive_msnp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ms_streaming_server the packet type.
+## Relabel packets to msnp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52764,12 +53650,12 @@ interface(`corenet_dontaudit_sendrecv_ms_streaming_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ms_streaming_server_packets',`
+interface(`corenet_relabelto_msnp_server_packets',`
gen_require(`
- type ms_streaming_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 ms_streaming_server_packet_t:packet relabelto;
+ allow $1 msnp_server_packet_t:packet relabelto;
')
@@ -52777,7 +53663,7 @@ interface(`corenet_relabelto_ms_streaming_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the munin port.
+## Send and receive TCP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52786,17 +53672,17 @@ interface(`corenet_relabelto_ms_streaming_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_munin_port',`
+interface(`corenet_tcp_sendrecv_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mssql_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the munin port.
+## Send UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52805,17 +53691,17 @@ interface(`corenet_tcp_sendrecv_munin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_munin_port',`
+interface(`corenet_udp_send_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:udp_socket send_msg;
+ allow $1 mssql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the munin port.
+## Do not audit attempts to send UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52824,17 +53710,17 @@ interface(`corenet_udp_send_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_munin_port',`
+interface(`corenet_dontaudit_udp_send_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- dontaudit $1 munin_port_t:udp_socket send_msg;
+ dontaudit $1 mssql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the munin port.
+## Receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52843,17 +53729,17 @@ interface(`corenet_dontaudit_udp_send_munin_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_munin_port',`
+interface(`corenet_udp_receive_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:udp_socket recv_msg;
+ allow $1 mssql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the munin port.
+## Do not audit attempts to receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52862,17 +53748,17 @@ interface(`corenet_udp_receive_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_munin_port',`
+interface(`corenet_dontaudit_udp_receive_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- dontaudit $1 munin_port_t:udp_socket recv_msg;
+ dontaudit $1 mssql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the munin port.
+## Send and receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52881,15 +53767,15 @@ interface(`corenet_dontaudit_udp_receive_munin_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_munin_port',`
- corenet_udp_send_munin_port($1)
- corenet_udp_receive_munin_port($1)
+interface(`corenet_udp_sendrecv_mssql_port',`
+ corenet_udp_send_mssql_port($1)
+ corenet_udp_receive_mssql_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the munin port.
+## UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52898,14 +53784,14 @@ interface(`corenet_udp_sendrecv_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
- corenet_dontaudit_udp_send_munin_port($1)
- corenet_dontaudit_udp_receive_munin_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
+ corenet_dontaudit_udp_send_mssql_port($1)
+ corenet_dontaudit_udp_receive_mssql_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the munin port.
+## Bind TCP sockets to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52914,18 +53800,18 @@ interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_munin_port',`
+interface(`corenet_tcp_bind_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:tcp_socket name_bind;
-
+ allow $1 mssql_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the munin port.
+## Bind UDP sockets to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52934,18 +53820,18 @@ interface(`corenet_tcp_bind_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_munin_port',`
+interface(`corenet_udp_bind_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:udp_socket name_bind;
-
+ allow $1 mssql_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the munin port.
+## Make a TCP connection to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -52953,18 +53839,18 @@ interface(`corenet_udp_bind_munin_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_munin_port',`
+interface(`corenet_tcp_connect_mssql_port',`
gen_require(`
- type munin_port_t;
+ type mssql_port_t;
')
- allow $1 munin_port_t:tcp_socket name_connect;
+ allow $1 mssql_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send munin_client packets.
+## Send mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52973,17 +53859,17 @@ interface(`corenet_tcp_connect_munin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_munin_client_packets',`
+interface(`corenet_send_mssql_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 munin_client_packet_t:packet send;
+ allow $1 mssql_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send munin_client packets.
+## Do not audit attempts to send mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52992,17 +53878,17 @@ interface(`corenet_send_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_munin_client_packets',`
+interface(`corenet_dontaudit_send_mssql_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type mssql_client_packet_t;
')
- dontaudit $1 munin_client_packet_t:packet send;
+ dontaudit $1 mssql_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive munin_client packets.
+## Receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53011,17 +53897,17 @@ interface(`corenet_dontaudit_send_munin_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_munin_client_packets',`
+interface(`corenet_receive_mssql_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 munin_client_packet_t:packet recv;
+ allow $1 mssql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive munin_client packets.
+## Do not audit attempts to receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53030,17 +53916,17 @@ interface(`corenet_receive_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_munin_client_packets',`
+interface(`corenet_dontaudit_receive_mssql_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type mssql_client_packet_t;
')
- dontaudit $1 munin_client_packet_t:packet recv;
+ dontaudit $1 mssql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive munin_client packets.
+## Send and receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53049,14 +53935,14 @@ interface(`corenet_dontaudit_receive_munin_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_munin_client_packets',`
- corenet_send_munin_client_packets($1)
- corenet_receive_munin_client_packets($1)
+interface(`corenet_sendrecv_mssql_client_packets',`
+ corenet_send_mssql_client_packets($1)
+ corenet_receive_mssql_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive munin_client packets.
+## Do not audit attempts to send and receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53065,14 +53951,14 @@ interface(`corenet_sendrecv_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
- corenet_dontaudit_send_munin_client_packets($1)
- corenet_dontaudit_receive_munin_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
+ corenet_dontaudit_send_mssql_client_packets($1)
+ corenet_dontaudit_receive_mssql_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to munin_client the packet type.
+## Relabel packets to mssql_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53080,18 +53966,18 @@ interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_munin_client_packets',`
+interface(`corenet_relabelto_mssql_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 munin_client_packet_t:packet relabelto;
+ allow $1 mssql_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send munin_server packets.
+## Send mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53100,17 +53986,17 @@ interface(`corenet_relabelto_munin_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_munin_server_packets',`
+interface(`corenet_send_mssql_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 munin_server_packet_t:packet send;
+ allow $1 mssql_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send munin_server packets.
+## Do not audit attempts to send mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53119,17 +54005,17 @@ interface(`corenet_send_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_munin_server_packets',`
+interface(`corenet_dontaudit_send_mssql_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type mssql_server_packet_t;
')
- dontaudit $1 munin_server_packet_t:packet send;
+ dontaudit $1 mssql_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive munin_server packets.
+## Receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53138,17 +54024,17 @@ interface(`corenet_dontaudit_send_munin_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_munin_server_packets',`
+interface(`corenet_receive_mssql_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 munin_server_packet_t:packet recv;
+ allow $1 mssql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive munin_server packets.
+## Do not audit attempts to receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53157,17 +54043,17 @@ interface(`corenet_receive_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_munin_server_packets',`
+interface(`corenet_dontaudit_receive_mssql_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type mssql_server_packet_t;
')
- dontaudit $1 munin_server_packet_t:packet recv;
+ dontaudit $1 mssql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive munin_server packets.
+## Send and receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53176,14 +54062,14 @@ interface(`corenet_dontaudit_receive_munin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_munin_server_packets',`
- corenet_send_munin_server_packets($1)
- corenet_receive_munin_server_packets($1)
+interface(`corenet_sendrecv_mssql_server_packets',`
+ corenet_send_mssql_server_packets($1)
+ corenet_receive_mssql_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive munin_server packets.
+## Do not audit attempts to send and receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53192,14 +54078,14 @@ interface(`corenet_sendrecv_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
- corenet_dontaudit_send_munin_server_packets($1)
- corenet_dontaudit_receive_munin_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
+ corenet_dontaudit_send_mssql_server_packets($1)
+ corenet_dontaudit_receive_mssql_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to munin_server the packet type.
+## Relabel packets to mssql_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53207,12 +54093,12 @@ interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_munin_server_packets',`
+interface(`corenet_relabelto_mssql_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 munin_server_packet_t:packet relabelto;
+ allow $1 mssql_server_packet_t:packet relabelto;
')
@@ -53220,7 +54106,7 @@ interface(`corenet_relabelto_munin_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mxi port.
+## Send and receive TCP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53229,17 +54115,17 @@ interface(`corenet_relabelto_munin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mxi_port',`
+interface(`corenet_tcp_sendrecv_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ms_streaming_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mxi port.
+## Send UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53248,17 +54134,17 @@ interface(`corenet_tcp_sendrecv_mxi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mxi_port',`
+interface(`corenet_udp_send_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:udp_socket send_msg;
+ allow $1 ms_streaming_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mxi port.
+## Do not audit attempts to send UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53267,17 +54153,17 @@ interface(`corenet_udp_send_mxi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mxi_port',`
+interface(`corenet_dontaudit_udp_send_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- dontaudit $1 mxi_port_t:udp_socket send_msg;
+ dontaudit $1 ms_streaming_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mxi port.
+## Receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53286,17 +54172,17 @@ interface(`corenet_dontaudit_udp_send_mxi_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mxi_port',`
+interface(`corenet_udp_receive_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:udp_socket recv_msg;
+ allow $1 ms_streaming_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mxi port.
+## Do not audit attempts to receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53305,17 +54191,17 @@ interface(`corenet_udp_receive_mxi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mxi_port',`
+interface(`corenet_dontaudit_udp_receive_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- dontaudit $1 mxi_port_t:udp_socket recv_msg;
+ dontaudit $1 ms_streaming_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mxi port.
+## Send and receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53324,15 +54210,15 @@ interface(`corenet_dontaudit_udp_receive_mxi_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mxi_port',`
- corenet_udp_send_mxi_port($1)
- corenet_udp_receive_mxi_port($1)
+interface(`corenet_udp_sendrecv_ms_streaming_port',`
+ corenet_udp_send_ms_streaming_port($1)
+ corenet_udp_receive_ms_streaming_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mxi port.
+## UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53341,14 +54227,14 @@ interface(`corenet_udp_sendrecv_mxi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mxi_port',`
- corenet_dontaudit_udp_send_mxi_port($1)
- corenet_dontaudit_udp_receive_mxi_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ms_streaming_port',`
+ corenet_dontaudit_udp_send_ms_streaming_port($1)
+ corenet_dontaudit_udp_receive_ms_streaming_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mxi port.
+## Bind TCP sockets to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53357,18 +54243,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mxi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mxi_port',`
+interface(`corenet_tcp_bind_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:tcp_socket name_bind;
+ allow $1 ms_streaming_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mxi port.
+## Bind UDP sockets to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53377,18 +54263,18 @@ interface(`corenet_tcp_bind_mxi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mxi_port',`
+interface(`corenet_udp_bind_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:udp_socket name_bind;
+ allow $1 ms_streaming_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mxi port.
+## Make a TCP connection to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -53396,18 +54282,18 @@ interface(`corenet_udp_bind_mxi_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mxi_port',`
+interface(`corenet_tcp_connect_ms_streaming_port',`
gen_require(`
- type mxi_port_t;
+ type ms_streaming_port_t;
')
- allow $1 mxi_port_t:tcp_socket name_connect;
+ allow $1 ms_streaming_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mxi_client packets.
+## Send ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53416,17 +54302,17 @@ interface(`corenet_tcp_connect_mxi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mxi_client_packets',`
+interface(`corenet_send_ms_streaming_client_packets',`
gen_require(`
- type mxi_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 mxi_client_packet_t:packet send;
+ allow $1 ms_streaming_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mxi_client packets.
+## Do not audit attempts to send ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53435,17 +54321,17 @@ interface(`corenet_send_mxi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mxi_client_packets',`
+interface(`corenet_dontaudit_send_ms_streaming_client_packets',`
gen_require(`
- type mxi_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- dontaudit $1 mxi_client_packet_t:packet send;
+ dontaudit $1 ms_streaming_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mxi_client packets.
+## Receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53454,17 +54340,17 @@ interface(`corenet_dontaudit_send_mxi_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mxi_client_packets',`
+interface(`corenet_receive_ms_streaming_client_packets',`
gen_require(`
- type mxi_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 mxi_client_packet_t:packet recv;
+ allow $1 ms_streaming_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mxi_client packets.
+## Do not audit attempts to receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53473,17 +54359,17 @@ interface(`corenet_receive_mxi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mxi_client_packets',`
+interface(`corenet_dontaudit_receive_ms_streaming_client_packets',`
gen_require(`
- type mxi_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- dontaudit $1 mxi_client_packet_t:packet recv;
+ dontaudit $1 ms_streaming_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mxi_client packets.
+## Send and receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53492,14 +54378,14 @@ interface(`corenet_dontaudit_receive_mxi_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mxi_client_packets',`
- corenet_send_mxi_client_packets($1)
- corenet_receive_mxi_client_packets($1)
+interface(`corenet_sendrecv_ms_streaming_client_packets',`
+ corenet_send_ms_streaming_client_packets($1)
+ corenet_receive_ms_streaming_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mxi_client packets.
+## Do not audit attempts to send and receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53508,14 +54394,14 @@ interface(`corenet_sendrecv_mxi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mxi_client_packets',`
- corenet_dontaudit_send_mxi_client_packets($1)
- corenet_dontaudit_receive_mxi_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ms_streaming_client_packets',`
+ corenet_dontaudit_send_ms_streaming_client_packets($1)
+ corenet_dontaudit_receive_ms_streaming_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mxi_client the packet type.
+## Relabel packets to ms_streaming_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53523,18 +54409,18 @@ interface(`corenet_dontaudit_sendrecv_mxi_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mxi_client_packets',`
+interface(`corenet_relabelto_ms_streaming_client_packets',`
gen_require(`
- type mxi_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 mxi_client_packet_t:packet relabelto;
+ allow $1 ms_streaming_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mxi_server packets.
+## Send ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53543,17 +54429,17 @@ interface(`corenet_relabelto_mxi_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mxi_server_packets',`
+interface(`corenet_send_ms_streaming_server_packets',`
gen_require(`
- type mxi_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 mxi_server_packet_t:packet send;
+ allow $1 ms_streaming_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mxi_server packets.
+## Do not audit attempts to send ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53562,17 +54448,17 @@ interface(`corenet_send_mxi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mxi_server_packets',`
+interface(`corenet_dontaudit_send_ms_streaming_server_packets',`
gen_require(`
- type mxi_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- dontaudit $1 mxi_server_packet_t:packet send;
+ dontaudit $1 ms_streaming_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mxi_server packets.
+## Receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53581,17 +54467,17 @@ interface(`corenet_dontaudit_send_mxi_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mxi_server_packets',`
+interface(`corenet_receive_ms_streaming_server_packets',`
gen_require(`
- type mxi_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 mxi_server_packet_t:packet recv;
+ allow $1 ms_streaming_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mxi_server packets.
+## Do not audit attempts to receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53600,17 +54486,17 @@ interface(`corenet_receive_mxi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mxi_server_packets',`
+interface(`corenet_dontaudit_receive_ms_streaming_server_packets',`
gen_require(`
- type mxi_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- dontaudit $1 mxi_server_packet_t:packet recv;
+ dontaudit $1 ms_streaming_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mxi_server packets.
+## Send and receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53619,14 +54505,14 @@ interface(`corenet_dontaudit_receive_mxi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mxi_server_packets',`
- corenet_send_mxi_server_packets($1)
- corenet_receive_mxi_server_packets($1)
+interface(`corenet_sendrecv_ms_streaming_server_packets',`
+ corenet_send_ms_streaming_server_packets($1)
+ corenet_receive_ms_streaming_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mxi_server packets.
+## Do not audit attempts to send and receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53635,14 +54521,14 @@ interface(`corenet_sendrecv_mxi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mxi_server_packets',`
- corenet_dontaudit_send_mxi_server_packets($1)
- corenet_dontaudit_receive_mxi_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ms_streaming_server_packets',`
+ corenet_dontaudit_send_ms_streaming_server_packets($1)
+ corenet_dontaudit_receive_ms_streaming_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mxi_server the packet type.
+## Relabel packets to ms_streaming_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53650,12 +54536,12 @@ interface(`corenet_dontaudit_sendrecv_mxi_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mxi_server_packets',`
+interface(`corenet_relabelto_ms_streaming_server_packets',`
gen_require(`
- type mxi_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 mxi_server_packet_t:packet relabelto;
+ allow $1 ms_streaming_server_packet_t:packet relabelto;
')
@@ -53663,7 +54549,7 @@ interface(`corenet_relabelto_mxi_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mysqld port.
+## Send and receive TCP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53672,17 +54558,17 @@ interface(`corenet_relabelto_mxi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mysqld_port',`
+interface(`corenet_tcp_sendrecv_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 munin_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mysqld port.
+## Send UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53691,17 +54577,17 @@ interface(`corenet_tcp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mysqld_port',`
+interface(`corenet_udp_send_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:udp_socket send_msg;
+ allow $1 munin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mysqld port.
+## Do not audit attempts to send UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53710,17 +54596,17 @@ interface(`corenet_udp_send_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mysqld_port',`
+interface(`corenet_dontaudit_udp_send_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- dontaudit $1 mysqld_port_t:udp_socket send_msg;
+ dontaudit $1 munin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mysqld port.
+## Receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53729,17 +54615,17 @@ interface(`corenet_dontaudit_udp_send_mysqld_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mysqld_port',`
+interface(`corenet_udp_receive_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:udp_socket recv_msg;
+ allow $1 munin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mysqld port.
+## Do not audit attempts to receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53748,17 +54634,17 @@ interface(`corenet_udp_receive_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mysqld_port',`
+interface(`corenet_dontaudit_udp_receive_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- dontaudit $1 mysqld_port_t:udp_socket recv_msg;
+ dontaudit $1 munin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mysqld port.
+## Send and receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53767,15 +54653,15 @@ interface(`corenet_dontaudit_udp_receive_mysqld_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mysqld_port',`
- corenet_udp_send_mysqld_port($1)
- corenet_udp_receive_mysqld_port($1)
+interface(`corenet_udp_sendrecv_munin_port',`
+ corenet_udp_send_munin_port($1)
+ corenet_udp_receive_munin_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mysqld port.
+## UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53784,14 +54670,14 @@ interface(`corenet_udp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
- corenet_dontaudit_udp_send_mysqld_port($1)
- corenet_dontaudit_udp_receive_mysqld_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
+ corenet_dontaudit_udp_send_munin_port($1)
+ corenet_dontaudit_udp_receive_munin_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mysqld port.
+## Bind TCP sockets to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53800,18 +54686,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mysqld_port',`
+interface(`corenet_tcp_bind_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 munin_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the mysqld port.
+## Bind UDP sockets to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53820,18 +54706,18 @@ interface(`corenet_tcp_bind_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mysqld_port',`
+interface(`corenet_udp_bind_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 munin_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the mysqld port.
+## Make a TCP connection to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -53839,18 +54725,18 @@ interface(`corenet_udp_bind_mysqld_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mysqld_port',`
+interface(`corenet_tcp_connect_munin_port',`
gen_require(`
- type mysqld_port_t;
+ type munin_port_t;
')
- allow $1 mysqld_port_t:tcp_socket name_connect;
+ allow $1 munin_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mysqld_client packets.
+## Send munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53859,17 +54745,17 @@ interface(`corenet_tcp_connect_mysqld_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqld_client_packets',`
+interface(`corenet_send_munin_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet send;
+ allow $1 munin_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqld_client packets.
+## Do not audit attempts to send munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53878,17 +54764,17 @@ interface(`corenet_send_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqld_client_packets',`
+interface(`corenet_dontaudit_send_munin_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type munin_client_packet_t;
')
- dontaudit $1 mysqld_client_packet_t:packet send;
+ dontaudit $1 munin_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqld_client packets.
+## Receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53897,17 +54783,17 @@ interface(`corenet_dontaudit_send_mysqld_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqld_client_packets',`
+interface(`corenet_receive_munin_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet recv;
+ allow $1 munin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqld_client packets.
+## Do not audit attempts to receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53916,17 +54802,17 @@ interface(`corenet_receive_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqld_client_packets',`
+interface(`corenet_dontaudit_receive_munin_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type munin_client_packet_t;
')
- dontaudit $1 mysqld_client_packet_t:packet recv;
+ dontaudit $1 munin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqld_client packets.
+## Send and receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53935,14 +54821,14 @@ interface(`corenet_dontaudit_receive_mysqld_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqld_client_packets',`
- corenet_send_mysqld_client_packets($1)
- corenet_receive_mysqld_client_packets($1)
+interface(`corenet_sendrecv_munin_client_packets',`
+ corenet_send_munin_client_packets($1)
+ corenet_receive_munin_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqld_client packets.
+## Do not audit attempts to send and receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53951,14 +54837,14 @@ interface(`corenet_sendrecv_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
- corenet_dontaudit_send_mysqld_client_packets($1)
- corenet_dontaudit_receive_mysqld_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
+ corenet_dontaudit_send_munin_client_packets($1)
+ corenet_dontaudit_receive_munin_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqld_client the packet type.
+## Relabel packets to munin_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53966,18 +54852,18 @@ interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqld_client_packets',`
+interface(`corenet_relabelto_munin_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet relabelto;
+ allow $1 munin_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mysqld_server packets.
+## Send munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53986,17 +54872,17 @@ interface(`corenet_relabelto_mysqld_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqld_server_packets',`
+interface(`corenet_send_munin_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet send;
+ allow $1 munin_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqld_server packets.
+## Do not audit attempts to send munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54005,17 +54891,17 @@ interface(`corenet_send_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqld_server_packets',`
+interface(`corenet_dontaudit_send_munin_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type munin_server_packet_t;
')
- dontaudit $1 mysqld_server_packet_t:packet send;
+ dontaudit $1 munin_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqld_server packets.
+## Receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54024,17 +54910,17 @@ interface(`corenet_dontaudit_send_mysqld_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqld_server_packets',`
+interface(`corenet_receive_munin_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet recv;
+ allow $1 munin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqld_server packets.
+## Do not audit attempts to receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54043,17 +54929,17 @@ interface(`corenet_receive_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqld_server_packets',`
+interface(`corenet_dontaudit_receive_munin_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type munin_server_packet_t;
')
- dontaudit $1 mysqld_server_packet_t:packet recv;
+ dontaudit $1 munin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqld_server packets.
+## Send and receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54062,14 +54948,14 @@ interface(`corenet_dontaudit_receive_mysqld_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqld_server_packets',`
- corenet_send_mysqld_server_packets($1)
- corenet_receive_mysqld_server_packets($1)
+interface(`corenet_sendrecv_munin_server_packets',`
+ corenet_send_munin_server_packets($1)
+ corenet_receive_munin_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqld_server packets.
+## Do not audit attempts to send and receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54078,14 +54964,14 @@ interface(`corenet_sendrecv_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
- corenet_dontaudit_send_mysqld_server_packets($1)
- corenet_dontaudit_receive_mysqld_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
+ corenet_dontaudit_send_munin_server_packets($1)
+ corenet_dontaudit_receive_munin_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqld_server the packet type.
+## Relabel packets to munin_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54093,12 +54979,12 @@ interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqld_server_packets',`
+interface(`corenet_relabelto_munin_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet relabelto;
+ allow $1 munin_server_packet_t:packet relabelto;
')
@@ -54106,7 +54992,7 @@ interface(`corenet_relabelto_mysqld_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mysqlmanagerd port.
+## Send and receive TCP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54115,17 +55001,17 @@ interface(`corenet_relabelto_mysqld_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
+interface(`corenet_tcp_sendrecv_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mxi_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mysqlmanagerd port.
+## Send UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54134,17 +55020,17 @@ interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mysqlmanagerd_port',`
+interface(`corenet_udp_send_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket send_msg;
+ allow $1 mxi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mysqlmanagerd port.
+## Do not audit attempts to send UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54153,17 +55039,17 @@ interface(`corenet_udp_send_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
+interface(`corenet_dontaudit_udp_send_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- dontaudit $1 mysqlmanagerd_port_t:udp_socket send_msg;
+ dontaudit $1 mxi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mysqlmanagerd port.
+## Receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54172,17 +55058,17 @@ interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mysqlmanagerd_port',`
+interface(`corenet_udp_receive_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket recv_msg;
+ allow $1 mxi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mysqlmanagerd port.
+## Do not audit attempts to receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54191,17 +55077,17 @@ interface(`corenet_udp_receive_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
+interface(`corenet_dontaudit_udp_receive_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- dontaudit $1 mysqlmanagerd_port_t:udp_socket recv_msg;
+ dontaudit $1 mxi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mysqlmanagerd port.
+## Send and receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54210,15 +55096,15 @@ interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
- corenet_udp_send_mysqlmanagerd_port($1)
- corenet_udp_receive_mysqlmanagerd_port($1)
+interface(`corenet_udp_sendrecv_mxi_port',`
+ corenet_udp_send_mxi_port($1)
+ corenet_udp_receive_mxi_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mysqlmanagerd port.
+## UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54227,14 +55113,14 @@ interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
- corenet_dontaudit_udp_send_mysqlmanagerd_port($1)
- corenet_dontaudit_udp_receive_mysqlmanagerd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mxi_port',`
+ corenet_dontaudit_udp_send_mxi_port($1)
+ corenet_dontaudit_udp_receive_mxi_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mysqlmanagerd port.
+## Bind TCP sockets to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54243,18 +55129,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mysqlmanagerd_port',`
+interface(`corenet_tcp_bind_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket name_bind;
+ allow $1 mxi_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mysqlmanagerd port.
+## Bind UDP sockets to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54263,18 +55149,18 @@ interface(`corenet_tcp_bind_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mysqlmanagerd_port',`
+interface(`corenet_udp_bind_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket name_bind;
+ allow $1 mxi_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mysqlmanagerd port.
+## Make a TCP connection to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -54282,18 +55168,18 @@ interface(`corenet_udp_bind_mysqlmanagerd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mysqlmanagerd_port',`
+interface(`corenet_tcp_connect_mxi_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type mxi_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket name_connect;
+ allow $1 mxi_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mysqlmanagerd_client packets.
+## Send mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54302,17 +55188,17 @@ interface(`corenet_tcp_connect_mysqlmanagerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqlmanagerd_client_packets',`
+interface(`corenet_send_mxi_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet send;
+ allow $1 mxi_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqlmanagerd_client packets.
+## Do not audit attempts to send mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54321,17 +55207,17 @@ interface(`corenet_send_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
+interface(`corenet_dontaudit_send_mxi_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type mxi_client_packet_t;
')
- dontaudit $1 mysqlmanagerd_client_packet_t:packet send;
+ dontaudit $1 mxi_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqlmanagerd_client packets.
+## Receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54340,17 +55226,17 @@ interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqlmanagerd_client_packets',`
+interface(`corenet_receive_mxi_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet recv;
+ allow $1 mxi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqlmanagerd_client packets.
+## Do not audit attempts to receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54359,17 +55245,17 @@ interface(`corenet_receive_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
+interface(`corenet_dontaudit_receive_mxi_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type mxi_client_packet_t;
')
- dontaudit $1 mysqlmanagerd_client_packet_t:packet recv;
+ dontaudit $1 mxi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqlmanagerd_client packets.
+## Send and receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54378,14 +55264,14 @@ interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
- corenet_send_mysqlmanagerd_client_packets($1)
- corenet_receive_mysqlmanagerd_client_packets($1)
+interface(`corenet_sendrecv_mxi_client_packets',`
+ corenet_send_mxi_client_packets($1)
+ corenet_receive_mxi_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqlmanagerd_client packets.
+## Do not audit attempts to send and receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54394,14 +55280,14 @@ interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
- corenet_dontaudit_send_mysqlmanagerd_client_packets($1)
- corenet_dontaudit_receive_mysqlmanagerd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mxi_client_packets',`
+ corenet_dontaudit_send_mxi_client_packets($1)
+ corenet_dontaudit_receive_mxi_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqlmanagerd_client the packet type.
+## Relabel packets to mxi_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54409,18 +55295,18 @@ interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
+interface(`corenet_relabelto_mxi_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet relabelto;
+ allow $1 mxi_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mysqlmanagerd_server packets.
+## Send mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54429,17 +55315,17 @@ interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqlmanagerd_server_packets',`
+interface(`corenet_send_mxi_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet send;
+ allow $1 mxi_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqlmanagerd_server packets.
+## Do not audit attempts to send mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54448,17 +55334,17 @@ interface(`corenet_send_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
+interface(`corenet_dontaudit_send_mxi_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type mxi_server_packet_t;
')
- dontaudit $1 mysqlmanagerd_server_packet_t:packet send;
+ dontaudit $1 mxi_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqlmanagerd_server packets.
+## Receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54467,17 +55353,17 @@ interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqlmanagerd_server_packets',`
+interface(`corenet_receive_mxi_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet recv;
+ allow $1 mxi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqlmanagerd_server packets.
+## Do not audit attempts to receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54486,17 +55372,17 @@ interface(`corenet_receive_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
+interface(`corenet_dontaudit_receive_mxi_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type mxi_server_packet_t;
')
- dontaudit $1 mysqlmanagerd_server_packet_t:packet recv;
+ dontaudit $1 mxi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqlmanagerd_server packets.
+## Send and receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54505,14 +55391,14 @@ interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
- corenet_send_mysqlmanagerd_server_packets($1)
- corenet_receive_mysqlmanagerd_server_packets($1)
+interface(`corenet_sendrecv_mxi_server_packets',`
+ corenet_send_mxi_server_packets($1)
+ corenet_receive_mxi_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqlmanagerd_server packets.
+## Do not audit attempts to send and receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54521,14 +55407,14 @@ interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
- corenet_dontaudit_send_mysqlmanagerd_server_packets($1)
- corenet_dontaudit_receive_mysqlmanagerd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mxi_server_packets',`
+ corenet_dontaudit_send_mxi_server_packets($1)
+ corenet_dontaudit_receive_mxi_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqlmanagerd_server the packet type.
+## Relabel packets to mxi_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54536,12 +55422,12 @@ interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
+interface(`corenet_relabelto_mxi_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet relabelto;
+ allow $1 mxi_server_packet_t:packet relabelto;
')
@@ -54549,7 +55435,7 @@ interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nessus port.
+## Send and receive TCP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54558,17 +55444,17 @@ interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nessus_port',`
+interface(`corenet_tcp_sendrecv_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mysqld_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nessus port.
+## Send UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54577,17 +55463,17 @@ interface(`corenet_tcp_sendrecv_nessus_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nessus_port',`
+interface(`corenet_udp_send_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:udp_socket send_msg;
+ allow $1 mysqld_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nessus port.
+## Do not audit attempts to send UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54596,17 +55482,17 @@ interface(`corenet_udp_send_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nessus_port',`
+interface(`corenet_dontaudit_udp_send_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- dontaudit $1 nessus_port_t:udp_socket send_msg;
+ dontaudit $1 mysqld_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nessus port.
+## Receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54615,17 +55501,17 @@ interface(`corenet_dontaudit_udp_send_nessus_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nessus_port',`
+interface(`corenet_udp_receive_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:udp_socket recv_msg;
+ allow $1 mysqld_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nessus port.
+## Do not audit attempts to receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54634,17 +55520,17 @@ interface(`corenet_udp_receive_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nessus_port',`
+interface(`corenet_dontaudit_udp_receive_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- dontaudit $1 nessus_port_t:udp_socket recv_msg;
+ dontaudit $1 mysqld_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nessus port.
+## Send and receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54653,15 +55539,15 @@ interface(`corenet_dontaudit_udp_receive_nessus_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nessus_port',`
- corenet_udp_send_nessus_port($1)
- corenet_udp_receive_nessus_port($1)
+interface(`corenet_udp_sendrecv_mysqld_port',`
+ corenet_udp_send_mysqld_port($1)
+ corenet_udp_receive_mysqld_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nessus port.
+## UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54670,14 +55556,14 @@ interface(`corenet_udp_sendrecv_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
- corenet_dontaudit_udp_send_nessus_port($1)
- corenet_dontaudit_udp_receive_nessus_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
+ corenet_dontaudit_udp_send_mysqld_port($1)
+ corenet_dontaudit_udp_receive_mysqld_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nessus port.
+## Bind TCP sockets to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54686,18 +55572,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nessus_port',`
+interface(`corenet_tcp_bind_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:tcp_socket name_bind;
-
+ allow $1 mysqld_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the nessus port.
+## Bind UDP sockets to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54706,18 +55592,18 @@ interface(`corenet_tcp_bind_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nessus_port',`
+interface(`corenet_udp_bind_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:udp_socket name_bind;
-
+ allow $1 mysqld_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the nessus port.
+## Make a TCP connection to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -54725,18 +55611,18 @@ interface(`corenet_udp_bind_nessus_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nessus_port',`
+interface(`corenet_tcp_connect_mysqld_port',`
gen_require(`
- type nessus_port_t;
+ type mysqld_port_t;
')
- allow $1 nessus_port_t:tcp_socket name_connect;
+ allow $1 mysqld_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nessus_client packets.
+## Send mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54745,17 +55631,17 @@ interface(`corenet_tcp_connect_nessus_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nessus_client_packets',`
+interface(`corenet_send_mysqld_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet send;
+ allow $1 mysqld_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nessus_client packets.
+## Do not audit attempts to send mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54764,17 +55650,17 @@ interface(`corenet_send_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nessus_client_packets',`
+interface(`corenet_dontaudit_send_mysqld_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type mysqld_client_packet_t;
')
- dontaudit $1 nessus_client_packet_t:packet send;
+ dontaudit $1 mysqld_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nessus_client packets.
+## Receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54783,17 +55669,17 @@ interface(`corenet_dontaudit_send_nessus_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nessus_client_packets',`
+interface(`corenet_receive_mysqld_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet recv;
+ allow $1 mysqld_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nessus_client packets.
+## Do not audit attempts to receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54802,17 +55688,17 @@ interface(`corenet_receive_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nessus_client_packets',`
+interface(`corenet_dontaudit_receive_mysqld_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type mysqld_client_packet_t;
')
- dontaudit $1 nessus_client_packet_t:packet recv;
+ dontaudit $1 mysqld_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nessus_client packets.
+## Send and receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54821,14 +55707,14 @@ interface(`corenet_dontaudit_receive_nessus_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nessus_client_packets',`
- corenet_send_nessus_client_packets($1)
- corenet_receive_nessus_client_packets($1)
+interface(`corenet_sendrecv_mysqld_client_packets',`
+ corenet_send_mysqld_client_packets($1)
+ corenet_receive_mysqld_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nessus_client packets.
+## Do not audit attempts to send and receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54837,14 +55723,14 @@ interface(`corenet_sendrecv_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
- corenet_dontaudit_send_nessus_client_packets($1)
- corenet_dontaudit_receive_nessus_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
+ corenet_dontaudit_send_mysqld_client_packets($1)
+ corenet_dontaudit_receive_mysqld_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nessus_client the packet type.
+## Relabel packets to mysqld_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54852,18 +55738,18 @@ interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nessus_client_packets',`
+interface(`corenet_relabelto_mysqld_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet relabelto;
+ allow $1 mysqld_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nessus_server packets.
+## Send mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54872,17 +55758,17 @@ interface(`corenet_relabelto_nessus_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nessus_server_packets',`
+interface(`corenet_send_mysqld_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet send;
+ allow $1 mysqld_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nessus_server packets.
+## Do not audit attempts to send mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54891,17 +55777,17 @@ interface(`corenet_send_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nessus_server_packets',`
+interface(`corenet_dontaudit_send_mysqld_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type mysqld_server_packet_t;
')
- dontaudit $1 nessus_server_packet_t:packet send;
+ dontaudit $1 mysqld_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nessus_server packets.
+## Receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54910,17 +55796,17 @@ interface(`corenet_dontaudit_send_nessus_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nessus_server_packets',`
+interface(`corenet_receive_mysqld_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet recv;
+ allow $1 mysqld_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nessus_server packets.
+## Do not audit attempts to receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54929,17 +55815,17 @@ interface(`corenet_receive_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nessus_server_packets',`
+interface(`corenet_dontaudit_receive_mysqld_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type mysqld_server_packet_t;
')
- dontaudit $1 nessus_server_packet_t:packet recv;
+ dontaudit $1 mysqld_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nessus_server packets.
+## Send and receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54948,14 +55834,14 @@ interface(`corenet_dontaudit_receive_nessus_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nessus_server_packets',`
- corenet_send_nessus_server_packets($1)
- corenet_receive_nessus_server_packets($1)
+interface(`corenet_sendrecv_mysqld_server_packets',`
+ corenet_send_mysqld_server_packets($1)
+ corenet_receive_mysqld_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nessus_server packets.
+## Do not audit attempts to send and receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54964,14 +55850,14 @@ interface(`corenet_sendrecv_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
- corenet_dontaudit_send_nessus_server_packets($1)
- corenet_dontaudit_receive_nessus_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
+ corenet_dontaudit_send_mysqld_server_packets($1)
+ corenet_dontaudit_receive_mysqld_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nessus_server the packet type.
+## Relabel packets to mysqld_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54979,12 +55865,12 @@ interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nessus_server_packets',`
+interface(`corenet_relabelto_mysqld_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet relabelto;
+ allow $1 mysqld_server_packet_t:packet relabelto;
')
@@ -54992,7 +55878,7 @@ interface(`corenet_relabelto_nessus_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the netport port.
+## Send and receive TCP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55001,17 +55887,17 @@ interface(`corenet_relabelto_nessus_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_netport_port',`
+interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mysqlmanagerd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the netport port.
+## Send UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55020,17 +55906,17 @@ interface(`corenet_tcp_sendrecv_netport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_netport_port',`
+interface(`corenet_udp_send_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:udp_socket send_msg;
+ allow $1 mysqlmanagerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the netport port.
+## Do not audit attempts to send UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55039,17 +55925,17 @@ interface(`corenet_udp_send_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_netport_port',`
+interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- dontaudit $1 netport_port_t:udp_socket send_msg;
+ dontaudit $1 mysqlmanagerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the netport port.
+## Receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55058,17 +55944,17 @@ interface(`corenet_dontaudit_udp_send_netport_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_netport_port',`
+interface(`corenet_udp_receive_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:udp_socket recv_msg;
+ allow $1 mysqlmanagerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the netport port.
+## Do not audit attempts to receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55077,17 +55963,17 @@ interface(`corenet_udp_receive_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_netport_port',`
+interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- dontaudit $1 netport_port_t:udp_socket recv_msg;
+ dontaudit $1 mysqlmanagerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the netport port.
+## Send and receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55096,15 +55982,15 @@ interface(`corenet_dontaudit_udp_receive_netport_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_netport_port',`
- corenet_udp_send_netport_port($1)
- corenet_udp_receive_netport_port($1)
+interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
+ corenet_udp_send_mysqlmanagerd_port($1)
+ corenet_udp_receive_mysqlmanagerd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the netport port.
+## UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55113,14 +55999,14 @@ interface(`corenet_udp_sendrecv_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
- corenet_dontaudit_udp_send_netport_port($1)
- corenet_dontaudit_udp_receive_netport_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
+ corenet_dontaudit_udp_send_mysqlmanagerd_port($1)
+ corenet_dontaudit_udp_receive_mysqlmanagerd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the netport port.
+## Bind TCP sockets to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55129,18 +56015,18 @@ interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_netport_port',`
+interface(`corenet_tcp_bind_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:tcp_socket name_bind;
+ allow $1 mysqlmanagerd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the netport port.
+## Bind UDP sockets to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55149,18 +56035,18 @@ interface(`corenet_tcp_bind_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_netport_port',`
+interface(`corenet_udp_bind_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:udp_socket name_bind;
+ allow $1 mysqlmanagerd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the netport port.
+## Make a TCP connection to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -55168,18 +56054,18 @@ interface(`corenet_udp_bind_netport_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_netport_port',`
+interface(`corenet_tcp_connect_mysqlmanagerd_port',`
gen_require(`
- type netport_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 netport_port_t:tcp_socket name_connect;
+ allow $1 mysqlmanagerd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send netport_client packets.
+## Send mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55188,17 +56074,17 @@ interface(`corenet_tcp_connect_netport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netport_client_packets',`
+interface(`corenet_send_mysqlmanagerd_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 netport_client_packet_t:packet send;
+ allow $1 mysqlmanagerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netport_client packets.
+## Do not audit attempts to send mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55207,17 +56093,17 @@ interface(`corenet_send_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netport_client_packets',`
+interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- dontaudit $1 netport_client_packet_t:packet send;
+ dontaudit $1 mysqlmanagerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive netport_client packets.
+## Receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55226,17 +56112,17 @@ interface(`corenet_dontaudit_send_netport_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netport_client_packets',`
+interface(`corenet_receive_mysqlmanagerd_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 netport_client_packet_t:packet recv;
+ allow $1 mysqlmanagerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netport_client packets.
+## Do not audit attempts to receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55245,17 +56131,17 @@ interface(`corenet_receive_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netport_client_packets',`
+interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- dontaudit $1 netport_client_packet_t:packet recv;
+ dontaudit $1 mysqlmanagerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netport_client packets.
+## Send and receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55264,14 +56150,14 @@ interface(`corenet_dontaudit_receive_netport_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netport_client_packets',`
- corenet_send_netport_client_packets($1)
- corenet_receive_netport_client_packets($1)
+interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
+ corenet_send_mysqlmanagerd_client_packets($1)
+ corenet_receive_mysqlmanagerd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netport_client packets.
+## Do not audit attempts to send and receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55280,14 +56166,14 @@ interface(`corenet_sendrecv_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
- corenet_dontaudit_send_netport_client_packets($1)
- corenet_dontaudit_receive_netport_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
+ corenet_dontaudit_send_mysqlmanagerd_client_packets($1)
+ corenet_dontaudit_receive_mysqlmanagerd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to netport_client the packet type.
+## Relabel packets to mysqlmanagerd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55295,18 +56181,18 @@ interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netport_client_packets',`
+interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 netport_client_packet_t:packet relabelto;
+ allow $1 mysqlmanagerd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send netport_server packets.
+## Send mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55315,17 +56201,17 @@ interface(`corenet_relabelto_netport_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netport_server_packets',`
+interface(`corenet_send_mysqlmanagerd_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 netport_server_packet_t:packet send;
+ allow $1 mysqlmanagerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netport_server packets.
+## Do not audit attempts to send mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55334,17 +56220,17 @@ interface(`corenet_send_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netport_server_packets',`
+interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- dontaudit $1 netport_server_packet_t:packet send;
+ dontaudit $1 mysqlmanagerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive netport_server packets.
+## Receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55353,17 +56239,17 @@ interface(`corenet_dontaudit_send_netport_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netport_server_packets',`
+interface(`corenet_receive_mysqlmanagerd_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 netport_server_packet_t:packet recv;
+ allow $1 mysqlmanagerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netport_server packets.
+## Do not audit attempts to receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55372,17 +56258,17 @@ interface(`corenet_receive_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netport_server_packets',`
+interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- dontaudit $1 netport_server_packet_t:packet recv;
+ dontaudit $1 mysqlmanagerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netport_server packets.
+## Send and receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55391,14 +56277,14 @@ interface(`corenet_dontaudit_receive_netport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netport_server_packets',`
- corenet_send_netport_server_packets($1)
- corenet_receive_netport_server_packets($1)
+interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
+ corenet_send_mysqlmanagerd_server_packets($1)
+ corenet_receive_mysqlmanagerd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netport_server packets.
+## Do not audit attempts to send and receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55407,14 +56293,14 @@ interface(`corenet_sendrecv_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
- corenet_dontaudit_send_netport_server_packets($1)
- corenet_dontaudit_receive_netport_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
+ corenet_dontaudit_send_mysqlmanagerd_server_packets($1)
+ corenet_dontaudit_receive_mysqlmanagerd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to netport_server the packet type.
+## Relabel packets to mysqlmanagerd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55422,12 +56308,12 @@ interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netport_server_packets',`
+interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 netport_server_packet_t:packet relabelto;
+ allow $1 mysqlmanagerd_server_packet_t:packet relabelto;
')
@@ -55435,7 +56321,7 @@ interface(`corenet_relabelto_netport_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the netsupport port.
+## Send and receive TCP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55444,17 +56330,17 @@ interface(`corenet_relabelto_netport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_netsupport_port',`
+interface(`corenet_tcp_sendrecv_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 nessus_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the netsupport port.
+## Send UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55463,17 +56349,17 @@ interface(`corenet_tcp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_netsupport_port',`
+interface(`corenet_udp_send_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:udp_socket send_msg;
+ allow $1 nessus_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the netsupport port.
+## Do not audit attempts to send UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55482,17 +56368,17 @@ interface(`corenet_udp_send_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_netsupport_port',`
+interface(`corenet_dontaudit_udp_send_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- dontaudit $1 netsupport_port_t:udp_socket send_msg;
+ dontaudit $1 nessus_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the netsupport port.
+## Receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55501,17 +56387,17 @@ interface(`corenet_dontaudit_udp_send_netsupport_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_netsupport_port',`
+interface(`corenet_udp_receive_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:udp_socket recv_msg;
+ allow $1 nessus_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the netsupport port.
+## Do not audit attempts to receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55520,17 +56406,17 @@ interface(`corenet_udp_receive_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_netsupport_port',`
+interface(`corenet_dontaudit_udp_receive_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- dontaudit $1 netsupport_port_t:udp_socket recv_msg;
+ dontaudit $1 nessus_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the netsupport port.
+## Send and receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55539,15 +56425,15 @@ interface(`corenet_dontaudit_udp_receive_netsupport_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_netsupport_port',`
- corenet_udp_send_netsupport_port($1)
- corenet_udp_receive_netsupport_port($1)
+interface(`corenet_udp_sendrecv_nessus_port',`
+ corenet_udp_send_nessus_port($1)
+ corenet_udp_receive_nessus_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the netsupport port.
+## UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55556,14 +56442,14 @@ interface(`corenet_udp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
- corenet_dontaudit_udp_send_netsupport_port($1)
- corenet_dontaudit_udp_receive_netsupport_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
+ corenet_dontaudit_udp_send_nessus_port($1)
+ corenet_dontaudit_udp_receive_nessus_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the netsupport port.
+## Bind TCP sockets to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55572,18 +56458,18 @@ interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_netsupport_port',`
+interface(`corenet_tcp_bind_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:tcp_socket name_bind;
+ allow $1 nessus_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the netsupport port.
+## Bind UDP sockets to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55592,18 +56478,18 @@ interface(`corenet_tcp_bind_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_netsupport_port',`
+interface(`corenet_udp_bind_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:udp_socket name_bind;
+ allow $1 nessus_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the netsupport port.
+## Make a TCP connection to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -55611,18 +56497,18 @@ interface(`corenet_udp_bind_netsupport_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_netsupport_port',`
+interface(`corenet_tcp_connect_nessus_port',`
gen_require(`
- type netsupport_port_t;
+ type nessus_port_t;
')
- allow $1 netsupport_port_t:tcp_socket name_connect;
+ allow $1 nessus_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send netsupport_client packets.
+## Send nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55631,17 +56517,17 @@ interface(`corenet_tcp_connect_netsupport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netsupport_client_packets',`
+interface(`corenet_send_nessus_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type nessus_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet send;
+ allow $1 nessus_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netsupport_client packets.
+## Do not audit attempts to send nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55650,17 +56536,17 @@ interface(`corenet_send_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netsupport_client_packets',`
+interface(`corenet_dontaudit_send_nessus_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type nessus_client_packet_t;
')
- dontaudit $1 netsupport_client_packet_t:packet send;
+ dontaudit $1 nessus_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive netsupport_client packets.
+## Receive nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55669,17 +56555,17 @@ interface(`corenet_dontaudit_send_netsupport_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netsupport_client_packets',`
+interface(`corenet_receive_nessus_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type nessus_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet recv;
+ allow $1 nessus_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netsupport_client packets.
+## Do not audit attempts to receive nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55688,17 +56574,17 @@ interface(`corenet_receive_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netsupport_client_packets',`
+interface(`corenet_dontaudit_receive_nessus_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type nessus_client_packet_t;
')
- dontaudit $1 netsupport_client_packet_t:packet recv;
+ dontaudit $1 nessus_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netsupport_client packets.
+## Send and receive nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55707,14 +56593,14 @@ interface(`corenet_dontaudit_receive_netsupport_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netsupport_client_packets',`
- corenet_send_netsupport_client_packets($1)
- corenet_receive_netsupport_client_packets($1)
+interface(`corenet_sendrecv_nessus_client_packets',`
+ corenet_send_nessus_client_packets($1)
+ corenet_receive_nessus_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netsupport_client packets.
+## Do not audit attempts to send and receive nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55723,14 +56609,14 @@ interface(`corenet_sendrecv_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
- corenet_dontaudit_send_netsupport_client_packets($1)
- corenet_dontaudit_receive_netsupport_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
+ corenet_dontaudit_send_nessus_client_packets($1)
+ corenet_dontaudit_receive_nessus_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to netsupport_client the packet type.
+## Relabel packets to nessus_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55738,18 +56624,18 @@ interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netsupport_client_packets',`
+interface(`corenet_relabelto_nessus_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type nessus_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet relabelto;
+ allow $1 nessus_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send netsupport_server packets.
+## Send nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55758,17 +56644,17 @@ interface(`corenet_relabelto_netsupport_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netsupport_server_packets',`
+interface(`corenet_send_nessus_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type nessus_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet send;
+ allow $1 nessus_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netsupport_server packets.
+## Do not audit attempts to send nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55777,17 +56663,17 @@ interface(`corenet_send_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netsupport_server_packets',`
+interface(`corenet_dontaudit_send_nessus_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type nessus_server_packet_t;
')
- dontaudit $1 netsupport_server_packet_t:packet send;
+ dontaudit $1 nessus_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive netsupport_server packets.
+## Receive nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55796,17 +56682,17 @@ interface(`corenet_dontaudit_send_netsupport_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netsupport_server_packets',`
+interface(`corenet_receive_nessus_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type nessus_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet recv;
+ allow $1 nessus_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netsupport_server packets.
+## Do not audit attempts to receive nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55815,17 +56701,17 @@ interface(`corenet_receive_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netsupport_server_packets',`
+interface(`corenet_dontaudit_receive_nessus_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type nessus_server_packet_t;
')
- dontaudit $1 netsupport_server_packet_t:packet recv;
+ dontaudit $1 nessus_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netsupport_server packets.
+## Send and receive nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55834,14 +56720,14 @@ interface(`corenet_dontaudit_receive_netsupport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netsupport_server_packets',`
- corenet_send_netsupport_server_packets($1)
- corenet_receive_netsupport_server_packets($1)
+interface(`corenet_sendrecv_nessus_server_packets',`
+ corenet_send_nessus_server_packets($1)
+ corenet_receive_nessus_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netsupport_server packets.
+## Do not audit attempts to send and receive nessus_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55850,14 +56736,14 @@ interface(`corenet_sendrecv_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
- corenet_dontaudit_send_netsupport_server_packets($1)
- corenet_dontaudit_receive_netsupport_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
+ corenet_dontaudit_send_nessus_server_packets($1)
+ corenet_dontaudit_receive_nessus_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to netsupport_server the packet type.
+## Relabel packets to nessus_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55865,12 +56751,12 @@ interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netsupport_server_packets',`
+interface(`corenet_relabelto_nessus_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type nessus_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet relabelto;
+ allow $1 nessus_server_packet_t:packet relabelto;
')
@@ -55878,7 +56764,7 @@ interface(`corenet_relabelto_netsupport_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nfs port.
+## Send and receive TCP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55887,17 +56773,17 @@ interface(`corenet_relabelto_netsupport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nfs_port',`
+interface(`corenet_tcp_sendrecv_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 netport_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nfs port.
+## Send UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55906,17 +56792,17 @@ interface(`corenet_tcp_sendrecv_nfs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nfs_port',`
+interface(`corenet_udp_send_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:udp_socket send_msg;
+ allow $1 netport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nfs port.
+## Do not audit attempts to send UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55925,17 +56811,17 @@ interface(`corenet_udp_send_nfs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nfs_port',`
+interface(`corenet_dontaudit_udp_send_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- dontaudit $1 nfs_port_t:udp_socket send_msg;
+ dontaudit $1 netport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nfs port.
+## Receive UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55944,17 +56830,17 @@ interface(`corenet_dontaudit_udp_send_nfs_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nfs_port',`
+interface(`corenet_udp_receive_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:udp_socket recv_msg;
+ allow $1 netport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nfs port.
+## Do not audit attempts to receive UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55963,17 +56849,17 @@ interface(`corenet_udp_receive_nfs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nfs_port',`
+interface(`corenet_dontaudit_udp_receive_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- dontaudit $1 nfs_port_t:udp_socket recv_msg;
+ dontaudit $1 netport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nfs port.
+## Send and receive UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55982,15 +56868,15 @@ interface(`corenet_dontaudit_udp_receive_nfs_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nfs_port',`
- corenet_udp_send_nfs_port($1)
- corenet_udp_receive_nfs_port($1)
+interface(`corenet_udp_sendrecv_netport_port',`
+ corenet_udp_send_netport_port($1)
+ corenet_udp_receive_netport_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nfs port.
+## UDP traffic on the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -55999,14 +56885,14 @@ interface(`corenet_udp_sendrecv_nfs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nfs_port',`
- corenet_dontaudit_udp_send_nfs_port($1)
- corenet_dontaudit_udp_receive_nfs_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
+ corenet_dontaudit_udp_send_netport_port($1)
+ corenet_dontaudit_udp_receive_netport_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nfs port.
+## Bind TCP sockets to the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56015,18 +56901,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nfs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nfs_port',`
+interface(`corenet_tcp_bind_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:tcp_socket name_bind;
+ allow $1 netport_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the nfs port.
+## Bind UDP sockets to the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56035,18 +56921,18 @@ interface(`corenet_tcp_bind_nfs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nfs_port',`
+interface(`corenet_udp_bind_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:udp_socket name_bind;
+ allow $1 netport_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the nfs port.
+## Make a TCP connection to the netport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56054,18 +56940,18 @@ interface(`corenet_udp_bind_nfs_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nfs_port',`
+interface(`corenet_tcp_connect_netport_port',`
gen_require(`
- type nfs_port_t;
+ type netport_port_t;
')
- allow $1 nfs_port_t:tcp_socket name_connect;
+ allow $1 netport_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nfs_client packets.
+## Send netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56074,17 +56960,17 @@ interface(`corenet_tcp_connect_nfs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nfs_client_packets',`
+interface(`corenet_send_netport_client_packets',`
gen_require(`
- type nfs_client_packet_t;
+ type netport_client_packet_t;
')
- allow $1 nfs_client_packet_t:packet send;
+ allow $1 netport_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nfs_client packets.
+## Do not audit attempts to send netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56093,17 +56979,17 @@ interface(`corenet_send_nfs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nfs_client_packets',`
+interface(`corenet_dontaudit_send_netport_client_packets',`
gen_require(`
- type nfs_client_packet_t;
+ type netport_client_packet_t;
')
- dontaudit $1 nfs_client_packet_t:packet send;
+ dontaudit $1 netport_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nfs_client packets.
+## Receive netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56112,17 +56998,17 @@ interface(`corenet_dontaudit_send_nfs_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nfs_client_packets',`
+interface(`corenet_receive_netport_client_packets',`
gen_require(`
- type nfs_client_packet_t;
+ type netport_client_packet_t;
')
- allow $1 nfs_client_packet_t:packet recv;
+ allow $1 netport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nfs_client packets.
+## Do not audit attempts to receive netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56131,17 +57017,17 @@ interface(`corenet_receive_nfs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nfs_client_packets',`
+interface(`corenet_dontaudit_receive_netport_client_packets',`
gen_require(`
- type nfs_client_packet_t;
+ type netport_client_packet_t;
')
- dontaudit $1 nfs_client_packet_t:packet recv;
+ dontaudit $1 netport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nfs_client packets.
+## Send and receive netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56150,14 +57036,14 @@ interface(`corenet_dontaudit_receive_nfs_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nfs_client_packets',`
- corenet_send_nfs_client_packets($1)
- corenet_receive_nfs_client_packets($1)
+interface(`corenet_sendrecv_netport_client_packets',`
+ corenet_send_netport_client_packets($1)
+ corenet_receive_netport_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nfs_client packets.
+## Do not audit attempts to send and receive netport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56166,14 +57052,14 @@ interface(`corenet_sendrecv_nfs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nfs_client_packets',`
- corenet_dontaudit_send_nfs_client_packets($1)
- corenet_dontaudit_receive_nfs_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
+ corenet_dontaudit_send_netport_client_packets($1)
+ corenet_dontaudit_receive_netport_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nfs_client the packet type.
+## Relabel packets to netport_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56181,18 +57067,18 @@ interface(`corenet_dontaudit_sendrecv_nfs_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nfs_client_packets',`
+interface(`corenet_relabelto_netport_client_packets',`
gen_require(`
- type nfs_client_packet_t;
+ type netport_client_packet_t;
')
- allow $1 nfs_client_packet_t:packet relabelto;
+ allow $1 netport_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nfs_server packets.
+## Send netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56201,17 +57087,17 @@ interface(`corenet_relabelto_nfs_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nfs_server_packets',`
+interface(`corenet_send_netport_server_packets',`
gen_require(`
- type nfs_server_packet_t;
+ type netport_server_packet_t;
')
- allow $1 nfs_server_packet_t:packet send;
+ allow $1 netport_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nfs_server packets.
+## Do not audit attempts to send netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56220,17 +57106,17 @@ interface(`corenet_send_nfs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nfs_server_packets',`
+interface(`corenet_dontaudit_send_netport_server_packets',`
gen_require(`
- type nfs_server_packet_t;
+ type netport_server_packet_t;
')
- dontaudit $1 nfs_server_packet_t:packet send;
+ dontaudit $1 netport_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nfs_server packets.
+## Receive netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56239,17 +57125,17 @@ interface(`corenet_dontaudit_send_nfs_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nfs_server_packets',`
+interface(`corenet_receive_netport_server_packets',`
gen_require(`
- type nfs_server_packet_t;
+ type netport_server_packet_t;
')
- allow $1 nfs_server_packet_t:packet recv;
+ allow $1 netport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nfs_server packets.
+## Do not audit attempts to receive netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56258,17 +57144,17 @@ interface(`corenet_receive_nfs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nfs_server_packets',`
+interface(`corenet_dontaudit_receive_netport_server_packets',`
gen_require(`
- type nfs_server_packet_t;
+ type netport_server_packet_t;
')
- dontaudit $1 nfs_server_packet_t:packet recv;
+ dontaudit $1 netport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nfs_server packets.
+## Send and receive netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56277,14 +57163,14 @@ interface(`corenet_dontaudit_receive_nfs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nfs_server_packets',`
- corenet_send_nfs_server_packets($1)
- corenet_receive_nfs_server_packets($1)
+interface(`corenet_sendrecv_netport_server_packets',`
+ corenet_send_netport_server_packets($1)
+ corenet_receive_netport_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nfs_server packets.
+## Do not audit attempts to send and receive netport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56293,14 +57179,14 @@ interface(`corenet_sendrecv_nfs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nfs_server_packets',`
- corenet_dontaudit_send_nfs_server_packets($1)
- corenet_dontaudit_receive_nfs_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
+ corenet_dontaudit_send_netport_server_packets($1)
+ corenet_dontaudit_receive_netport_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nfs_server the packet type.
+## Relabel packets to netport_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56308,12 +57194,12 @@ interface(`corenet_dontaudit_sendrecv_nfs_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nfs_server_packets',`
+interface(`corenet_relabelto_netport_server_packets',`
gen_require(`
- type nfs_server_packet_t;
+ type netport_server_packet_t;
')
- allow $1 nfs_server_packet_t:packet relabelto;
+ allow $1 netport_server_packet_t:packet relabelto;
')
@@ -56321,7 +57207,7 @@ interface(`corenet_relabelto_nfs_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nfsrdma port.
+## Send and receive TCP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56330,17 +57216,17 @@ interface(`corenet_relabelto_nfs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nfsrdma_port',`
+interface(`corenet_tcp_sendrecv_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 netsupport_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nfsrdma port.
+## Send UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56349,17 +57235,17 @@ interface(`corenet_tcp_sendrecv_nfsrdma_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nfsrdma_port',`
+interface(`corenet_udp_send_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:udp_socket send_msg;
+ allow $1 netsupport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nfsrdma port.
+## Do not audit attempts to send UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56368,17 +57254,17 @@ interface(`corenet_udp_send_nfsrdma_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nfsrdma_port',`
+interface(`corenet_dontaudit_udp_send_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- dontaudit $1 nfsrdma_port_t:udp_socket send_msg;
+ dontaudit $1 netsupport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nfsrdma port.
+## Receive UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56387,17 +57273,17 @@ interface(`corenet_dontaudit_udp_send_nfsrdma_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nfsrdma_port',`
+interface(`corenet_udp_receive_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:udp_socket recv_msg;
+ allow $1 netsupport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nfsrdma port.
+## Do not audit attempts to receive UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56406,17 +57292,17 @@ interface(`corenet_udp_receive_nfsrdma_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nfsrdma_port',`
+interface(`corenet_dontaudit_udp_receive_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- dontaudit $1 nfsrdma_port_t:udp_socket recv_msg;
+ dontaudit $1 netsupport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nfsrdma port.
+## Send and receive UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56425,15 +57311,15 @@ interface(`corenet_dontaudit_udp_receive_nfsrdma_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nfsrdma_port',`
- corenet_udp_send_nfsrdma_port($1)
- corenet_udp_receive_nfsrdma_port($1)
+interface(`corenet_udp_sendrecv_netsupport_port',`
+ corenet_udp_send_netsupport_port($1)
+ corenet_udp_receive_netsupport_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nfsrdma port.
+## UDP traffic on the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56442,14 +57328,14 @@ interface(`corenet_udp_sendrecv_nfsrdma_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nfsrdma_port',`
- corenet_dontaudit_udp_send_nfsrdma_port($1)
- corenet_dontaudit_udp_receive_nfsrdma_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
+ corenet_dontaudit_udp_send_netsupport_port($1)
+ corenet_dontaudit_udp_receive_netsupport_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nfsrdma port.
+## Bind TCP sockets to the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56458,18 +57344,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nfsrdma_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nfsrdma_port',`
+interface(`corenet_tcp_bind_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:tcp_socket name_bind;
+ allow $1 netsupport_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the nfsrdma port.
+## Bind UDP sockets to the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56478,18 +57364,18 @@ interface(`corenet_tcp_bind_nfsrdma_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nfsrdma_port',`
+interface(`corenet_udp_bind_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:udp_socket name_bind;
+ allow $1 netsupport_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the nfsrdma port.
+## Make a TCP connection to the netsupport port.
## </summary>
## <param name="domain">
## <summary>
@@ -56497,18 +57383,18 @@ interface(`corenet_udp_bind_nfsrdma_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nfsrdma_port',`
+interface(`corenet_tcp_connect_netsupport_port',`
gen_require(`
- type nfsrdma_port_t;
+ type netsupport_port_t;
')
- allow $1 nfsrdma_port_t:tcp_socket name_connect;
+ allow $1 netsupport_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nfsrdma_client packets.
+## Send netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56517,17 +57403,17 @@ interface(`corenet_tcp_connect_nfsrdma_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nfsrdma_client_packets',`
+interface(`corenet_send_netsupport_client_packets',`
gen_require(`
- type nfsrdma_client_packet_t;
+ type netsupport_client_packet_t;
')
- allow $1 nfsrdma_client_packet_t:packet send;
+ allow $1 netsupport_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nfsrdma_client packets.
+## Do not audit attempts to send netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56536,17 +57422,17 @@ interface(`corenet_send_nfsrdma_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nfsrdma_client_packets',`
+interface(`corenet_dontaudit_send_netsupport_client_packets',`
gen_require(`
- type nfsrdma_client_packet_t;
+ type netsupport_client_packet_t;
')
- dontaudit $1 nfsrdma_client_packet_t:packet send;
+ dontaudit $1 netsupport_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nfsrdma_client packets.
+## Receive netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56555,17 +57441,17 @@ interface(`corenet_dontaudit_send_nfsrdma_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nfsrdma_client_packets',`
+interface(`corenet_receive_netsupport_client_packets',`
gen_require(`
- type nfsrdma_client_packet_t;
+ type netsupport_client_packet_t;
')
- allow $1 nfsrdma_client_packet_t:packet recv;
+ allow $1 netsupport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nfsrdma_client packets.
+## Do not audit attempts to receive netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56574,17 +57460,17 @@ interface(`corenet_receive_nfsrdma_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nfsrdma_client_packets',`
+interface(`corenet_dontaudit_receive_netsupport_client_packets',`
gen_require(`
- type nfsrdma_client_packet_t;
+ type netsupport_client_packet_t;
')
- dontaudit $1 nfsrdma_client_packet_t:packet recv;
+ dontaudit $1 netsupport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nfsrdma_client packets.
+## Send and receive netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56593,14 +57479,14 @@ interface(`corenet_dontaudit_receive_nfsrdma_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nfsrdma_client_packets',`
- corenet_send_nfsrdma_client_packets($1)
- corenet_receive_nfsrdma_client_packets($1)
+interface(`corenet_sendrecv_netsupport_client_packets',`
+ corenet_send_netsupport_client_packets($1)
+ corenet_receive_netsupport_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nfsrdma_client packets.
+## Do not audit attempts to send and receive netsupport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56609,14 +57495,14 @@ interface(`corenet_sendrecv_nfsrdma_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nfsrdma_client_packets',`
- corenet_dontaudit_send_nfsrdma_client_packets($1)
- corenet_dontaudit_receive_nfsrdma_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
+ corenet_dontaudit_send_netsupport_client_packets($1)
+ corenet_dontaudit_receive_netsupport_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nfsrdma_client the packet type.
+## Relabel packets to netsupport_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56624,18 +57510,18 @@ interface(`corenet_dontaudit_sendrecv_nfsrdma_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nfsrdma_client_packets',`
+interface(`corenet_relabelto_netsupport_client_packets',`
gen_require(`
- type nfsrdma_client_packet_t;
+ type netsupport_client_packet_t;
')
- allow $1 nfsrdma_client_packet_t:packet relabelto;
+ allow $1 netsupport_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nfsrdma_server packets.
+## Send netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56644,17 +57530,17 @@ interface(`corenet_relabelto_nfsrdma_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nfsrdma_server_packets',`
+interface(`corenet_send_netsupport_server_packets',`
gen_require(`
- type nfsrdma_server_packet_t;
+ type netsupport_server_packet_t;
')
- allow $1 nfsrdma_server_packet_t:packet send;
+ allow $1 netsupport_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nfsrdma_server packets.
+## Do not audit attempts to send netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56663,17 +57549,17 @@ interface(`corenet_send_nfsrdma_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nfsrdma_server_packets',`
+interface(`corenet_dontaudit_send_netsupport_server_packets',`
gen_require(`
- type nfsrdma_server_packet_t;
+ type netsupport_server_packet_t;
')
- dontaudit $1 nfsrdma_server_packet_t:packet send;
+ dontaudit $1 netsupport_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nfsrdma_server packets.
+## Receive netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56682,17 +57568,17 @@ interface(`corenet_dontaudit_send_nfsrdma_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nfsrdma_server_packets',`
+interface(`corenet_receive_netsupport_server_packets',`
gen_require(`
- type nfsrdma_server_packet_t;
+ type netsupport_server_packet_t;
')
- allow $1 nfsrdma_server_packet_t:packet recv;
+ allow $1 netsupport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nfsrdma_server packets.
+## Do not audit attempts to receive netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56701,17 +57587,17 @@ interface(`corenet_receive_nfsrdma_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nfsrdma_server_packets',`
+interface(`corenet_dontaudit_receive_netsupport_server_packets',`
gen_require(`
- type nfsrdma_server_packet_t;
+ type netsupport_server_packet_t;
')
- dontaudit $1 nfsrdma_server_packet_t:packet recv;
+ dontaudit $1 netsupport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nfsrdma_server packets.
+## Send and receive netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56720,14 +57606,14 @@ interface(`corenet_dontaudit_receive_nfsrdma_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nfsrdma_server_packets',`
- corenet_send_nfsrdma_server_packets($1)
- corenet_receive_nfsrdma_server_packets($1)
+interface(`corenet_sendrecv_netsupport_server_packets',`
+ corenet_send_netsupport_server_packets($1)
+ corenet_receive_netsupport_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nfsrdma_server packets.
+## Do not audit attempts to send and receive netsupport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56736,14 +57622,14 @@ interface(`corenet_sendrecv_nfsrdma_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nfsrdma_server_packets',`
- corenet_dontaudit_send_nfsrdma_server_packets($1)
- corenet_dontaudit_receive_nfsrdma_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
+ corenet_dontaudit_send_netsupport_server_packets($1)
+ corenet_dontaudit_receive_netsupport_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nfsrdma_server the packet type.
+## Relabel packets to netsupport_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56751,12 +57637,12 @@ interface(`corenet_dontaudit_sendrecv_nfsrdma_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nfsrdma_server_packets',`
+interface(`corenet_relabelto_netsupport_server_packets',`
gen_require(`
- type nfsrdma_server_packet_t;
+ type netsupport_server_packet_t;
')
- allow $1 nfsrdma_server_packet_t:packet relabelto;
+ allow $1 netsupport_server_packet_t:packet relabelto;
')
@@ -56764,7 +57650,7 @@ interface(`corenet_relabelto_nfsrdma_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nmbd port.
+## Send and receive TCP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56773,17 +57659,17 @@ interface(`corenet_relabelto_nfsrdma_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nmbd_port',`
+interface(`corenet_tcp_sendrecv_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 nfs_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nmbd port.
+## Send UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56792,17 +57678,17 @@ interface(`corenet_tcp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nmbd_port',`
+interface(`corenet_udp_send_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:udp_socket send_msg;
+ allow $1 nfs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nmbd port.
+## Do not audit attempts to send UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56811,17 +57697,17 @@ interface(`corenet_udp_send_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nmbd_port',`
+interface(`corenet_dontaudit_udp_send_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- dontaudit $1 nmbd_port_t:udp_socket send_msg;
+ dontaudit $1 nfs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nmbd port.
+## Receive UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56830,17 +57716,17 @@ interface(`corenet_dontaudit_udp_send_nmbd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nmbd_port',`
+interface(`corenet_udp_receive_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:udp_socket recv_msg;
+ allow $1 nfs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nmbd port.
+## Do not audit attempts to receive UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56849,17 +57735,17 @@ interface(`corenet_udp_receive_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nmbd_port',`
+interface(`corenet_dontaudit_udp_receive_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- dontaudit $1 nmbd_port_t:udp_socket recv_msg;
+ dontaudit $1 nfs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nmbd port.
+## Send and receive UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56868,15 +57754,15 @@ interface(`corenet_dontaudit_udp_receive_nmbd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nmbd_port',`
- corenet_udp_send_nmbd_port($1)
- corenet_udp_receive_nmbd_port($1)
+interface(`corenet_udp_sendrecv_nfs_port',`
+ corenet_udp_send_nfs_port($1)
+ corenet_udp_receive_nfs_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nmbd port.
+## UDP traffic on the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56885,14 +57771,14 @@ interface(`corenet_udp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
- corenet_dontaudit_udp_send_nmbd_port($1)
- corenet_dontaudit_udp_receive_nmbd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_nfs_port',`
+ corenet_dontaudit_udp_send_nfs_port($1)
+ corenet_dontaudit_udp_receive_nfs_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nmbd port.
+## Bind TCP sockets to the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56901,18 +57787,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nmbd_port',`
+interface(`corenet_tcp_bind_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 nfs_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the nmbd port.
+## Bind UDP sockets to the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56921,18 +57807,18 @@ interface(`corenet_tcp_bind_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nmbd_port',`
+interface(`corenet_udp_bind_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 nfs_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the nmbd port.
+## Make a TCP connection to the nfs port.
## </summary>
## <param name="domain">
## <summary>
@@ -56940,18 +57826,18 @@ interface(`corenet_udp_bind_nmbd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nmbd_port',`
+interface(`corenet_tcp_connect_nfs_port',`
gen_require(`
- type nmbd_port_t;
+ type nfs_port_t;
')
- allow $1 nmbd_port_t:tcp_socket name_connect;
+ allow $1 nfs_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nmbd_client packets.
+## Send nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56960,17 +57846,17 @@ interface(`corenet_tcp_connect_nmbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nmbd_client_packets',`
+interface(`corenet_send_nfs_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type nfs_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet send;
+ allow $1 nfs_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nmbd_client packets.
+## Do not audit attempts to send nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56979,17 +57865,17 @@ interface(`corenet_send_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nmbd_client_packets',`
+interface(`corenet_dontaudit_send_nfs_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type nfs_client_packet_t;
')
- dontaudit $1 nmbd_client_packet_t:packet send;
+ dontaudit $1 nfs_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nmbd_client packets.
+## Receive nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56998,17 +57884,17 @@ interface(`corenet_dontaudit_send_nmbd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nmbd_client_packets',`
+interface(`corenet_receive_nfs_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type nfs_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet recv;
+ allow $1 nfs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nmbd_client packets.
+## Do not audit attempts to receive nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57017,17 +57903,17 @@ interface(`corenet_receive_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nmbd_client_packets',`
+interface(`corenet_dontaudit_receive_nfs_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type nfs_client_packet_t;
')
- dontaudit $1 nmbd_client_packet_t:packet recv;
+ dontaudit $1 nfs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nmbd_client packets.
+## Send and receive nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57036,14 +57922,14 @@ interface(`corenet_dontaudit_receive_nmbd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nmbd_client_packets',`
- corenet_send_nmbd_client_packets($1)
- corenet_receive_nmbd_client_packets($1)
+interface(`corenet_sendrecv_nfs_client_packets',`
+ corenet_send_nfs_client_packets($1)
+ corenet_receive_nfs_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nmbd_client packets.
+## Do not audit attempts to send and receive nfs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57052,14 +57938,14 @@ interface(`corenet_sendrecv_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
- corenet_dontaudit_send_nmbd_client_packets($1)
- corenet_dontaudit_receive_nmbd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_nfs_client_packets',`
+ corenet_dontaudit_send_nfs_client_packets($1)
+ corenet_dontaudit_receive_nfs_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nmbd_client the packet type.
+## Relabel packets to nfs_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57067,18 +57953,18 @@ interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nmbd_client_packets',`
+interface(`corenet_relabelto_nfs_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type nfs_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet relabelto;
+ allow $1 nfs_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nmbd_server packets.
+## Send nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57087,17 +57973,17 @@ interface(`corenet_relabelto_nmbd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nmbd_server_packets',`
+interface(`corenet_send_nfs_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type nfs_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet send;
+ allow $1 nfs_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nmbd_server packets.
+## Do not audit attempts to send nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57106,17 +57992,17 @@ interface(`corenet_send_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nmbd_server_packets',`
+interface(`corenet_dontaudit_send_nfs_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type nfs_server_packet_t;
')
- dontaudit $1 nmbd_server_packet_t:packet send;
+ dontaudit $1 nfs_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nmbd_server packets.
+## Receive nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57125,17 +58011,17 @@ interface(`corenet_dontaudit_send_nmbd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nmbd_server_packets',`
+interface(`corenet_receive_nfs_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type nfs_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet recv;
+ allow $1 nfs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nmbd_server packets.
+## Do not audit attempts to receive nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57144,17 +58030,17 @@ interface(`corenet_receive_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nmbd_server_packets',`
+interface(`corenet_dontaudit_receive_nfs_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type nfs_server_packet_t;
')
- dontaudit $1 nmbd_server_packet_t:packet recv;
+ dontaudit $1 nfs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nmbd_server packets.
+## Send and receive nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57163,14 +58049,14 @@ interface(`corenet_dontaudit_receive_nmbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nmbd_server_packets',`
- corenet_send_nmbd_server_packets($1)
- corenet_receive_nmbd_server_packets($1)
+interface(`corenet_sendrecv_nfs_server_packets',`
+ corenet_send_nfs_server_packets($1)
+ corenet_receive_nfs_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nmbd_server packets.
+## Do not audit attempts to send and receive nfs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57179,14 +58065,14 @@ interface(`corenet_sendrecv_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
- corenet_dontaudit_send_nmbd_server_packets($1)
- corenet_dontaudit_receive_nmbd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_nfs_server_packets',`
+ corenet_dontaudit_send_nfs_server_packets($1)
+ corenet_dontaudit_receive_nfs_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nmbd_server the packet type.
+## Relabel packets to nfs_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57194,12 +58080,12 @@ interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nmbd_server_packets',`
+interface(`corenet_relabelto_nfs_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type nfs_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet relabelto;
+ allow $1 nfs_server_packet_t:packet relabelto;
')
@@ -57207,7 +58093,7 @@ interface(`corenet_relabelto_nmbd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ntop port.
+## Send and receive TCP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57216,17 +58102,17 @@ interface(`corenet_relabelto_nmbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ntop_port',`
+interface(`corenet_tcp_sendrecv_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 nfsrdma_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ntop port.
+## Send UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57235,17 +58121,17 @@ interface(`corenet_tcp_sendrecv_ntop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ntop_port',`
+interface(`corenet_udp_send_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:udp_socket send_msg;
+ allow $1 nfsrdma_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ntop port.
+## Do not audit attempts to send UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57254,17 +58140,17 @@ interface(`corenet_udp_send_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ntop_port',`
+interface(`corenet_dontaudit_udp_send_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- dontaudit $1 ntop_port_t:udp_socket send_msg;
+ dontaudit $1 nfsrdma_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ntop port.
+## Receive UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57273,17 +58159,17 @@ interface(`corenet_dontaudit_udp_send_ntop_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ntop_port',`
+interface(`corenet_udp_receive_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:udp_socket recv_msg;
+ allow $1 nfsrdma_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ntop port.
+## Do not audit attempts to receive UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57292,17 +58178,17 @@ interface(`corenet_udp_receive_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ntop_port',`
+interface(`corenet_dontaudit_udp_receive_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- dontaudit $1 ntop_port_t:udp_socket recv_msg;
+ dontaudit $1 nfsrdma_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ntop port.
+## Send and receive UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57311,15 +58197,15 @@ interface(`corenet_dontaudit_udp_receive_ntop_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ntop_port',`
- corenet_udp_send_ntop_port($1)
- corenet_udp_receive_ntop_port($1)
+interface(`corenet_udp_sendrecv_nfsrdma_port',`
+ corenet_udp_send_nfsrdma_port($1)
+ corenet_udp_receive_nfsrdma_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ntop port.
+## UDP traffic on the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57328,14 +58214,14 @@ interface(`corenet_udp_sendrecv_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
- corenet_dontaudit_udp_send_ntop_port($1)
- corenet_dontaudit_udp_receive_ntop_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_nfsrdma_port',`
+ corenet_dontaudit_udp_send_nfsrdma_port($1)
+ corenet_dontaudit_udp_receive_nfsrdma_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ntop port.
+## Bind TCP sockets to the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57344,18 +58230,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ntop_port',`
+interface(`corenet_tcp_bind_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 nfsrdma_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ntop port.
+## Bind UDP sockets to the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57364,18 +58250,18 @@ interface(`corenet_tcp_bind_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ntop_port',`
+interface(`corenet_udp_bind_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 nfsrdma_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ntop port.
+## Make a TCP connection to the nfsrdma port.
## </summary>
## <param name="domain">
## <summary>
@@ -57383,18 +58269,18 @@ interface(`corenet_udp_bind_ntop_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ntop_port',`
+interface(`corenet_tcp_connect_nfsrdma_port',`
gen_require(`
- type ntop_port_t;
+ type nfsrdma_port_t;
')
- allow $1 ntop_port_t:tcp_socket name_connect;
+ allow $1 nfsrdma_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ntop_client packets.
+## Send nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57403,17 +58289,17 @@ interface(`corenet_tcp_connect_ntop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntop_client_packets',`
+interface(`corenet_send_nfsrdma_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type nfsrdma_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet send;
+ allow $1 nfsrdma_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntop_client packets.
+## Do not audit attempts to send nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57422,17 +58308,17 @@ interface(`corenet_send_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntop_client_packets',`
+interface(`corenet_dontaudit_send_nfsrdma_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type nfsrdma_client_packet_t;
')
- dontaudit $1 ntop_client_packet_t:packet send;
+ dontaudit $1 nfsrdma_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntop_client packets.
+## Receive nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57441,17 +58327,17 @@ interface(`corenet_dontaudit_send_ntop_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntop_client_packets',`
+interface(`corenet_receive_nfsrdma_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type nfsrdma_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet recv;
+ allow $1 nfsrdma_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntop_client packets.
+## Do not audit attempts to receive nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57460,17 +58346,17 @@ interface(`corenet_receive_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntop_client_packets',`
+interface(`corenet_dontaudit_receive_nfsrdma_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type nfsrdma_client_packet_t;
')
- dontaudit $1 ntop_client_packet_t:packet recv;
+ dontaudit $1 nfsrdma_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntop_client packets.
+## Send and receive nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57479,14 +58365,14 @@ interface(`corenet_dontaudit_receive_ntop_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntop_client_packets',`
- corenet_send_ntop_client_packets($1)
- corenet_receive_ntop_client_packets($1)
+interface(`corenet_sendrecv_nfsrdma_client_packets',`
+ corenet_send_nfsrdma_client_packets($1)
+ corenet_receive_nfsrdma_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntop_client packets.
+## Do not audit attempts to send and receive nfsrdma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57495,14 +58381,14 @@ interface(`corenet_sendrecv_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
- corenet_dontaudit_send_ntop_client_packets($1)
- corenet_dontaudit_receive_ntop_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_nfsrdma_client_packets',`
+ corenet_dontaudit_send_nfsrdma_client_packets($1)
+ corenet_dontaudit_receive_nfsrdma_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntop_client the packet type.
+## Relabel packets to nfsrdma_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57510,18 +58396,18 @@ interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntop_client_packets',`
+interface(`corenet_relabelto_nfsrdma_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type nfsrdma_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet relabelto;
+ allow $1 nfsrdma_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ntop_server packets.
+## Send nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57530,17 +58416,17 @@ interface(`corenet_relabelto_ntop_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntop_server_packets',`
+interface(`corenet_send_nfsrdma_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type nfsrdma_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet send;
+ allow $1 nfsrdma_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntop_server packets.
+## Do not audit attempts to send nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57549,17 +58435,17 @@ interface(`corenet_send_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntop_server_packets',`
+interface(`corenet_dontaudit_send_nfsrdma_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type nfsrdma_server_packet_t;
')
- dontaudit $1 ntop_server_packet_t:packet send;
+ dontaudit $1 nfsrdma_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntop_server packets.
+## Receive nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57568,17 +58454,17 @@ interface(`corenet_dontaudit_send_ntop_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntop_server_packets',`
+interface(`corenet_receive_nfsrdma_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type nfsrdma_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet recv;
+ allow $1 nfsrdma_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntop_server packets.
+## Do not audit attempts to receive nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57587,17 +58473,17 @@ interface(`corenet_receive_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntop_server_packets',`
+interface(`corenet_dontaudit_receive_nfsrdma_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type nfsrdma_server_packet_t;
')
- dontaudit $1 ntop_server_packet_t:packet recv;
+ dontaudit $1 nfsrdma_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntop_server packets.
+## Send and receive nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57606,14 +58492,14 @@ interface(`corenet_dontaudit_receive_ntop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntop_server_packets',`
- corenet_send_ntop_server_packets($1)
- corenet_receive_ntop_server_packets($1)
+interface(`corenet_sendrecv_nfsrdma_server_packets',`
+ corenet_send_nfsrdma_server_packets($1)
+ corenet_receive_nfsrdma_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntop_server packets.
+## Do not audit attempts to send and receive nfsrdma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57622,14 +58508,14 @@ interface(`corenet_sendrecv_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
- corenet_dontaudit_send_ntop_server_packets($1)
- corenet_dontaudit_receive_ntop_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_nfsrdma_server_packets',`
+ corenet_dontaudit_send_nfsrdma_server_packets($1)
+ corenet_dontaudit_receive_nfsrdma_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntop_server the packet type.
+## Relabel packets to nfsrdma_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57637,12 +58523,12 @@ interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntop_server_packets',`
+interface(`corenet_relabelto_nfsrdma_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type nfsrdma_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet relabelto;
+ allow $1 nfsrdma_server_packet_t:packet relabelto;
')
@@ -57650,7 +58536,7 @@ interface(`corenet_relabelto_ntop_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ntp port.
+## Send and receive TCP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57659,17 +58545,17 @@ interface(`corenet_relabelto_ntop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ntp_port',`
+interface(`corenet_tcp_sendrecv_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 nmbd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ntp port.
+## Send UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57678,17 +58564,17 @@ interface(`corenet_tcp_sendrecv_ntp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ntp_port',`
+interface(`corenet_udp_send_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:udp_socket send_msg;
+ allow $1 nmbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ntp port.
+## Do not audit attempts to send UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57697,17 +58583,17 @@ interface(`corenet_udp_send_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ntp_port',`
+interface(`corenet_dontaudit_udp_send_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- dontaudit $1 ntp_port_t:udp_socket send_msg;
+ dontaudit $1 nmbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ntp port.
+## Receive UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57716,17 +58602,17 @@ interface(`corenet_dontaudit_udp_send_ntp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ntp_port',`
+interface(`corenet_udp_receive_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:udp_socket recv_msg;
+ allow $1 nmbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ntp port.
+## Do not audit attempts to receive UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57735,17 +58621,17 @@ interface(`corenet_udp_receive_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ntp_port',`
+interface(`corenet_dontaudit_udp_receive_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- dontaudit $1 ntp_port_t:udp_socket recv_msg;
+ dontaudit $1 nmbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ntp port.
+## Send and receive UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57754,15 +58640,15 @@ interface(`corenet_dontaudit_udp_receive_ntp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ntp_port',`
- corenet_udp_send_ntp_port($1)
- corenet_udp_receive_ntp_port($1)
+interface(`corenet_udp_sendrecv_nmbd_port',`
+ corenet_udp_send_nmbd_port($1)
+ corenet_udp_receive_nmbd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ntp port.
+## UDP traffic on the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57771,14 +58657,14 @@ interface(`corenet_udp_sendrecv_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
- corenet_dontaudit_udp_send_ntp_port($1)
- corenet_dontaudit_udp_receive_ntp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
+ corenet_dontaudit_udp_send_nmbd_port($1)
+ corenet_dontaudit_udp_receive_nmbd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ntp port.
+## Bind TCP sockets to the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57787,18 +58673,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ntp_port',`
+interface(`corenet_tcp_bind_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:tcp_socket name_bind;
+ allow $1 nmbd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ntp port.
+## Bind UDP sockets to the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57807,18 +58693,18 @@ interface(`corenet_tcp_bind_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ntp_port',`
+interface(`corenet_udp_bind_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:udp_socket name_bind;
+ allow $1 nmbd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ntp port.
+## Make a TCP connection to the nmbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -57826,18 +58712,18 @@ interface(`corenet_udp_bind_ntp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ntp_port',`
+interface(`corenet_tcp_connect_nmbd_port',`
gen_require(`
- type ntp_port_t;
+ type nmbd_port_t;
')
- allow $1 ntp_port_t:tcp_socket name_connect;
+ allow $1 nmbd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ntp_client packets.
+## Send nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57846,17 +58732,17 @@ interface(`corenet_tcp_connect_ntp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntp_client_packets',`
+interface(`corenet_send_nmbd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type nmbd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet send;
+ allow $1 nmbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntp_client packets.
+## Do not audit attempts to send nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57865,17 +58751,17 @@ interface(`corenet_send_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntp_client_packets',`
+interface(`corenet_dontaudit_send_nmbd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type nmbd_client_packet_t;
')
- dontaudit $1 ntp_client_packet_t:packet send;
+ dontaudit $1 nmbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntp_client packets.
+## Receive nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57884,17 +58770,17 @@ interface(`corenet_dontaudit_send_ntp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntp_client_packets',`
+interface(`corenet_receive_nmbd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type nmbd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet recv;
+ allow $1 nmbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntp_client packets.
+## Do not audit attempts to receive nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57903,17 +58789,17 @@ interface(`corenet_receive_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntp_client_packets',`
+interface(`corenet_dontaudit_receive_nmbd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type nmbd_client_packet_t;
')
- dontaudit $1 ntp_client_packet_t:packet recv;
+ dontaudit $1 nmbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntp_client packets.
+## Send and receive nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57922,14 +58808,14 @@ interface(`corenet_dontaudit_receive_ntp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntp_client_packets',`
- corenet_send_ntp_client_packets($1)
- corenet_receive_ntp_client_packets($1)
+interface(`corenet_sendrecv_nmbd_client_packets',`
+ corenet_send_nmbd_client_packets($1)
+ corenet_receive_nmbd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntp_client packets.
+## Do not audit attempts to send and receive nmbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57938,14 +58824,14 @@ interface(`corenet_sendrecv_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
- corenet_dontaudit_send_ntp_client_packets($1)
- corenet_dontaudit_receive_ntp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
+ corenet_dontaudit_send_nmbd_client_packets($1)
+ corenet_dontaudit_receive_nmbd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntp_client the packet type.
+## Relabel packets to nmbd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57953,18 +58839,18 @@ interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntp_client_packets',`
+interface(`corenet_relabelto_nmbd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type nmbd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet relabelto;
+ allow $1 nmbd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ntp_server packets.
+## Send nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57973,17 +58859,17 @@ interface(`corenet_relabelto_ntp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntp_server_packets',`
+interface(`corenet_send_nmbd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type nmbd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet send;
+ allow $1 nmbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntp_server packets.
+## Do not audit attempts to send nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57992,17 +58878,17 @@ interface(`corenet_send_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntp_server_packets',`
+interface(`corenet_dontaudit_send_nmbd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type nmbd_server_packet_t;
')
- dontaudit $1 ntp_server_packet_t:packet send;
+ dontaudit $1 nmbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntp_server packets.
+## Receive nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58011,17 +58897,17 @@ interface(`corenet_dontaudit_send_ntp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntp_server_packets',`
+interface(`corenet_receive_nmbd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type nmbd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet recv;
+ allow $1 nmbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntp_server packets.
+## Do not audit attempts to receive nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58030,17 +58916,17 @@ interface(`corenet_receive_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntp_server_packets',`
+interface(`corenet_dontaudit_receive_nmbd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type nmbd_server_packet_t;
')
- dontaudit $1 ntp_server_packet_t:packet recv;
+ dontaudit $1 nmbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntp_server packets.
+## Send and receive nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58049,14 +58935,14 @@ interface(`corenet_dontaudit_receive_ntp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntp_server_packets',`
- corenet_send_ntp_server_packets($1)
- corenet_receive_ntp_server_packets($1)
+interface(`corenet_sendrecv_nmbd_server_packets',`
+ corenet_send_nmbd_server_packets($1)
+ corenet_receive_nmbd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntp_server packets.
+## Do not audit attempts to send and receive nmbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58065,14 +58951,14 @@ interface(`corenet_sendrecv_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
- corenet_dontaudit_send_ntp_server_packets($1)
- corenet_dontaudit_receive_ntp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
+ corenet_dontaudit_send_nmbd_server_packets($1)
+ corenet_dontaudit_receive_nmbd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntp_server the packet type.
+## Relabel packets to nmbd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58080,12 +58966,12 @@ interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntp_server_packets',`
+interface(`corenet_relabelto_nmbd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type nmbd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet relabelto;
+ allow $1 nmbd_server_packet_t:packet relabelto;
')
@@ -58093,7 +58979,7 @@ interface(`corenet_relabelto_ntp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the oa_system port.
+## Send and receive TCP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58102,17 +58988,17 @@ interface(`corenet_relabelto_ntp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_oa_system_port',`
+interface(`corenet_tcp_sendrecv_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ntop_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the oa_system port.
+## Send UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58121,17 +59007,17 @@ interface(`corenet_tcp_sendrecv_oa_system_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_oa_system_port',`
+interface(`corenet_udp_send_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:udp_socket send_msg;
+ allow $1 ntop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the oa_system port.
+## Do not audit attempts to send UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58140,17 +59026,17 @@ interface(`corenet_udp_send_oa_system_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_oa_system_port',`
+interface(`corenet_dontaudit_udp_send_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- dontaudit $1 oa_system_port_t:udp_socket send_msg;
+ dontaudit $1 ntop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the oa_system port.
+## Receive UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58159,17 +59045,17 @@ interface(`corenet_dontaudit_udp_send_oa_system_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_oa_system_port',`
+interface(`corenet_udp_receive_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:udp_socket recv_msg;
+ allow $1 ntop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the oa_system port.
+## Do not audit attempts to receive UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58178,17 +59064,17 @@ interface(`corenet_udp_receive_oa_system_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_oa_system_port',`
+interface(`corenet_dontaudit_udp_receive_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- dontaudit $1 oa_system_port_t:udp_socket recv_msg;
+ dontaudit $1 ntop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the oa_system port.
+## Send and receive UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58197,15 +59083,15 @@ interface(`corenet_dontaudit_udp_receive_oa_system_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_oa_system_port',`
- corenet_udp_send_oa_system_port($1)
- corenet_udp_receive_oa_system_port($1)
+interface(`corenet_udp_sendrecv_ntop_port',`
+ corenet_udp_send_ntop_port($1)
+ corenet_udp_receive_ntop_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the oa_system port.
+## UDP traffic on the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58214,14 +59100,14 @@ interface(`corenet_udp_sendrecv_oa_system_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_oa_system_port',`
- corenet_dontaudit_udp_send_oa_system_port($1)
- corenet_dontaudit_udp_receive_oa_system_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
+ corenet_dontaudit_udp_send_ntop_port($1)
+ corenet_dontaudit_udp_receive_ntop_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the oa_system port.
+## Bind TCP sockets to the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58230,18 +59116,18 @@ interface(`corenet_dontaudit_udp_sendrecv_oa_system_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_oa_system_port',`
+interface(`corenet_tcp_bind_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:tcp_socket name_bind;
-
+ allow $1 ntop_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the oa_system port.
+## Bind UDP sockets to the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58250,18 +59136,18 @@ interface(`corenet_tcp_bind_oa_system_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_oa_system_port',`
+interface(`corenet_udp_bind_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:udp_socket name_bind;
-
+ allow $1 ntop_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the oa_system port.
+## Make a TCP connection to the ntop port.
## </summary>
## <param name="domain">
## <summary>
@@ -58269,18 +59155,18 @@ interface(`corenet_udp_bind_oa_system_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_oa_system_port',`
+interface(`corenet_tcp_connect_ntop_port',`
gen_require(`
- type oa_system_port_t;
+ type ntop_port_t;
')
- allow $1 oa_system_port_t:tcp_socket name_connect;
+ allow $1 ntop_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send oa_system_client packets.
+## Send ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58289,17 +59175,17 @@ interface(`corenet_tcp_connect_oa_system_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oa_system_client_packets',`
+interface(`corenet_send_ntop_client_packets',`
gen_require(`
- type oa_system_client_packet_t;
+ type ntop_client_packet_t;
')
- allow $1 oa_system_client_packet_t:packet send;
+ allow $1 ntop_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oa_system_client packets.
+## Do not audit attempts to send ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58308,17 +59194,17 @@ interface(`corenet_send_oa_system_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oa_system_client_packets',`
+interface(`corenet_dontaudit_send_ntop_client_packets',`
gen_require(`
- type oa_system_client_packet_t;
+ type ntop_client_packet_t;
')
- dontaudit $1 oa_system_client_packet_t:packet send;
+ dontaudit $1 ntop_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive oa_system_client packets.
+## Receive ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58327,17 +59213,17 @@ interface(`corenet_dontaudit_send_oa_system_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oa_system_client_packets',`
+interface(`corenet_receive_ntop_client_packets',`
gen_require(`
- type oa_system_client_packet_t;
+ type ntop_client_packet_t;
')
- allow $1 oa_system_client_packet_t:packet recv;
+ allow $1 ntop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oa_system_client packets.
+## Do not audit attempts to receive ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58346,17 +59232,17 @@ interface(`corenet_receive_oa_system_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oa_system_client_packets',`
+interface(`corenet_dontaudit_receive_ntop_client_packets',`
gen_require(`
- type oa_system_client_packet_t;
+ type ntop_client_packet_t;
')
- dontaudit $1 oa_system_client_packet_t:packet recv;
+ dontaudit $1 ntop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oa_system_client packets.
+## Send and receive ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58365,14 +59251,14 @@ interface(`corenet_dontaudit_receive_oa_system_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oa_system_client_packets',`
- corenet_send_oa_system_client_packets($1)
- corenet_receive_oa_system_client_packets($1)
+interface(`corenet_sendrecv_ntop_client_packets',`
+ corenet_send_ntop_client_packets($1)
+ corenet_receive_ntop_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oa_system_client packets.
+## Do not audit attempts to send and receive ntop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58381,14 +59267,14 @@ interface(`corenet_sendrecv_oa_system_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oa_system_client_packets',`
- corenet_dontaudit_send_oa_system_client_packets($1)
- corenet_dontaudit_receive_oa_system_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
+ corenet_dontaudit_send_ntop_client_packets($1)
+ corenet_dontaudit_receive_ntop_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to oa_system_client the packet type.
+## Relabel packets to ntop_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58396,18 +59282,18 @@ interface(`corenet_dontaudit_sendrecv_oa_system_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oa_system_client_packets',`
+interface(`corenet_relabelto_ntop_client_packets',`
gen_require(`
- type oa_system_client_packet_t;
+ type ntop_client_packet_t;
')
- allow $1 oa_system_client_packet_t:packet relabelto;
+ allow $1 ntop_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send oa_system_server packets.
+## Send ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58416,17 +59302,17 @@ interface(`corenet_relabelto_oa_system_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oa_system_server_packets',`
+interface(`corenet_send_ntop_server_packets',`
gen_require(`
- type oa_system_server_packet_t;
+ type ntop_server_packet_t;
')
- allow $1 oa_system_server_packet_t:packet send;
+ allow $1 ntop_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oa_system_server packets.
+## Do not audit attempts to send ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58435,17 +59321,17 @@ interface(`corenet_send_oa_system_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oa_system_server_packets',`
+interface(`corenet_dontaudit_send_ntop_server_packets',`
gen_require(`
- type oa_system_server_packet_t;
+ type ntop_server_packet_t;
')
- dontaudit $1 oa_system_server_packet_t:packet send;
+ dontaudit $1 ntop_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive oa_system_server packets.
+## Receive ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58454,17 +59340,17 @@ interface(`corenet_dontaudit_send_oa_system_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oa_system_server_packets',`
+interface(`corenet_receive_ntop_server_packets',`
gen_require(`
- type oa_system_server_packet_t;
+ type ntop_server_packet_t;
')
- allow $1 oa_system_server_packet_t:packet recv;
+ allow $1 ntop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oa_system_server packets.
+## Do not audit attempts to receive ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58473,17 +59359,17 @@ interface(`corenet_receive_oa_system_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oa_system_server_packets',`
+interface(`corenet_dontaudit_receive_ntop_server_packets',`
gen_require(`
- type oa_system_server_packet_t;
+ type ntop_server_packet_t;
')
- dontaudit $1 oa_system_server_packet_t:packet recv;
+ dontaudit $1 ntop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oa_system_server packets.
+## Send and receive ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58492,14 +59378,14 @@ interface(`corenet_dontaudit_receive_oa_system_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oa_system_server_packets',`
- corenet_send_oa_system_server_packets($1)
- corenet_receive_oa_system_server_packets($1)
+interface(`corenet_sendrecv_ntop_server_packets',`
+ corenet_send_ntop_server_packets($1)
+ corenet_receive_ntop_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oa_system_server packets.
+## Do not audit attempts to send and receive ntop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58508,14 +59394,14 @@ interface(`corenet_sendrecv_oa_system_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oa_system_server_packets',`
- corenet_dontaudit_send_oa_system_server_packets($1)
- corenet_dontaudit_receive_oa_system_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
+ corenet_dontaudit_send_ntop_server_packets($1)
+ corenet_dontaudit_receive_ntop_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to oa_system_server the packet type.
+## Relabel packets to ntop_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58523,12 +59409,12 @@ interface(`corenet_dontaudit_sendrecv_oa_system_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oa_system_server_packets',`
+interface(`corenet_relabelto_ntop_server_packets',`
gen_require(`
- type oa_system_server_packet_t;
+ type ntop_server_packet_t;
')
- allow $1 oa_system_server_packet_t:packet relabelto;
+ allow $1 ntop_server_packet_t:packet relabelto;
')
@@ -58536,7 +59422,7 @@ interface(`corenet_relabelto_oa_system_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the oracledb port.
+## Send and receive TCP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58545,17 +59431,17 @@ interface(`corenet_relabelto_oa_system_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_oracledb_port',`
+interface(`corenet_tcp_sendrecv_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ntp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the oracledb port.
+## Send UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58564,17 +59450,17 @@ interface(`corenet_tcp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_oracledb_port',`
+interface(`corenet_udp_send_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:udp_socket send_msg;
+ allow $1 ntp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the oracledb port.
+## Do not audit attempts to send UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58583,17 +59469,17 @@ interface(`corenet_udp_send_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_oracledb_port',`
+interface(`corenet_dontaudit_udp_send_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- dontaudit $1 oracledb_port_t:udp_socket send_msg;
+ dontaudit $1 ntp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the oracledb port.
+## Receive UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58602,17 +59488,17 @@ interface(`corenet_dontaudit_udp_send_oracledb_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_oracledb_port',`
+interface(`corenet_udp_receive_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:udp_socket recv_msg;
+ allow $1 ntp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the oracledb port.
+## Do not audit attempts to receive UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58621,17 +59507,17 @@ interface(`corenet_udp_receive_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_oracledb_port',`
+interface(`corenet_dontaudit_udp_receive_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- dontaudit $1 oracledb_port_t:udp_socket recv_msg;
+ dontaudit $1 ntp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the oracledb port.
+## Send and receive UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58640,15 +59526,15 @@ interface(`corenet_dontaudit_udp_receive_oracledb_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_oracledb_port',`
- corenet_udp_send_oracledb_port($1)
- corenet_udp_receive_oracledb_port($1)
+interface(`corenet_udp_sendrecv_ntp_port',`
+ corenet_udp_send_ntp_port($1)
+ corenet_udp_receive_ntp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the oracledb port.
+## UDP traffic on the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58657,14 +59543,14 @@ interface(`corenet_udp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
- corenet_dontaudit_udp_send_oracledb_port($1)
- corenet_dontaudit_udp_receive_oracledb_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
+ corenet_dontaudit_udp_send_ntp_port($1)
+ corenet_dontaudit_udp_receive_ntp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the oracledb port.
+## Bind TCP sockets to the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58673,18 +59559,18 @@ interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_oracledb_port',`
+interface(`corenet_tcp_bind_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:tcp_socket name_bind;
-
+ allow $1 ntp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the oracledb port.
+## Bind UDP sockets to the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58693,18 +59579,18 @@ interface(`corenet_tcp_bind_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_oracledb_port',`
+interface(`corenet_udp_bind_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:udp_socket name_bind;
-
+ allow $1 ntp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the oracledb port.
+## Make a TCP connection to the ntp port.
## </summary>
## <param name="domain">
## <summary>
@@ -58712,18 +59598,18 @@ interface(`corenet_udp_bind_oracledb_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_oracledb_port',`
+interface(`corenet_tcp_connect_ntp_port',`
gen_require(`
- type oracledb_port_t;
+ type ntp_port_t;
')
- allow $1 oracledb_port_t:tcp_socket name_connect;
+ allow $1 ntp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send oracledb_client packets.
+## Send ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58732,17 +59618,17 @@ interface(`corenet_tcp_connect_oracledb_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oracledb_client_packets',`
+interface(`corenet_send_ntp_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type ntp_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet send;
+ allow $1 ntp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oracledb_client packets.
+## Do not audit attempts to send ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58751,17 +59637,17 @@ interface(`corenet_send_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oracledb_client_packets',`
+interface(`corenet_dontaudit_send_ntp_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type ntp_client_packet_t;
')
- dontaudit $1 oracledb_client_packet_t:packet send;
+ dontaudit $1 ntp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive oracledb_client packets.
+## Receive ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58770,17 +59656,17 @@ interface(`corenet_dontaudit_send_oracledb_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oracledb_client_packets',`
+interface(`corenet_receive_ntp_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type ntp_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet recv;
+ allow $1 ntp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oracledb_client packets.
+## Do not audit attempts to receive ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58789,17 +59675,17 @@ interface(`corenet_receive_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oracledb_client_packets',`
+interface(`corenet_dontaudit_receive_ntp_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type ntp_client_packet_t;
')
- dontaudit $1 oracledb_client_packet_t:packet recv;
+ dontaudit $1 ntp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oracledb_client packets.
+## Send and receive ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58808,14 +59694,14 @@ interface(`corenet_dontaudit_receive_oracledb_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oracledb_client_packets',`
- corenet_send_oracledb_client_packets($1)
- corenet_receive_oracledb_client_packets($1)
+interface(`corenet_sendrecv_ntp_client_packets',`
+ corenet_send_ntp_client_packets($1)
+ corenet_receive_ntp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oracledb_client packets.
+## Do not audit attempts to send and receive ntp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58824,14 +59710,14 @@ interface(`corenet_sendrecv_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
- corenet_dontaudit_send_oracledb_client_packets($1)
- corenet_dontaudit_receive_oracledb_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
+ corenet_dontaudit_send_ntp_client_packets($1)
+ corenet_dontaudit_receive_ntp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to oracledb_client the packet type.
+## Relabel packets to ntp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58839,18 +59725,18 @@ interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oracledb_client_packets',`
+interface(`corenet_relabelto_ntp_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type ntp_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet relabelto;
+ allow $1 ntp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send oracledb_server packets.
+## Send ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58859,17 +59745,17 @@ interface(`corenet_relabelto_oracledb_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oracledb_server_packets',`
+interface(`corenet_send_ntp_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type ntp_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet send;
+ allow $1 ntp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oracledb_server packets.
+## Do not audit attempts to send ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58878,17 +59764,17 @@ interface(`corenet_send_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oracledb_server_packets',`
+interface(`corenet_dontaudit_send_ntp_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type ntp_server_packet_t;
')
- dontaudit $1 oracledb_server_packet_t:packet send;
+ dontaudit $1 ntp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive oracledb_server packets.
+## Receive ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58897,17 +59783,17 @@ interface(`corenet_dontaudit_send_oracledb_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oracledb_server_packets',`
+interface(`corenet_receive_ntp_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type ntp_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet recv;
+ allow $1 ntp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oracledb_server packets.
+## Do not audit attempts to receive ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58916,17 +59802,17 @@ interface(`corenet_receive_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oracledb_server_packets',`
+interface(`corenet_dontaudit_receive_ntp_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type ntp_server_packet_t;
')
- dontaudit $1 oracledb_server_packet_t:packet recv;
+ dontaudit $1 ntp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oracledb_server packets.
+## Send and receive ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58935,14 +59821,14 @@ interface(`corenet_dontaudit_receive_oracledb_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oracledb_server_packets',`
- corenet_send_oracledb_server_packets($1)
- corenet_receive_oracledb_server_packets($1)
+interface(`corenet_sendrecv_ntp_server_packets',`
+ corenet_send_ntp_server_packets($1)
+ corenet_receive_ntp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oracledb_server packets.
+## Do not audit attempts to send and receive ntp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58951,14 +59837,14 @@ interface(`corenet_sendrecv_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
- corenet_dontaudit_send_oracledb_server_packets($1)
- corenet_dontaudit_receive_oracledb_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
+ corenet_dontaudit_send_ntp_server_packets($1)
+ corenet_dontaudit_receive_ntp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to oracledb_server the packet type.
+## Relabel packets to ntp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58966,12 +59852,12 @@ interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oracledb_server_packets',`
+interface(`corenet_relabelto_ntp_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type ntp_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet relabelto;
+ allow $1 ntp_server_packet_t:packet relabelto;
')
@@ -58979,7 +59865,7 @@ interface(`corenet_relabelto_oracledb_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ocsp port.
+## Send and receive TCP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -58988,17 +59874,17 @@ interface(`corenet_relabelto_oracledb_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ocsp_port',`
+interface(`corenet_tcp_sendrecv_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 oa_system_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ocsp port.
+## Send UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59007,17 +59893,17 @@ interface(`corenet_tcp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ocsp_port',`
+interface(`corenet_udp_send_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:udp_socket send_msg;
+ allow $1 oa_system_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ocsp port.
+## Do not audit attempts to send UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59026,17 +59912,17 @@ interface(`corenet_udp_send_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ocsp_port',`
+interface(`corenet_dontaudit_udp_send_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- dontaudit $1 ocsp_port_t:udp_socket send_msg;
+ dontaudit $1 oa_system_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ocsp port.
+## Receive UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59045,17 +59931,17 @@ interface(`corenet_dontaudit_udp_send_ocsp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ocsp_port',`
+interface(`corenet_udp_receive_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:udp_socket recv_msg;
+ allow $1 oa_system_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ocsp port.
+## Do not audit attempts to receive UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59064,17 +59950,17 @@ interface(`corenet_udp_receive_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ocsp_port',`
+interface(`corenet_dontaudit_udp_receive_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- dontaudit $1 ocsp_port_t:udp_socket recv_msg;
+ dontaudit $1 oa_system_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ocsp port.
+## Send and receive UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59083,15 +59969,15 @@ interface(`corenet_dontaudit_udp_receive_ocsp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ocsp_port',`
- corenet_udp_send_ocsp_port($1)
- corenet_udp_receive_ocsp_port($1)
+interface(`corenet_udp_sendrecv_oa_system_port',`
+ corenet_udp_send_oa_system_port($1)
+ corenet_udp_receive_oa_system_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ocsp port.
+## UDP traffic on the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59100,14 +59986,14 @@ interface(`corenet_udp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
- corenet_dontaudit_udp_send_ocsp_port($1)
- corenet_dontaudit_udp_receive_ocsp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_oa_system_port',`
+ corenet_dontaudit_udp_send_oa_system_port($1)
+ corenet_dontaudit_udp_receive_oa_system_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ocsp port.
+## Bind TCP sockets to the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59116,18 +60002,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ocsp_port',`
+interface(`corenet_tcp_bind_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:tcp_socket name_bind;
+ allow $1 oa_system_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ocsp port.
+## Bind UDP sockets to the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59136,18 +60022,18 @@ interface(`corenet_tcp_bind_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ocsp_port',`
+interface(`corenet_udp_bind_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:udp_socket name_bind;
+ allow $1 oa_system_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ocsp port.
+## Make a TCP connection to the oa_system port.
## </summary>
## <param name="domain">
## <summary>
@@ -59155,18 +60041,18 @@ interface(`corenet_udp_bind_ocsp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ocsp_port',`
+interface(`corenet_tcp_connect_oa_system_port',`
gen_require(`
- type ocsp_port_t;
+ type oa_system_port_t;
')
- allow $1 ocsp_port_t:tcp_socket name_connect;
+ allow $1 oa_system_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ocsp_client packets.
+## Send oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59175,17 +60061,17 @@ interface(`corenet_tcp_connect_ocsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ocsp_client_packets',`
+interface(`corenet_send_oa_system_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type oa_system_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet send;
+ allow $1 oa_system_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ocsp_client packets.
+## Do not audit attempts to send oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59194,17 +60080,17 @@ interface(`corenet_send_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ocsp_client_packets',`
+interface(`corenet_dontaudit_send_oa_system_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type oa_system_client_packet_t;
')
- dontaudit $1 ocsp_client_packet_t:packet send;
+ dontaudit $1 oa_system_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ocsp_client packets.
+## Receive oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59213,17 +60099,17 @@ interface(`corenet_dontaudit_send_ocsp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ocsp_client_packets',`
+interface(`corenet_receive_oa_system_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type oa_system_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet recv;
+ allow $1 oa_system_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ocsp_client packets.
+## Do not audit attempts to receive oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59232,17 +60118,17 @@ interface(`corenet_receive_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ocsp_client_packets',`
+interface(`corenet_dontaudit_receive_oa_system_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type oa_system_client_packet_t;
')
- dontaudit $1 ocsp_client_packet_t:packet recv;
+ dontaudit $1 oa_system_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ocsp_client packets.
+## Send and receive oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59251,14 +60137,14 @@ interface(`corenet_dontaudit_receive_ocsp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ocsp_client_packets',`
- corenet_send_ocsp_client_packets($1)
- corenet_receive_ocsp_client_packets($1)
+interface(`corenet_sendrecv_oa_system_client_packets',`
+ corenet_send_oa_system_client_packets($1)
+ corenet_receive_oa_system_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ocsp_client packets.
+## Do not audit attempts to send and receive oa_system_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59267,14 +60153,14 @@ interface(`corenet_sendrecv_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
- corenet_dontaudit_send_ocsp_client_packets($1)
- corenet_dontaudit_receive_ocsp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_oa_system_client_packets',`
+ corenet_dontaudit_send_oa_system_client_packets($1)
+ corenet_dontaudit_receive_oa_system_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ocsp_client the packet type.
+## Relabel packets to oa_system_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59282,18 +60168,18 @@ interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ocsp_client_packets',`
+interface(`corenet_relabelto_oa_system_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type oa_system_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet relabelto;
+ allow $1 oa_system_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ocsp_server packets.
+## Send oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59302,17 +60188,17 @@ interface(`corenet_relabelto_ocsp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ocsp_server_packets',`
+interface(`corenet_send_oa_system_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type oa_system_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet send;
+ allow $1 oa_system_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ocsp_server packets.
+## Do not audit attempts to send oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59321,17 +60207,17 @@ interface(`corenet_send_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ocsp_server_packets',`
+interface(`corenet_dontaudit_send_oa_system_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type oa_system_server_packet_t;
')
- dontaudit $1 ocsp_server_packet_t:packet send;
+ dontaudit $1 oa_system_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ocsp_server packets.
+## Receive oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59340,17 +60226,17 @@ interface(`corenet_dontaudit_send_ocsp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ocsp_server_packets',`
+interface(`corenet_receive_oa_system_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type oa_system_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet recv;
+ allow $1 oa_system_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ocsp_server packets.
+## Do not audit attempts to receive oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59359,17 +60245,17 @@ interface(`corenet_receive_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ocsp_server_packets',`
+interface(`corenet_dontaudit_receive_oa_system_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type oa_system_server_packet_t;
')
- dontaudit $1 ocsp_server_packet_t:packet recv;
+ dontaudit $1 oa_system_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ocsp_server packets.
+## Send and receive oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59378,14 +60264,14 @@ interface(`corenet_dontaudit_receive_ocsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ocsp_server_packets',`
- corenet_send_ocsp_server_packets($1)
- corenet_receive_ocsp_server_packets($1)
+interface(`corenet_sendrecv_oa_system_server_packets',`
+ corenet_send_oa_system_server_packets($1)
+ corenet_receive_oa_system_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ocsp_server packets.
+## Do not audit attempts to send and receive oa_system_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59394,14 +60280,14 @@ interface(`corenet_sendrecv_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
- corenet_dontaudit_send_ocsp_server_packets($1)
- corenet_dontaudit_receive_ocsp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_oa_system_server_packets',`
+ corenet_dontaudit_send_oa_system_server_packets($1)
+ corenet_dontaudit_receive_oa_system_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ocsp_server the packet type.
+## Relabel packets to oa_system_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59409,12 +60295,12 @@ interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ocsp_server_packets',`
+interface(`corenet_relabelto_oa_system_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type oa_system_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet relabelto;
+ allow $1 oa_system_server_packet_t:packet relabelto;
')
@@ -59422,7 +60308,7 @@ interface(`corenet_relabelto_ocsp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the openhpid port.
+## Send and receive TCP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59431,17 +60317,17 @@ interface(`corenet_relabelto_ocsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_openhpid_port',`
+interface(`corenet_tcp_sendrecv_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 oracledb_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the openhpid port.
+## Send UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59450,17 +60336,17 @@ interface(`corenet_tcp_sendrecv_openhpid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_openhpid_port',`
+interface(`corenet_udp_send_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:udp_socket send_msg;
+ allow $1 oracledb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the openhpid port.
+## Do not audit attempts to send UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59469,17 +60355,17 @@ interface(`corenet_udp_send_openhpid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_openhpid_port',`
+interface(`corenet_dontaudit_udp_send_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- dontaudit $1 openhpid_port_t:udp_socket send_msg;
+ dontaudit $1 oracledb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the openhpid port.
+## Receive UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59488,17 +60374,17 @@ interface(`corenet_dontaudit_udp_send_openhpid_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_openhpid_port',`
+interface(`corenet_udp_receive_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:udp_socket recv_msg;
+ allow $1 oracledb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the openhpid port.
+## Do not audit attempts to receive UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59507,17 +60393,17 @@ interface(`corenet_udp_receive_openhpid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_openhpid_port',`
+interface(`corenet_dontaudit_udp_receive_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- dontaudit $1 openhpid_port_t:udp_socket recv_msg;
+ dontaudit $1 oracledb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the openhpid port.
+## Send and receive UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59526,15 +60412,15 @@ interface(`corenet_dontaudit_udp_receive_openhpid_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_openhpid_port',`
- corenet_udp_send_openhpid_port($1)
- corenet_udp_receive_openhpid_port($1)
+interface(`corenet_udp_sendrecv_oracledb_port',`
+ corenet_udp_send_oracledb_port($1)
+ corenet_udp_receive_oracledb_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the openhpid port.
+## UDP traffic on the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59543,14 +60429,14 @@ interface(`corenet_udp_sendrecv_openhpid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_openhpid_port',`
- corenet_dontaudit_udp_send_openhpid_port($1)
- corenet_dontaudit_udp_receive_openhpid_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
+ corenet_dontaudit_udp_send_oracledb_port($1)
+ corenet_dontaudit_udp_receive_oracledb_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the openhpid port.
+## Bind TCP sockets to the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59559,18 +60445,18 @@ interface(`corenet_dontaudit_udp_sendrecv_openhpid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_openhpid_port',`
+interface(`corenet_tcp_bind_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:tcp_socket name_bind;
+ allow $1 oracledb_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the openhpid port.
+## Bind UDP sockets to the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59579,18 +60465,18 @@ interface(`corenet_tcp_bind_openhpid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_openhpid_port',`
+interface(`corenet_udp_bind_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:udp_socket name_bind;
+ allow $1 oracledb_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the openhpid port.
+## Make a TCP connection to the oracledb port.
## </summary>
## <param name="domain">
## <summary>
@@ -59598,18 +60484,18 @@ interface(`corenet_udp_bind_openhpid_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_openhpid_port',`
+interface(`corenet_tcp_connect_oracledb_port',`
gen_require(`
- type openhpid_port_t;
+ type oracledb_port_t;
')
- allow $1 openhpid_port_t:tcp_socket name_connect;
+ allow $1 oracledb_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send openhpid_client packets.
+## Send oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59618,17 +60504,17 @@ interface(`corenet_tcp_connect_openhpid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openhpid_client_packets',`
+interface(`corenet_send_oracledb_client_packets',`
gen_require(`
- type openhpid_client_packet_t;
+ type oracledb_client_packet_t;
')
- allow $1 openhpid_client_packet_t:packet send;
+ allow $1 oracledb_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openhpid_client packets.
+## Do not audit attempts to send oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59637,17 +60523,17 @@ interface(`corenet_send_openhpid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openhpid_client_packets',`
+interface(`corenet_dontaudit_send_oracledb_client_packets',`
gen_require(`
- type openhpid_client_packet_t;
+ type oracledb_client_packet_t;
')
- dontaudit $1 openhpid_client_packet_t:packet send;
+ dontaudit $1 oracledb_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive openhpid_client packets.
+## Receive oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59656,17 +60542,17 @@ interface(`corenet_dontaudit_send_openhpid_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openhpid_client_packets',`
+interface(`corenet_receive_oracledb_client_packets',`
gen_require(`
- type openhpid_client_packet_t;
+ type oracledb_client_packet_t;
')
- allow $1 openhpid_client_packet_t:packet recv;
+ allow $1 oracledb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openhpid_client packets.
+## Do not audit attempts to receive oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59675,17 +60561,17 @@ interface(`corenet_receive_openhpid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openhpid_client_packets',`
+interface(`corenet_dontaudit_receive_oracledb_client_packets',`
gen_require(`
- type openhpid_client_packet_t;
+ type oracledb_client_packet_t;
')
- dontaudit $1 openhpid_client_packet_t:packet recv;
+ dontaudit $1 oracledb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openhpid_client packets.
+## Send and receive oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59694,14 +60580,14 @@ interface(`corenet_dontaudit_receive_openhpid_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openhpid_client_packets',`
- corenet_send_openhpid_client_packets($1)
- corenet_receive_openhpid_client_packets($1)
+interface(`corenet_sendrecv_oracledb_client_packets',`
+ corenet_send_oracledb_client_packets($1)
+ corenet_receive_oracledb_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openhpid_client packets.
+## Do not audit attempts to send and receive oracledb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59710,14 +60596,14 @@ interface(`corenet_sendrecv_openhpid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openhpid_client_packets',`
- corenet_dontaudit_send_openhpid_client_packets($1)
- corenet_dontaudit_receive_openhpid_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
+ corenet_dontaudit_send_oracledb_client_packets($1)
+ corenet_dontaudit_receive_oracledb_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to openhpid_client the packet type.
+## Relabel packets to oracledb_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59725,18 +60611,18 @@ interface(`corenet_dontaudit_sendrecv_openhpid_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openhpid_client_packets',`
+interface(`corenet_relabelto_oracledb_client_packets',`
gen_require(`
- type openhpid_client_packet_t;
+ type oracledb_client_packet_t;
')
- allow $1 openhpid_client_packet_t:packet relabelto;
+ allow $1 oracledb_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send openhpid_server packets.
+## Send oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59745,17 +60631,17 @@ interface(`corenet_relabelto_openhpid_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openhpid_server_packets',`
+interface(`corenet_send_oracledb_server_packets',`
gen_require(`
- type openhpid_server_packet_t;
+ type oracledb_server_packet_t;
')
- allow $1 openhpid_server_packet_t:packet send;
+ allow $1 oracledb_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openhpid_server packets.
+## Do not audit attempts to send oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59764,17 +60650,17 @@ interface(`corenet_send_openhpid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openhpid_server_packets',`
+interface(`corenet_dontaudit_send_oracledb_server_packets',`
gen_require(`
- type openhpid_server_packet_t;
+ type oracledb_server_packet_t;
')
- dontaudit $1 openhpid_server_packet_t:packet send;
+ dontaudit $1 oracledb_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive openhpid_server packets.
+## Receive oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59783,17 +60669,17 @@ interface(`corenet_dontaudit_send_openhpid_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openhpid_server_packets',`
+interface(`corenet_receive_oracledb_server_packets',`
gen_require(`
- type openhpid_server_packet_t;
+ type oracledb_server_packet_t;
')
- allow $1 openhpid_server_packet_t:packet recv;
+ allow $1 oracledb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openhpid_server packets.
+## Do not audit attempts to receive oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59802,17 +60688,17 @@ interface(`corenet_receive_openhpid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openhpid_server_packets',`
+interface(`corenet_dontaudit_receive_oracledb_server_packets',`
gen_require(`
- type openhpid_server_packet_t;
+ type oracledb_server_packet_t;
')
- dontaudit $1 openhpid_server_packet_t:packet recv;
+ dontaudit $1 oracledb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openhpid_server packets.
+## Send and receive oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59821,14 +60707,14 @@ interface(`corenet_dontaudit_receive_openhpid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openhpid_server_packets',`
- corenet_send_openhpid_server_packets($1)
- corenet_receive_openhpid_server_packets($1)
+interface(`corenet_sendrecv_oracledb_server_packets',`
+ corenet_send_oracledb_server_packets($1)
+ corenet_receive_oracledb_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openhpid_server packets.
+## Do not audit attempts to send and receive oracledb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59837,14 +60723,14 @@ interface(`corenet_sendrecv_openhpid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openhpid_server_packets',`
- corenet_dontaudit_send_openhpid_server_packets($1)
- corenet_dontaudit_receive_openhpid_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
+ corenet_dontaudit_send_oracledb_server_packets($1)
+ corenet_dontaudit_receive_oracledb_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to openhpid_server the packet type.
+## Relabel packets to oracledb_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59852,12 +60738,12 @@ interface(`corenet_dontaudit_sendrecv_openhpid_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openhpid_server_packets',`
+interface(`corenet_relabelto_oracledb_server_packets',`
gen_require(`
- type openhpid_server_packet_t;
+ type oracledb_server_packet_t;
')
- allow $1 openhpid_server_packet_t:packet relabelto;
+ allow $1 oracledb_server_packet_t:packet relabelto;
')
@@ -59865,7 +60751,7 @@ interface(`corenet_relabelto_openhpid_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the openvpn port.
+## Send and receive TCP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59874,17 +60760,17 @@ interface(`corenet_relabelto_openhpid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_openvpn_port',`
+interface(`corenet_tcp_sendrecv_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ocsp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the openvpn port.
+## Send UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59893,17 +60779,17 @@ interface(`corenet_tcp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_openvpn_port',`
+interface(`corenet_udp_send_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:udp_socket send_msg;
+ allow $1 ocsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the openvpn port.
+## Do not audit attempts to send UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59912,17 +60798,17 @@ interface(`corenet_udp_send_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_openvpn_port',`
+interface(`corenet_dontaudit_udp_send_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- dontaudit $1 openvpn_port_t:udp_socket send_msg;
+ dontaudit $1 ocsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the openvpn port.
+## Receive UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59931,17 +60817,17 @@ interface(`corenet_dontaudit_udp_send_openvpn_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_openvpn_port',`
+interface(`corenet_udp_receive_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:udp_socket recv_msg;
+ allow $1 ocsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the openvpn port.
+## Do not audit attempts to receive UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59950,17 +60836,17 @@ interface(`corenet_udp_receive_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_openvpn_port',`
+interface(`corenet_dontaudit_udp_receive_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- dontaudit $1 openvpn_port_t:udp_socket recv_msg;
+ dontaudit $1 ocsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the openvpn port.
+## Send and receive UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59969,15 +60855,15 @@ interface(`corenet_dontaudit_udp_receive_openvpn_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_openvpn_port',`
- corenet_udp_send_openvpn_port($1)
- corenet_udp_receive_openvpn_port($1)
+interface(`corenet_udp_sendrecv_ocsp_port',`
+ corenet_udp_send_ocsp_port($1)
+ corenet_udp_receive_ocsp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the openvpn port.
+## UDP traffic on the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59986,14 +60872,14 @@ interface(`corenet_udp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
- corenet_dontaudit_udp_send_openvpn_port($1)
- corenet_dontaudit_udp_receive_openvpn_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
+ corenet_dontaudit_udp_send_ocsp_port($1)
+ corenet_dontaudit_udp_receive_ocsp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the openvpn port.
+## Bind TCP sockets to the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -60002,18 +60888,18 @@ interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_openvpn_port',`
+interface(`corenet_tcp_bind_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:tcp_socket name_bind;
+ allow $1 ocsp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the openvpn port.
+## Bind UDP sockets to the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -60022,18 +60908,18 @@ interface(`corenet_tcp_bind_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_openvpn_port',`
+interface(`corenet_udp_bind_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:udp_socket name_bind;
+ allow $1 ocsp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the openvpn port.
+## Make a TCP connection to the ocsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -60041,18 +60927,18 @@ interface(`corenet_udp_bind_openvpn_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_openvpn_port',`
+interface(`corenet_tcp_connect_ocsp_port',`
gen_require(`
- type openvpn_port_t;
+ type ocsp_port_t;
')
- allow $1 openvpn_port_t:tcp_socket name_connect;
+ allow $1 ocsp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send openvpn_client packets.
+## Send ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60061,17 +60947,17 @@ interface(`corenet_tcp_connect_openvpn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openvpn_client_packets',`
+interface(`corenet_send_ocsp_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type ocsp_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet send;
+ allow $1 ocsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openvpn_client packets.
+## Do not audit attempts to send ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60080,17 +60966,17 @@ interface(`corenet_send_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openvpn_client_packets',`
+interface(`corenet_dontaudit_send_ocsp_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type ocsp_client_packet_t;
')
- dontaudit $1 openvpn_client_packet_t:packet send;
+ dontaudit $1 ocsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive openvpn_client packets.
+## Receive ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60099,17 +60985,17 @@ interface(`corenet_dontaudit_send_openvpn_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openvpn_client_packets',`
+interface(`corenet_receive_ocsp_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type ocsp_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet recv;
+ allow $1 ocsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openvpn_client packets.
+## Do not audit attempts to receive ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60118,17 +61004,17 @@ interface(`corenet_receive_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openvpn_client_packets',`
+interface(`corenet_dontaudit_receive_ocsp_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type ocsp_client_packet_t;
')
- dontaudit $1 openvpn_client_packet_t:packet recv;
+ dontaudit $1 ocsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openvpn_client packets.
+## Send and receive ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60137,14 +61023,14 @@ interface(`corenet_dontaudit_receive_openvpn_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openvpn_client_packets',`
- corenet_send_openvpn_client_packets($1)
- corenet_receive_openvpn_client_packets($1)
+interface(`corenet_sendrecv_ocsp_client_packets',`
+ corenet_send_ocsp_client_packets($1)
+ corenet_receive_ocsp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openvpn_client packets.
+## Do not audit attempts to send and receive ocsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60153,14 +61039,14 @@ interface(`corenet_sendrecv_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
- corenet_dontaudit_send_openvpn_client_packets($1)
- corenet_dontaudit_receive_openvpn_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
+ corenet_dontaudit_send_ocsp_client_packets($1)
+ corenet_dontaudit_receive_ocsp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to openvpn_client the packet type.
+## Relabel packets to ocsp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60168,18 +61054,18 @@ interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openvpn_client_packets',`
+interface(`corenet_relabelto_ocsp_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type ocsp_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet relabelto;
+ allow $1 ocsp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send openvpn_server packets.
+## Send ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60188,17 +61074,17 @@ interface(`corenet_relabelto_openvpn_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openvpn_server_packets',`
+interface(`corenet_send_ocsp_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type ocsp_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet send;
+ allow $1 ocsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openvpn_server packets.
+## Do not audit attempts to send ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60207,17 +61093,17 @@ interface(`corenet_send_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openvpn_server_packets',`
+interface(`corenet_dontaudit_send_ocsp_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type ocsp_server_packet_t;
')
- dontaudit $1 openvpn_server_packet_t:packet send;
+ dontaudit $1 ocsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive openvpn_server packets.
+## Receive ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60226,17 +61112,17 @@ interface(`corenet_dontaudit_send_openvpn_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openvpn_server_packets',`
+interface(`corenet_receive_ocsp_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type ocsp_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet recv;
+ allow $1 ocsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openvpn_server packets.
+## Do not audit attempts to receive ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60245,17 +61131,17 @@ interface(`corenet_receive_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openvpn_server_packets',`
+interface(`corenet_dontaudit_receive_ocsp_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type ocsp_server_packet_t;
')
- dontaudit $1 openvpn_server_packet_t:packet recv;
+ dontaudit $1 ocsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openvpn_server packets.
+## Send and receive ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60264,14 +61150,14 @@ interface(`corenet_dontaudit_receive_openvpn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openvpn_server_packets',`
- corenet_send_openvpn_server_packets($1)
- corenet_receive_openvpn_server_packets($1)
+interface(`corenet_sendrecv_ocsp_server_packets',`
+ corenet_send_ocsp_server_packets($1)
+ corenet_receive_ocsp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openvpn_server packets.
+## Do not audit attempts to send and receive ocsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60280,14 +61166,14 @@ interface(`corenet_sendrecv_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
- corenet_dontaudit_send_openvpn_server_packets($1)
- corenet_dontaudit_receive_openvpn_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
+ corenet_dontaudit_send_ocsp_server_packets($1)
+ corenet_dontaudit_receive_ocsp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to openvpn_server the packet type.
+## Relabel packets to ocsp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60295,12 +61181,12 @@ interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openvpn_server_packets',`
+interface(`corenet_relabelto_ocsp_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type ocsp_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet relabelto;
+ allow $1 ocsp_server_packet_t:packet relabelto;
')
@@ -60308,7 +61194,7 @@ interface(`corenet_relabelto_openvpn_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pdps port.
+## Send and receive TCP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60317,17 +61203,17 @@ interface(`corenet_relabelto_openvpn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pdps_port',`
+interface(`corenet_tcp_sendrecv_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 openhpid_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pdps port.
+## Send UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60336,17 +61222,17 @@ interface(`corenet_tcp_sendrecv_pdps_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pdps_port',`
+interface(`corenet_udp_send_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:udp_socket send_msg;
+ allow $1 openhpid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pdps port.
+## Do not audit attempts to send UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60355,17 +61241,17 @@ interface(`corenet_udp_send_pdps_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pdps_port',`
+interface(`corenet_dontaudit_udp_send_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- dontaudit $1 pdps_port_t:udp_socket send_msg;
+ dontaudit $1 openhpid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pdps port.
+## Receive UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60374,17 +61260,17 @@ interface(`corenet_dontaudit_udp_send_pdps_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pdps_port',`
+interface(`corenet_udp_receive_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:udp_socket recv_msg;
+ allow $1 openhpid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pdps port.
+## Do not audit attempts to receive UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60393,17 +61279,17 @@ interface(`corenet_udp_receive_pdps_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pdps_port',`
+interface(`corenet_dontaudit_udp_receive_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- dontaudit $1 pdps_port_t:udp_socket recv_msg;
+ dontaudit $1 openhpid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pdps port.
+## Send and receive UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60412,15 +61298,15 @@ interface(`corenet_dontaudit_udp_receive_pdps_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pdps_port',`
- corenet_udp_send_pdps_port($1)
- corenet_udp_receive_pdps_port($1)
+interface(`corenet_udp_sendrecv_openhpid_port',`
+ corenet_udp_send_openhpid_port($1)
+ corenet_udp_receive_openhpid_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pdps port.
+## UDP traffic on the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60429,14 +61315,14 @@ interface(`corenet_udp_sendrecv_pdps_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pdps_port',`
- corenet_dontaudit_udp_send_pdps_port($1)
- corenet_dontaudit_udp_receive_pdps_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_openhpid_port',`
+ corenet_dontaudit_udp_send_openhpid_port($1)
+ corenet_dontaudit_udp_receive_openhpid_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pdps port.
+## Bind TCP sockets to the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60445,18 +61331,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pdps_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pdps_port',`
+interface(`corenet_tcp_bind_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:tcp_socket name_bind;
+ allow $1 openhpid_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pdps port.
+## Bind UDP sockets to the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60465,18 +61351,18 @@ interface(`corenet_tcp_bind_pdps_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pdps_port',`
+interface(`corenet_udp_bind_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:udp_socket name_bind;
+ allow $1 openhpid_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pdps port.
+## Make a TCP connection to the openhpid port.
## </summary>
## <param name="domain">
## <summary>
@@ -60484,18 +61370,18 @@ interface(`corenet_udp_bind_pdps_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pdps_port',`
+interface(`corenet_tcp_connect_openhpid_port',`
gen_require(`
- type pdps_port_t;
+ type openhpid_port_t;
')
- allow $1 pdps_port_t:tcp_socket name_connect;
+ allow $1 openhpid_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pdps_client packets.
+## Send openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60504,17 +61390,17 @@ interface(`corenet_tcp_connect_pdps_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pdps_client_packets',`
+interface(`corenet_send_openhpid_client_packets',`
gen_require(`
- type pdps_client_packet_t;
+ type openhpid_client_packet_t;
')
- allow $1 pdps_client_packet_t:packet send;
+ allow $1 openhpid_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pdps_client packets.
+## Do not audit attempts to send openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60523,17 +61409,17 @@ interface(`corenet_send_pdps_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pdps_client_packets',`
+interface(`corenet_dontaudit_send_openhpid_client_packets',`
gen_require(`
- type pdps_client_packet_t;
+ type openhpid_client_packet_t;
')
- dontaudit $1 pdps_client_packet_t:packet send;
+ dontaudit $1 openhpid_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pdps_client packets.
+## Receive openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60542,17 +61428,17 @@ interface(`corenet_dontaudit_send_pdps_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pdps_client_packets',`
+interface(`corenet_receive_openhpid_client_packets',`
gen_require(`
- type pdps_client_packet_t;
+ type openhpid_client_packet_t;
')
- allow $1 pdps_client_packet_t:packet recv;
+ allow $1 openhpid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pdps_client packets.
+## Do not audit attempts to receive openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60561,17 +61447,17 @@ interface(`corenet_receive_pdps_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pdps_client_packets',`
+interface(`corenet_dontaudit_receive_openhpid_client_packets',`
gen_require(`
- type pdps_client_packet_t;
+ type openhpid_client_packet_t;
')
- dontaudit $1 pdps_client_packet_t:packet recv;
+ dontaudit $1 openhpid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pdps_client packets.
+## Send and receive openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60580,14 +61466,14 @@ interface(`corenet_dontaudit_receive_pdps_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pdps_client_packets',`
- corenet_send_pdps_client_packets($1)
- corenet_receive_pdps_client_packets($1)
+interface(`corenet_sendrecv_openhpid_client_packets',`
+ corenet_send_openhpid_client_packets($1)
+ corenet_receive_openhpid_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pdps_client packets.
+## Do not audit attempts to send and receive openhpid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60596,14 +61482,14 @@ interface(`corenet_sendrecv_pdps_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pdps_client_packets',`
- corenet_dontaudit_send_pdps_client_packets($1)
- corenet_dontaudit_receive_pdps_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_openhpid_client_packets',`
+ corenet_dontaudit_send_openhpid_client_packets($1)
+ corenet_dontaudit_receive_openhpid_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pdps_client the packet type.
+## Relabel packets to openhpid_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60611,18 +61497,18 @@ interface(`corenet_dontaudit_sendrecv_pdps_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pdps_client_packets',`
+interface(`corenet_relabelto_openhpid_client_packets',`
gen_require(`
- type pdps_client_packet_t;
+ type openhpid_client_packet_t;
')
- allow $1 pdps_client_packet_t:packet relabelto;
+ allow $1 openhpid_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pdps_server packets.
+## Send openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60631,17 +61517,17 @@ interface(`corenet_relabelto_pdps_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pdps_server_packets',`
+interface(`corenet_send_openhpid_server_packets',`
gen_require(`
- type pdps_server_packet_t;
+ type openhpid_server_packet_t;
')
- allow $1 pdps_server_packet_t:packet send;
+ allow $1 openhpid_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pdps_server packets.
+## Do not audit attempts to send openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60650,17 +61536,17 @@ interface(`corenet_send_pdps_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pdps_server_packets',`
+interface(`corenet_dontaudit_send_openhpid_server_packets',`
gen_require(`
- type pdps_server_packet_t;
+ type openhpid_server_packet_t;
')
- dontaudit $1 pdps_server_packet_t:packet send;
+ dontaudit $1 openhpid_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pdps_server packets.
+## Receive openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60669,17 +61555,17 @@ interface(`corenet_dontaudit_send_pdps_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pdps_server_packets',`
+interface(`corenet_receive_openhpid_server_packets',`
gen_require(`
- type pdps_server_packet_t;
+ type openhpid_server_packet_t;
')
- allow $1 pdps_server_packet_t:packet recv;
+ allow $1 openhpid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pdps_server packets.
+## Do not audit attempts to receive openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60688,17 +61574,17 @@ interface(`corenet_receive_pdps_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pdps_server_packets',`
+interface(`corenet_dontaudit_receive_openhpid_server_packets',`
gen_require(`
- type pdps_server_packet_t;
+ type openhpid_server_packet_t;
')
- dontaudit $1 pdps_server_packet_t:packet recv;
+ dontaudit $1 openhpid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pdps_server packets.
+## Send and receive openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60707,14 +61593,14 @@ interface(`corenet_dontaudit_receive_pdps_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pdps_server_packets',`
- corenet_send_pdps_server_packets($1)
- corenet_receive_pdps_server_packets($1)
+interface(`corenet_sendrecv_openhpid_server_packets',`
+ corenet_send_openhpid_server_packets($1)
+ corenet_receive_openhpid_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pdps_server packets.
+## Do not audit attempts to send and receive openhpid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60723,14 +61609,14 @@ interface(`corenet_sendrecv_pdps_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pdps_server_packets',`
- corenet_dontaudit_send_pdps_server_packets($1)
- corenet_dontaudit_receive_pdps_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_openhpid_server_packets',`
+ corenet_dontaudit_send_openhpid_server_packets($1)
+ corenet_dontaudit_receive_openhpid_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pdps_server the packet type.
+## Relabel packets to openhpid_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60738,12 +61624,12 @@ interface(`corenet_dontaudit_sendrecv_pdps_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pdps_server_packets',`
+interface(`corenet_relabelto_openhpid_server_packets',`
gen_require(`
- type pdps_server_packet_t;
+ type openhpid_server_packet_t;
')
- allow $1 pdps_server_packet_t:packet relabelto;
+ allow $1 openhpid_server_packet_t:packet relabelto;
')
@@ -60751,7 +61637,7 @@ interface(`corenet_relabelto_pdps_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pegasus_http port.
+## Send and receive TCP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60760,17 +61646,17 @@ interface(`corenet_relabelto_pdps_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pegasus_http_port',`
+interface(`corenet_tcp_sendrecv_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 openvpn_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pegasus_http port.
+## Send UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60779,17 +61665,17 @@ interface(`corenet_tcp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pegasus_http_port',`
+interface(`corenet_udp_send_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket send_msg;
+ allow $1 openvpn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pegasus_http port.
+## Do not audit attempts to send UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60798,17 +61684,17 @@ interface(`corenet_udp_send_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
+interface(`corenet_dontaudit_udp_send_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- dontaudit $1 pegasus_http_port_t:udp_socket send_msg;
+ dontaudit $1 openvpn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pegasus_http port.
+## Receive UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60817,17 +61703,17 @@ interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pegasus_http_port',`
+interface(`corenet_udp_receive_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket recv_msg;
+ allow $1 openvpn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pegasus_http port.
+## Do not audit attempts to receive UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60836,17 +61722,17 @@ interface(`corenet_udp_receive_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
+interface(`corenet_dontaudit_udp_receive_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- dontaudit $1 pegasus_http_port_t:udp_socket recv_msg;
+ dontaudit $1 openvpn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pegasus_http port.
+## Send and receive UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60855,15 +61741,15 @@ interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pegasus_http_port',`
- corenet_udp_send_pegasus_http_port($1)
- corenet_udp_receive_pegasus_http_port($1)
+interface(`corenet_udp_sendrecv_openvpn_port',`
+ corenet_udp_send_openvpn_port($1)
+ corenet_udp_receive_openvpn_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pegasus_http port.
+## UDP traffic on the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60872,14 +61758,14 @@ interface(`corenet_udp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
- corenet_dontaudit_udp_send_pegasus_http_port($1)
- corenet_dontaudit_udp_receive_pegasus_http_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
+ corenet_dontaudit_udp_send_openvpn_port($1)
+ corenet_dontaudit_udp_receive_openvpn_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pegasus_http port.
+## Bind TCP sockets to the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60888,18 +61774,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pegasus_http_port',`
+interface(`corenet_tcp_bind_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket name_bind;
+ allow $1 openvpn_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pegasus_http port.
+## Bind UDP sockets to the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60908,18 +61794,18 @@ interface(`corenet_tcp_bind_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pegasus_http_port',`
+interface(`corenet_udp_bind_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket name_bind;
+ allow $1 openvpn_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pegasus_http port.
+## Make a TCP connection to the openvpn port.
## </summary>
## <param name="domain">
## <summary>
@@ -60927,18 +61813,18 @@ interface(`corenet_udp_bind_pegasus_http_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pegasus_http_port',`
+interface(`corenet_tcp_connect_openvpn_port',`
gen_require(`
- type pegasus_http_port_t;
+ type openvpn_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket name_connect;
+ allow $1 openvpn_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pegasus_http_client packets.
+## Send openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60947,17 +61833,17 @@ interface(`corenet_tcp_connect_pegasus_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_http_client_packets',`
+interface(`corenet_send_openvpn_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type openvpn_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet send;
+ allow $1 openvpn_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_http_client packets.
+## Do not audit attempts to send openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60966,17 +61852,17 @@ interface(`corenet_send_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
+interface(`corenet_dontaudit_send_openvpn_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type openvpn_client_packet_t;
')
- dontaudit $1 pegasus_http_client_packet_t:packet send;
+ dontaudit $1 openvpn_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_http_client packets.
+## Receive openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60985,17 +61871,17 @@ interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_http_client_packets',`
+interface(`corenet_receive_openvpn_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type openvpn_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet recv;
+ allow $1 openvpn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_http_client packets.
+## Do not audit attempts to receive openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61004,17 +61890,17 @@ interface(`corenet_receive_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
+interface(`corenet_dontaudit_receive_openvpn_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type openvpn_client_packet_t;
')
- dontaudit $1 pegasus_http_client_packet_t:packet recv;
+ dontaudit $1 openvpn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_http_client packets.
+## Send and receive openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61023,14 +61909,14 @@ interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_http_client_packets',`
- corenet_send_pegasus_http_client_packets($1)
- corenet_receive_pegasus_http_client_packets($1)
+interface(`corenet_sendrecv_openvpn_client_packets',`
+ corenet_send_openvpn_client_packets($1)
+ corenet_receive_openvpn_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_http_client packets.
+## Do not audit attempts to send and receive openvpn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61039,14 +61925,14 @@ interface(`corenet_sendrecv_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
- corenet_dontaudit_send_pegasus_http_client_packets($1)
- corenet_dontaudit_receive_pegasus_http_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
+ corenet_dontaudit_send_openvpn_client_packets($1)
+ corenet_dontaudit_receive_openvpn_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_http_client the packet type.
+## Relabel packets to openvpn_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61054,18 +61940,18 @@ interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_http_client_packets',`
+interface(`corenet_relabelto_openvpn_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type openvpn_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet relabelto;
+ allow $1 openvpn_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pegasus_http_server packets.
+## Send openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61074,17 +61960,17 @@ interface(`corenet_relabelto_pegasus_http_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_http_server_packets',`
+interface(`corenet_send_openvpn_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type openvpn_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet send;
+ allow $1 openvpn_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_http_server packets.
+## Do not audit attempts to send openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61093,17 +61979,17 @@ interface(`corenet_send_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
+interface(`corenet_dontaudit_send_openvpn_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type openvpn_server_packet_t;
')
- dontaudit $1 pegasus_http_server_packet_t:packet send;
+ dontaudit $1 openvpn_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_http_server packets.
+## Receive openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61112,17 +61998,17 @@ interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_http_server_packets',`
+interface(`corenet_receive_openvpn_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type openvpn_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet recv;
+ allow $1 openvpn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_http_server packets.
+## Do not audit attempts to receive openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61131,17 +62017,17 @@ interface(`corenet_receive_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
+interface(`corenet_dontaudit_receive_openvpn_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type openvpn_server_packet_t;
')
- dontaudit $1 pegasus_http_server_packet_t:packet recv;
+ dontaudit $1 openvpn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_http_server packets.
+## Send and receive openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61150,14 +62036,14 @@ interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_http_server_packets',`
- corenet_send_pegasus_http_server_packets($1)
- corenet_receive_pegasus_http_server_packets($1)
+interface(`corenet_sendrecv_openvpn_server_packets',`
+ corenet_send_openvpn_server_packets($1)
+ corenet_receive_openvpn_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_http_server packets.
+## Do not audit attempts to send and receive openvpn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61166,14 +62052,14 @@ interface(`corenet_sendrecv_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
- corenet_dontaudit_send_pegasus_http_server_packets($1)
- corenet_dontaudit_receive_pegasus_http_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
+ corenet_dontaudit_send_openvpn_server_packets($1)
+ corenet_dontaudit_receive_openvpn_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_http_server the packet type.
+## Relabel packets to openvpn_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61181,12 +62067,12 @@ interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_http_server_packets',`
+interface(`corenet_relabelto_openvpn_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type openvpn_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet relabelto;
+ allow $1 openvpn_server_packet_t:packet relabelto;
')
@@ -61194,7 +62080,7 @@ interface(`corenet_relabelto_pegasus_http_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pegasus_https port.
+## Send and receive TCP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61203,17 +62089,17 @@ interface(`corenet_relabelto_pegasus_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pegasus_https_port',`
+interface(`corenet_tcp_sendrecv_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pdps_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pegasus_https port.
+## Send UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61222,17 +62108,17 @@ interface(`corenet_tcp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pegasus_https_port',`
+interface(`corenet_udp_send_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket send_msg;
+ allow $1 pdps_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pegasus_https port.
+## Do not audit attempts to send UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61241,17 +62127,17 @@ interface(`corenet_udp_send_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
+interface(`corenet_dontaudit_udp_send_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- dontaudit $1 pegasus_https_port_t:udp_socket send_msg;
+ dontaudit $1 pdps_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pegasus_https port.
+## Receive UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61260,17 +62146,17 @@ interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pegasus_https_port',`
+interface(`corenet_udp_receive_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket recv_msg;
+ allow $1 pdps_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pegasus_https port.
+## Do not audit attempts to receive UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61279,17 +62165,17 @@ interface(`corenet_udp_receive_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
+interface(`corenet_dontaudit_udp_receive_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- dontaudit $1 pegasus_https_port_t:udp_socket recv_msg;
+ dontaudit $1 pdps_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pegasus_https port.
+## Send and receive UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61298,15 +62184,15 @@ interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pegasus_https_port',`
- corenet_udp_send_pegasus_https_port($1)
- corenet_udp_receive_pegasus_https_port($1)
+interface(`corenet_udp_sendrecv_pdps_port',`
+ corenet_udp_send_pdps_port($1)
+ corenet_udp_receive_pdps_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pegasus_https port.
+## UDP traffic on the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61315,14 +62201,14 @@ interface(`corenet_udp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
- corenet_dontaudit_udp_send_pegasus_https_port($1)
- corenet_dontaudit_udp_receive_pegasus_https_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pdps_port',`
+ corenet_dontaudit_udp_send_pdps_port($1)
+ corenet_dontaudit_udp_receive_pdps_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pegasus_https port.
+## Bind TCP sockets to the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61331,18 +62217,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pegasus_https_port',`
+interface(`corenet_tcp_bind_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket name_bind;
+ allow $1 pdps_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pegasus_https port.
+## Bind UDP sockets to the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61351,18 +62237,18 @@ interface(`corenet_tcp_bind_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pegasus_https_port',`
+interface(`corenet_udp_bind_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket name_bind;
+ allow $1 pdps_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pegasus_https port.
+## Make a TCP connection to the pdps port.
## </summary>
## <param name="domain">
## <summary>
@@ -61370,18 +62256,18 @@ interface(`corenet_udp_bind_pegasus_https_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pegasus_https_port',`
+interface(`corenet_tcp_connect_pdps_port',`
gen_require(`
- type pegasus_https_port_t;
+ type pdps_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket name_connect;
+ allow $1 pdps_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pegasus_https_client packets.
+## Send pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61390,17 +62276,17 @@ interface(`corenet_tcp_connect_pegasus_https_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_https_client_packets',`
+interface(`corenet_send_pdps_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type pdps_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet send;
+ allow $1 pdps_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_https_client packets.
+## Do not audit attempts to send pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61409,17 +62295,17 @@ interface(`corenet_send_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
+interface(`corenet_dontaudit_send_pdps_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type pdps_client_packet_t;
')
- dontaudit $1 pegasus_https_client_packet_t:packet send;
+ dontaudit $1 pdps_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_https_client packets.
+## Receive pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61428,17 +62314,17 @@ interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_https_client_packets',`
+interface(`corenet_receive_pdps_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type pdps_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet recv;
+ allow $1 pdps_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_https_client packets.
+## Do not audit attempts to receive pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61447,17 +62333,17 @@ interface(`corenet_receive_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
+interface(`corenet_dontaudit_receive_pdps_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type pdps_client_packet_t;
')
- dontaudit $1 pegasus_https_client_packet_t:packet recv;
+ dontaudit $1 pdps_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_https_client packets.
+## Send and receive pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61466,14 +62352,14 @@ interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_https_client_packets',`
- corenet_send_pegasus_https_client_packets($1)
- corenet_receive_pegasus_https_client_packets($1)
+interface(`corenet_sendrecv_pdps_client_packets',`
+ corenet_send_pdps_client_packets($1)
+ corenet_receive_pdps_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_https_client packets.
+## Do not audit attempts to send and receive pdps_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61482,14 +62368,14 @@ interface(`corenet_sendrecv_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
- corenet_dontaudit_send_pegasus_https_client_packets($1)
- corenet_dontaudit_receive_pegasus_https_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pdps_client_packets',`
+ corenet_dontaudit_send_pdps_client_packets($1)
+ corenet_dontaudit_receive_pdps_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_https_client the packet type.
+## Relabel packets to pdps_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61497,18 +62383,18 @@ interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_https_client_packets',`
+interface(`corenet_relabelto_pdps_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type pdps_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet relabelto;
+ allow $1 pdps_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pegasus_https_server packets.
+## Send pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61517,17 +62403,17 @@ interface(`corenet_relabelto_pegasus_https_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_https_server_packets',`
+interface(`corenet_send_pdps_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type pdps_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet send;
+ allow $1 pdps_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_https_server packets.
+## Do not audit attempts to send pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61536,17 +62422,17 @@ interface(`corenet_send_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
+interface(`corenet_dontaudit_send_pdps_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type pdps_server_packet_t;
')
- dontaudit $1 pegasus_https_server_packet_t:packet send;
+ dontaudit $1 pdps_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_https_server packets.
+## Receive pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61555,17 +62441,17 @@ interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_https_server_packets',`
+interface(`corenet_receive_pdps_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type pdps_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet recv;
+ allow $1 pdps_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_https_server packets.
+## Do not audit attempts to receive pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61574,17 +62460,17 @@ interface(`corenet_receive_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
+interface(`corenet_dontaudit_receive_pdps_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type pdps_server_packet_t;
')
- dontaudit $1 pegasus_https_server_packet_t:packet recv;
+ dontaudit $1 pdps_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_https_server packets.
+## Send and receive pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61593,14 +62479,14 @@ interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_https_server_packets',`
- corenet_send_pegasus_https_server_packets($1)
- corenet_receive_pegasus_https_server_packets($1)
+interface(`corenet_sendrecv_pdps_server_packets',`
+ corenet_send_pdps_server_packets($1)
+ corenet_receive_pdps_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_https_server packets.
+## Do not audit attempts to send and receive pdps_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61609,14 +62495,14 @@ interface(`corenet_sendrecv_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
- corenet_dontaudit_send_pegasus_https_server_packets($1)
- corenet_dontaudit_receive_pegasus_https_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pdps_server_packets',`
+ corenet_dontaudit_send_pdps_server_packets($1)
+ corenet_dontaudit_receive_pdps_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_https_server the packet type.
+## Relabel packets to pdps_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61624,12 +62510,12 @@ interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_https_server_packets',`
+interface(`corenet_relabelto_pdps_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type pdps_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet relabelto;
+ allow $1 pdps_server_packet_t:packet relabelto;
')
@@ -61637,7 +62523,7 @@ interface(`corenet_relabelto_pegasus_https_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pgpkeyserver port.
+## Send and receive TCP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61646,17 +62532,17 @@ interface(`corenet_relabelto_pegasus_https_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
+interface(`corenet_tcp_sendrecv_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pegasus_http_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pgpkeyserver port.
+## Send UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61665,17 +62551,17 @@ interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pgpkeyserver_port',`
+interface(`corenet_udp_send_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket send_msg;
+ allow $1 pegasus_http_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pgpkeyserver port.
+## Do not audit attempts to send UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61684,17 +62570,17 @@ interface(`corenet_udp_send_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
+interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- dontaudit $1 pgpkeyserver_port_t:udp_socket send_msg;
+ dontaudit $1 pegasus_http_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pgpkeyserver port.
+## Receive UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61703,17 +62589,17 @@ interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pgpkeyserver_port',`
+interface(`corenet_udp_receive_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket recv_msg;
+ allow $1 pegasus_http_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pgpkeyserver port.
+## Do not audit attempts to receive UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61722,17 +62608,17 @@ interface(`corenet_udp_receive_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
+interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- dontaudit $1 pgpkeyserver_port_t:udp_socket recv_msg;
+ dontaudit $1 pegasus_http_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pgpkeyserver port.
+## Send and receive UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61741,15 +62627,15 @@ interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
- corenet_udp_send_pgpkeyserver_port($1)
- corenet_udp_receive_pgpkeyserver_port($1)
+interface(`corenet_udp_sendrecv_pegasus_http_port',`
+ corenet_udp_send_pegasus_http_port($1)
+ corenet_udp_receive_pegasus_http_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pgpkeyserver port.
+## UDP traffic on the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61758,14 +62644,14 @@ interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
- corenet_dontaudit_udp_send_pgpkeyserver_port($1)
- corenet_dontaudit_udp_receive_pgpkeyserver_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
+ corenet_dontaudit_udp_send_pegasus_http_port($1)
+ corenet_dontaudit_udp_receive_pegasus_http_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pgpkeyserver port.
+## Bind TCP sockets to the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61774,18 +62660,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pgpkeyserver_port',`
+interface(`corenet_tcp_bind_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket name_bind;
+ allow $1 pegasus_http_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pgpkeyserver port.
+## Bind UDP sockets to the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61794,18 +62680,18 @@ interface(`corenet_tcp_bind_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pgpkeyserver_port',`
+interface(`corenet_udp_bind_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket name_bind;
+ allow $1 pegasus_http_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pgpkeyserver port.
+## Make a TCP connection to the pegasus_http port.
## </summary>
## <param name="domain">
## <summary>
@@ -61813,18 +62699,18 @@ interface(`corenet_udp_bind_pgpkeyserver_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pgpkeyserver_port',`
+interface(`corenet_tcp_connect_pegasus_http_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type pegasus_http_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket name_connect;
+ allow $1 pegasus_http_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pgpkeyserver_client packets.
+## Send pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61833,17 +62719,17 @@ interface(`corenet_tcp_connect_pgpkeyserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pgpkeyserver_client_packets',`
+interface(`corenet_send_pegasus_http_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type pegasus_http_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet send;
+ allow $1 pegasus_http_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pgpkeyserver_client packets.
+## Do not audit attempts to send pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61852,17 +62738,17 @@ interface(`corenet_send_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
+interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type pegasus_http_client_packet_t;
')
- dontaudit $1 pgpkeyserver_client_packet_t:packet send;
+ dontaudit $1 pegasus_http_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pgpkeyserver_client packets.
+## Receive pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61871,17 +62757,17 @@ interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pgpkeyserver_client_packets',`
+interface(`corenet_receive_pegasus_http_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type pegasus_http_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet recv;
+ allow $1 pegasus_http_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pgpkeyserver_client packets.
+## Do not audit attempts to receive pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61890,17 +62776,17 @@ interface(`corenet_receive_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
+interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type pegasus_http_client_packet_t;
')
- dontaudit $1 pgpkeyserver_client_packet_t:packet recv;
+ dontaudit $1 pegasus_http_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pgpkeyserver_client packets.
+## Send and receive pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61909,14 +62795,14 @@ interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
- corenet_send_pgpkeyserver_client_packets($1)
- corenet_receive_pgpkeyserver_client_packets($1)
+interface(`corenet_sendrecv_pegasus_http_client_packets',`
+ corenet_send_pegasus_http_client_packets($1)
+ corenet_receive_pegasus_http_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pgpkeyserver_client packets.
+## Do not audit attempts to send and receive pegasus_http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61925,14 +62811,14 @@ interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
- corenet_dontaudit_send_pgpkeyserver_client_packets($1)
- corenet_dontaudit_receive_pgpkeyserver_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
+ corenet_dontaudit_send_pegasus_http_client_packets($1)
+ corenet_dontaudit_receive_pegasus_http_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pgpkeyserver_client the packet type.
+## Relabel packets to pegasus_http_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61940,18 +62826,18 @@ interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pgpkeyserver_client_packets',`
+interface(`corenet_relabelto_pegasus_http_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type pegasus_http_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet relabelto;
+ allow $1 pegasus_http_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pgpkeyserver_server packets.
+## Send pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61960,17 +62846,17 @@ interface(`corenet_relabelto_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pgpkeyserver_server_packets',`
+interface(`corenet_send_pegasus_http_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type pegasus_http_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet send;
+ allow $1 pegasus_http_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pgpkeyserver_server packets.
+## Do not audit attempts to send pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61979,17 +62865,17 @@ interface(`corenet_send_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
+interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type pegasus_http_server_packet_t;
')
- dontaudit $1 pgpkeyserver_server_packet_t:packet send;
+ dontaudit $1 pegasus_http_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pgpkeyserver_server packets.
+## Receive pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61998,17 +62884,17 @@ interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pgpkeyserver_server_packets',`
+interface(`corenet_receive_pegasus_http_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type pegasus_http_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet recv;
+ allow $1 pegasus_http_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pgpkeyserver_server packets.
+## Do not audit attempts to receive pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62017,17 +62903,17 @@ interface(`corenet_receive_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
+interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type pegasus_http_server_packet_t;
')
- dontaudit $1 pgpkeyserver_server_packet_t:packet recv;
+ dontaudit $1 pegasus_http_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pgpkeyserver_server packets.
+## Send and receive pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62036,14 +62922,14 @@ interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
- corenet_send_pgpkeyserver_server_packets($1)
- corenet_receive_pgpkeyserver_server_packets($1)
+interface(`corenet_sendrecv_pegasus_http_server_packets',`
+ corenet_send_pegasus_http_server_packets($1)
+ corenet_receive_pegasus_http_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pgpkeyserver_server packets.
+## Do not audit attempts to send and receive pegasus_http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62052,14 +62938,14 @@ interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
- corenet_dontaudit_send_pgpkeyserver_server_packets($1)
- corenet_dontaudit_receive_pgpkeyserver_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
+ corenet_dontaudit_send_pegasus_http_server_packets($1)
+ corenet_dontaudit_receive_pegasus_http_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pgpkeyserver_server the packet type.
+## Relabel packets to pegasus_http_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62067,12 +62953,12 @@ interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pgpkeyserver_server_packets',`
+interface(`corenet_relabelto_pegasus_http_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type pegasus_http_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet relabelto;
+ allow $1 pegasus_http_server_packet_t:packet relabelto;
')
@@ -62080,7 +62966,7 @@ interface(`corenet_relabelto_pgpkeyserver_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pingd port.
+## Send and receive TCP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62089,17 +62975,17 @@ interface(`corenet_relabelto_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pingd_port',`
+interface(`corenet_tcp_sendrecv_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pegasus_https_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pingd port.
+## Send UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62108,17 +62994,17 @@ interface(`corenet_tcp_sendrecv_pingd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pingd_port',`
+interface(`corenet_udp_send_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:udp_socket send_msg;
+ allow $1 pegasus_https_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pingd port.
+## Do not audit attempts to send UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62127,17 +63013,17 @@ interface(`corenet_udp_send_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pingd_port',`
+interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- dontaudit $1 pingd_port_t:udp_socket send_msg;
+ dontaudit $1 pegasus_https_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pingd port.
+## Receive UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62146,17 +63032,17 @@ interface(`corenet_dontaudit_udp_send_pingd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pingd_port',`
+interface(`corenet_udp_receive_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:udp_socket recv_msg;
+ allow $1 pegasus_https_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pingd port.
+## Do not audit attempts to receive UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62165,17 +63051,17 @@ interface(`corenet_udp_receive_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pingd_port',`
+interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- dontaudit $1 pingd_port_t:udp_socket recv_msg;
+ dontaudit $1 pegasus_https_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pingd port.
+## Send and receive UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62184,15 +63070,15 @@ interface(`corenet_dontaudit_udp_receive_pingd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pingd_port',`
- corenet_udp_send_pingd_port($1)
- corenet_udp_receive_pingd_port($1)
+interface(`corenet_udp_sendrecv_pegasus_https_port',`
+ corenet_udp_send_pegasus_https_port($1)
+ corenet_udp_receive_pegasus_https_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pingd port.
+## UDP traffic on the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62201,14 +63087,14 @@ interface(`corenet_udp_sendrecv_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
- corenet_dontaudit_udp_send_pingd_port($1)
- corenet_dontaudit_udp_receive_pingd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
+ corenet_dontaudit_udp_send_pegasus_https_port($1)
+ corenet_dontaudit_udp_receive_pegasus_https_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pingd port.
+## Bind TCP sockets to the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62217,18 +63103,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pingd_port',`
+interface(`corenet_tcp_bind_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:tcp_socket name_bind;
+ allow $1 pegasus_https_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pingd port.
+## Bind UDP sockets to the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62237,18 +63123,18 @@ interface(`corenet_tcp_bind_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pingd_port',`
+interface(`corenet_udp_bind_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:udp_socket name_bind;
+ allow $1 pegasus_https_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pingd port.
+## Make a TCP connection to the pegasus_https port.
## </summary>
## <param name="domain">
## <summary>
@@ -62256,18 +63142,18 @@ interface(`corenet_udp_bind_pingd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pingd_port',`
+interface(`corenet_tcp_connect_pegasus_https_port',`
gen_require(`
- type pingd_port_t;
+ type pegasus_https_port_t;
')
- allow $1 pingd_port_t:tcp_socket name_connect;
+ allow $1 pegasus_https_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pingd_client packets.
+## Send pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62276,17 +63162,17 @@ interface(`corenet_tcp_connect_pingd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pingd_client_packets',`
+interface(`corenet_send_pegasus_https_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type pegasus_https_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet send;
+ allow $1 pegasus_https_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pingd_client packets.
+## Do not audit attempts to send pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62295,17 +63181,17 @@ interface(`corenet_send_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pingd_client_packets',`
+interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type pegasus_https_client_packet_t;
')
- dontaudit $1 pingd_client_packet_t:packet send;
+ dontaudit $1 pegasus_https_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pingd_client packets.
+## Receive pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62314,17 +63200,17 @@ interface(`corenet_dontaudit_send_pingd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pingd_client_packets',`
+interface(`corenet_receive_pegasus_https_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type pegasus_https_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet recv;
+ allow $1 pegasus_https_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pingd_client packets.
+## Do not audit attempts to receive pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62333,17 +63219,17 @@ interface(`corenet_receive_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pingd_client_packets',`
+interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type pegasus_https_client_packet_t;
')
- dontaudit $1 pingd_client_packet_t:packet recv;
+ dontaudit $1 pegasus_https_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pingd_client packets.
+## Send and receive pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62352,14 +63238,14 @@ interface(`corenet_dontaudit_receive_pingd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pingd_client_packets',`
- corenet_send_pingd_client_packets($1)
- corenet_receive_pingd_client_packets($1)
+interface(`corenet_sendrecv_pegasus_https_client_packets',`
+ corenet_send_pegasus_https_client_packets($1)
+ corenet_receive_pegasus_https_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pingd_client packets.
+## Do not audit attempts to send and receive pegasus_https_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62368,14 +63254,14 @@ interface(`corenet_sendrecv_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
- corenet_dontaudit_send_pingd_client_packets($1)
- corenet_dontaudit_receive_pingd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
+ corenet_dontaudit_send_pegasus_https_client_packets($1)
+ corenet_dontaudit_receive_pegasus_https_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pingd_client the packet type.
+## Relabel packets to pegasus_https_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62383,18 +63269,18 @@ interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pingd_client_packets',`
+interface(`corenet_relabelto_pegasus_https_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type pegasus_https_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet relabelto;
+ allow $1 pegasus_https_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pingd_server packets.
+## Send pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62403,17 +63289,17 @@ interface(`corenet_relabelto_pingd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pingd_server_packets',`
+interface(`corenet_send_pegasus_https_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type pegasus_https_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet send;
+ allow $1 pegasus_https_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pingd_server packets.
+## Do not audit attempts to send pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62422,17 +63308,17 @@ interface(`corenet_send_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pingd_server_packets',`
+interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type pegasus_https_server_packet_t;
')
- dontaudit $1 pingd_server_packet_t:packet send;
+ dontaudit $1 pegasus_https_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pingd_server packets.
+## Receive pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62441,17 +63327,17 @@ interface(`corenet_dontaudit_send_pingd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pingd_server_packets',`
+interface(`corenet_receive_pegasus_https_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type pegasus_https_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet recv;
+ allow $1 pegasus_https_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pingd_server packets.
+## Do not audit attempts to receive pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62460,17 +63346,17 @@ interface(`corenet_receive_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pingd_server_packets',`
+interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type pegasus_https_server_packet_t;
')
- dontaudit $1 pingd_server_packet_t:packet recv;
+ dontaudit $1 pegasus_https_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pingd_server packets.
+## Send and receive pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62479,14 +63365,14 @@ interface(`corenet_dontaudit_receive_pingd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pingd_server_packets',`
- corenet_send_pingd_server_packets($1)
- corenet_receive_pingd_server_packets($1)
+interface(`corenet_sendrecv_pegasus_https_server_packets',`
+ corenet_send_pegasus_https_server_packets($1)
+ corenet_receive_pegasus_https_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pingd_server packets.
+## Do not audit attempts to send and receive pegasus_https_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62495,14 +63381,14 @@ interface(`corenet_sendrecv_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
- corenet_dontaudit_send_pingd_server_packets($1)
- corenet_dontaudit_receive_pingd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
+ corenet_dontaudit_send_pegasus_https_server_packets($1)
+ corenet_dontaudit_receive_pegasus_https_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pingd_server the packet type.
+## Relabel packets to pegasus_https_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62510,12 +63396,12 @@ interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pingd_server_packets',`
+interface(`corenet_relabelto_pegasus_https_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type pegasus_https_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet relabelto;
+ allow $1 pegasus_https_server_packet_t:packet relabelto;
')
@@ -62523,7 +63409,7 @@ interface(`corenet_relabelto_pingd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pktcable_cops port.
+## Send and receive TCP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62532,17 +63418,17 @@ interface(`corenet_relabelto_pingd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pktcable_cops_port',`
+interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pgpkeyserver_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pktcable_cops port.
+## Send UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62551,17 +63437,17 @@ interface(`corenet_tcp_sendrecv_pktcable_cops_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pktcable_cops_port',`
+interface(`corenet_udp_send_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:udp_socket send_msg;
+ allow $1 pgpkeyserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pktcable_cops port.
+## Do not audit attempts to send UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62570,17 +63456,17 @@ interface(`corenet_udp_send_pktcable_cops_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pktcable_cops_port',`
+interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- dontaudit $1 pktcable_cops_port_t:udp_socket send_msg;
+ dontaudit $1 pgpkeyserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pktcable_cops port.
+## Receive UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62589,17 +63475,17 @@ interface(`corenet_dontaudit_udp_send_pktcable_cops_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pktcable_cops_port',`
+interface(`corenet_udp_receive_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:udp_socket recv_msg;
+ allow $1 pgpkeyserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pktcable_cops port.
+## Do not audit attempts to receive UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62608,17 +63494,17 @@ interface(`corenet_udp_receive_pktcable_cops_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pktcable_cops_port',`
+interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- dontaudit $1 pktcable_cops_port_t:udp_socket recv_msg;
+ dontaudit $1 pgpkeyserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pktcable_cops port.
+## Send and receive UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62627,15 +63513,15 @@ interface(`corenet_dontaudit_udp_receive_pktcable_cops_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pktcable_cops_port',`
- corenet_udp_send_pktcable_cops_port($1)
- corenet_udp_receive_pktcable_cops_port($1)
+interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
+ corenet_udp_send_pgpkeyserver_port($1)
+ corenet_udp_receive_pgpkeyserver_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pktcable_cops port.
+## UDP traffic on the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62644,14 +63530,14 @@ interface(`corenet_udp_sendrecv_pktcable_cops_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pktcable_cops_port',`
- corenet_dontaudit_udp_send_pktcable_cops_port($1)
- corenet_dontaudit_udp_receive_pktcable_cops_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
+ corenet_dontaudit_udp_send_pgpkeyserver_port($1)
+ corenet_dontaudit_udp_receive_pgpkeyserver_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pktcable_cops port.
+## Bind TCP sockets to the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62660,18 +63546,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pktcable_cops_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pktcable_cops_port',`
+interface(`corenet_tcp_bind_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:tcp_socket name_bind;
+ allow $1 pgpkeyserver_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pktcable_cops port.
+## Bind UDP sockets to the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62680,18 +63566,18 @@ interface(`corenet_tcp_bind_pktcable_cops_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pktcable_cops_port',`
+interface(`corenet_udp_bind_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:udp_socket name_bind;
+ allow $1 pgpkeyserver_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pktcable_cops port.
+## Make a TCP connection to the pgpkeyserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -62699,18 +63585,18 @@ interface(`corenet_udp_bind_pktcable_cops_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pktcable_cops_port',`
+interface(`corenet_tcp_connect_pgpkeyserver_port',`
gen_require(`
- type pktcable_cops_port_t;
+ type pgpkeyserver_port_t;
')
- allow $1 pktcable_cops_port_t:tcp_socket name_connect;
+ allow $1 pgpkeyserver_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pktcable_cops_client packets.
+## Send pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62719,17 +63605,17 @@ interface(`corenet_tcp_connect_pktcable_cops_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pktcable_cops_client_packets',`
+interface(`corenet_send_pgpkeyserver_client_packets',`
gen_require(`
- type pktcable_cops_client_packet_t;
+ type pgpkeyserver_client_packet_t;
')
- allow $1 pktcable_cops_client_packet_t:packet send;
+ allow $1 pgpkeyserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pktcable_cops_client packets.
+## Do not audit attempts to send pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62738,17 +63624,17 @@ interface(`corenet_send_pktcable_cops_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pktcable_cops_client_packets',`
+interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
gen_require(`
- type pktcable_cops_client_packet_t;
+ type pgpkeyserver_client_packet_t;
')
- dontaudit $1 pktcable_cops_client_packet_t:packet send;
+ dontaudit $1 pgpkeyserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pktcable_cops_client packets.
+## Receive pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62757,17 +63643,17 @@ interface(`corenet_dontaudit_send_pktcable_cops_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pktcable_cops_client_packets',`
+interface(`corenet_receive_pgpkeyserver_client_packets',`
gen_require(`
- type pktcable_cops_client_packet_t;
+ type pgpkeyserver_client_packet_t;
')
- allow $1 pktcable_cops_client_packet_t:packet recv;
+ allow $1 pgpkeyserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pktcable_cops_client packets.
+## Do not audit attempts to receive pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62776,17 +63662,17 @@ interface(`corenet_receive_pktcable_cops_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pktcable_cops_client_packets',`
+interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
gen_require(`
- type pktcable_cops_client_packet_t;
+ type pgpkeyserver_client_packet_t;
')
- dontaudit $1 pktcable_cops_client_packet_t:packet recv;
+ dontaudit $1 pgpkeyserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pktcable_cops_client packets.
+## Send and receive pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62795,14 +63681,14 @@ interface(`corenet_dontaudit_receive_pktcable_cops_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pktcable_cops_client_packets',`
- corenet_send_pktcable_cops_client_packets($1)
- corenet_receive_pktcable_cops_client_packets($1)
+interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
+ corenet_send_pgpkeyserver_client_packets($1)
+ corenet_receive_pgpkeyserver_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pktcable_cops_client packets.
+## Do not audit attempts to send and receive pgpkeyserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62811,14 +63697,14 @@ interface(`corenet_sendrecv_pktcable_cops_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pktcable_cops_client_packets',`
- corenet_dontaudit_send_pktcable_cops_client_packets($1)
- corenet_dontaudit_receive_pktcable_cops_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
+ corenet_dontaudit_send_pgpkeyserver_client_packets($1)
+ corenet_dontaudit_receive_pgpkeyserver_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pktcable_cops_client the packet type.
+## Relabel packets to pgpkeyserver_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62826,18 +63712,18 @@ interface(`corenet_dontaudit_sendrecv_pktcable_cops_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pktcable_cops_client_packets',`
+interface(`corenet_relabelto_pgpkeyserver_client_packets',`
gen_require(`
- type pktcable_cops_client_packet_t;
+ type pgpkeyserver_client_packet_t;
')
- allow $1 pktcable_cops_client_packet_t:packet relabelto;
+ allow $1 pgpkeyserver_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pktcable_cops_server packets.
+## Send pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62846,17 +63732,17 @@ interface(`corenet_relabelto_pktcable_cops_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pktcable_cops_server_packets',`
+interface(`corenet_send_pgpkeyserver_server_packets',`
gen_require(`
- type pktcable_cops_server_packet_t;
+ type pgpkeyserver_server_packet_t;
')
- allow $1 pktcable_cops_server_packet_t:packet send;
+ allow $1 pgpkeyserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pktcable_cops_server packets.
+## Do not audit attempts to send pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62865,17 +63751,17 @@ interface(`corenet_send_pktcable_cops_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pktcable_cops_server_packets',`
+interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
gen_require(`
- type pktcable_cops_server_packet_t;
+ type pgpkeyserver_server_packet_t;
')
- dontaudit $1 pktcable_cops_server_packet_t:packet send;
+ dontaudit $1 pgpkeyserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pktcable_cops_server packets.
+## Receive pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62884,17 +63770,17 @@ interface(`corenet_dontaudit_send_pktcable_cops_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pktcable_cops_server_packets',`
+interface(`corenet_receive_pgpkeyserver_server_packets',`
gen_require(`
- type pktcable_cops_server_packet_t;
+ type pgpkeyserver_server_packet_t;
')
- allow $1 pktcable_cops_server_packet_t:packet recv;
+ allow $1 pgpkeyserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pktcable_cops_server packets.
+## Do not audit attempts to receive pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62903,17 +63789,17 @@ interface(`corenet_receive_pktcable_cops_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pktcable_cops_server_packets',`
+interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
gen_require(`
- type pktcable_cops_server_packet_t;
+ type pgpkeyserver_server_packet_t;
')
- dontaudit $1 pktcable_cops_server_packet_t:packet recv;
+ dontaudit $1 pgpkeyserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pktcable_cops_server packets.
+## Send and receive pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62922,14 +63808,14 @@ interface(`corenet_dontaudit_receive_pktcable_cops_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pktcable_cops_server_packets',`
- corenet_send_pktcable_cops_server_packets($1)
- corenet_receive_pktcable_cops_server_packets($1)
+interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
+ corenet_send_pgpkeyserver_server_packets($1)
+ corenet_receive_pgpkeyserver_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pktcable_cops_server packets.
+## Do not audit attempts to send and receive pgpkeyserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62938,14 +63824,14 @@ interface(`corenet_sendrecv_pktcable_cops_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pktcable_cops_server_packets',`
- corenet_dontaudit_send_pktcable_cops_server_packets($1)
- corenet_dontaudit_receive_pktcable_cops_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
+ corenet_dontaudit_send_pgpkeyserver_server_packets($1)
+ corenet_dontaudit_receive_pgpkeyserver_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pktcable_cops_server the packet type.
+## Relabel packets to pgpkeyserver_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62953,12 +63839,12 @@ interface(`corenet_dontaudit_sendrecv_pktcable_cops_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pktcable_cops_server_packets',`
+interface(`corenet_relabelto_pgpkeyserver_server_packets',`
gen_require(`
- type pktcable_cops_server_packet_t;
+ type pgpkeyserver_server_packet_t;
')
- allow $1 pktcable_cops_server_packet_t:packet relabelto;
+ allow $1 pgpkeyserver_server_packet_t:packet relabelto;
')
@@ -62966,7 +63852,7 @@ interface(`corenet_relabelto_pktcable_cops_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pop port.
+## Send and receive TCP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -62975,17 +63861,17 @@ interface(`corenet_relabelto_pktcable_cops_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pop_port',`
+interface(`corenet_tcp_sendrecv_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pingd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pop port.
+## Send UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -62994,17 +63880,17 @@ interface(`corenet_tcp_sendrecv_pop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pop_port',`
+interface(`corenet_udp_send_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:udp_socket send_msg;
+ allow $1 pingd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pop port.
+## Do not audit attempts to send UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63013,17 +63899,17 @@ interface(`corenet_udp_send_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pop_port',`
+interface(`corenet_dontaudit_udp_send_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- dontaudit $1 pop_port_t:udp_socket send_msg;
+ dontaudit $1 pingd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pop port.
+## Receive UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63032,17 +63918,17 @@ interface(`corenet_dontaudit_udp_send_pop_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pop_port',`
+interface(`corenet_udp_receive_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:udp_socket recv_msg;
+ allow $1 pingd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pop port.
+## Do not audit attempts to receive UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63051,17 +63937,17 @@ interface(`corenet_udp_receive_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pop_port',`
+interface(`corenet_dontaudit_udp_receive_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- dontaudit $1 pop_port_t:udp_socket recv_msg;
+ dontaudit $1 pingd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pop port.
+## Send and receive UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63070,15 +63956,15 @@ interface(`corenet_dontaudit_udp_receive_pop_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pop_port',`
- corenet_udp_send_pop_port($1)
- corenet_udp_receive_pop_port($1)
+interface(`corenet_udp_sendrecv_pingd_port',`
+ corenet_udp_send_pingd_port($1)
+ corenet_udp_receive_pingd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pop port.
+## UDP traffic on the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63087,14 +63973,14 @@ interface(`corenet_udp_sendrecv_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
- corenet_dontaudit_udp_send_pop_port($1)
- corenet_dontaudit_udp_receive_pop_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
+ corenet_dontaudit_udp_send_pingd_port($1)
+ corenet_dontaudit_udp_receive_pingd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pop port.
+## Bind TCP sockets to the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63103,18 +63989,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pop_port',`
+interface(`corenet_tcp_bind_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pingd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the pop port.
+## Bind UDP sockets to the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63123,18 +64009,18 @@ interface(`corenet_tcp_bind_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pop_port',`
+interface(`corenet_udp_bind_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pingd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the pop port.
+## Make a TCP connection to the pingd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63142,18 +64028,18 @@ interface(`corenet_udp_bind_pop_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pop_port',`
+interface(`corenet_tcp_connect_pingd_port',`
gen_require(`
- type pop_port_t;
+ type pingd_port_t;
')
- allow $1 pop_port_t:tcp_socket name_connect;
+ allow $1 pingd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pop_client packets.
+## Send pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63162,17 +64048,17 @@ interface(`corenet_tcp_connect_pop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pop_client_packets',`
+interface(`corenet_send_pingd_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type pingd_client_packet_t;
')
- allow $1 pop_client_packet_t:packet send;
+ allow $1 pingd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pop_client packets.
+## Do not audit attempts to send pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63181,17 +64067,17 @@ interface(`corenet_send_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pop_client_packets',`
+interface(`corenet_dontaudit_send_pingd_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type pingd_client_packet_t;
')
- dontaudit $1 pop_client_packet_t:packet send;
+ dontaudit $1 pingd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pop_client packets.
+## Receive pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63200,17 +64086,17 @@ interface(`corenet_dontaudit_send_pop_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pop_client_packets',`
+interface(`corenet_receive_pingd_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type pingd_client_packet_t;
')
- allow $1 pop_client_packet_t:packet recv;
+ allow $1 pingd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pop_client packets.
+## Do not audit attempts to receive pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63219,17 +64105,17 @@ interface(`corenet_receive_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pop_client_packets',`
+interface(`corenet_dontaudit_receive_pingd_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type pingd_client_packet_t;
')
- dontaudit $1 pop_client_packet_t:packet recv;
+ dontaudit $1 pingd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pop_client packets.
+## Send and receive pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63238,14 +64124,14 @@ interface(`corenet_dontaudit_receive_pop_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pop_client_packets',`
- corenet_send_pop_client_packets($1)
- corenet_receive_pop_client_packets($1)
+interface(`corenet_sendrecv_pingd_client_packets',`
+ corenet_send_pingd_client_packets($1)
+ corenet_receive_pingd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pop_client packets.
+## Do not audit attempts to send and receive pingd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63254,14 +64140,14 @@ interface(`corenet_sendrecv_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
- corenet_dontaudit_send_pop_client_packets($1)
- corenet_dontaudit_receive_pop_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
+ corenet_dontaudit_send_pingd_client_packets($1)
+ corenet_dontaudit_receive_pingd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pop_client the packet type.
+## Relabel packets to pingd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63269,18 +64155,18 @@ interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pop_client_packets',`
+interface(`corenet_relabelto_pingd_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type pingd_client_packet_t;
')
- allow $1 pop_client_packet_t:packet relabelto;
+ allow $1 pingd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pop_server packets.
+## Send pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63289,17 +64175,17 @@ interface(`corenet_relabelto_pop_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pop_server_packets',`
+interface(`corenet_send_pingd_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type pingd_server_packet_t;
')
- allow $1 pop_server_packet_t:packet send;
+ allow $1 pingd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pop_server packets.
+## Do not audit attempts to send pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63308,17 +64194,17 @@ interface(`corenet_send_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pop_server_packets',`
+interface(`corenet_dontaudit_send_pingd_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type pingd_server_packet_t;
')
- dontaudit $1 pop_server_packet_t:packet send;
+ dontaudit $1 pingd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pop_server packets.
+## Receive pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63327,17 +64213,17 @@ interface(`corenet_dontaudit_send_pop_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pop_server_packets',`
+interface(`corenet_receive_pingd_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type pingd_server_packet_t;
')
- allow $1 pop_server_packet_t:packet recv;
+ allow $1 pingd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pop_server packets.
+## Do not audit attempts to receive pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63346,17 +64232,17 @@ interface(`corenet_receive_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pop_server_packets',`
+interface(`corenet_dontaudit_receive_pingd_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type pingd_server_packet_t;
')
- dontaudit $1 pop_server_packet_t:packet recv;
+ dontaudit $1 pingd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pop_server packets.
+## Send and receive pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63365,14 +64251,14 @@ interface(`corenet_dontaudit_receive_pop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pop_server_packets',`
- corenet_send_pop_server_packets($1)
- corenet_receive_pop_server_packets($1)
+interface(`corenet_sendrecv_pingd_server_packets',`
+ corenet_send_pingd_server_packets($1)
+ corenet_receive_pingd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pop_server packets.
+## Do not audit attempts to send and receive pingd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63381,14 +64267,14 @@ interface(`corenet_sendrecv_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
- corenet_dontaudit_send_pop_server_packets($1)
- corenet_dontaudit_receive_pop_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
+ corenet_dontaudit_send_pingd_server_packets($1)
+ corenet_dontaudit_receive_pingd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pop_server the packet type.
+## Relabel packets to pingd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63396,12 +64282,12 @@ interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pop_server_packets',`
+interface(`corenet_relabelto_pingd_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type pingd_server_packet_t;
')
- allow $1 pop_server_packet_t:packet relabelto;
+ allow $1 pingd_server_packet_t:packet relabelto;
')
@@ -63409,7 +64295,7 @@ interface(`corenet_relabelto_pop_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the portmap port.
+## Send and receive TCP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63418,17 +64304,17 @@ interface(`corenet_relabelto_pop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_portmap_port',`
+interface(`corenet_tcp_sendrecv_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pktcable_cops_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the portmap port.
+## Send UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63437,17 +64323,17 @@ interface(`corenet_tcp_sendrecv_portmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_portmap_port',`
+interface(`corenet_udp_send_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:udp_socket send_msg;
+ allow $1 pktcable_cops_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the portmap port.
+## Do not audit attempts to send UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63456,17 +64342,17 @@ interface(`corenet_udp_send_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_portmap_port',`
+interface(`corenet_dontaudit_udp_send_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- dontaudit $1 portmap_port_t:udp_socket send_msg;
+ dontaudit $1 pktcable_cops_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the portmap port.
+## Receive UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63475,17 +64361,17 @@ interface(`corenet_dontaudit_udp_send_portmap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_portmap_port',`
+interface(`corenet_udp_receive_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:udp_socket recv_msg;
+ allow $1 pktcable_cops_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the portmap port.
+## Do not audit attempts to receive UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63494,17 +64380,17 @@ interface(`corenet_udp_receive_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_portmap_port',`
+interface(`corenet_dontaudit_udp_receive_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- dontaudit $1 portmap_port_t:udp_socket recv_msg;
+ dontaudit $1 pktcable_cops_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the portmap port.
+## Send and receive UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63513,15 +64399,15 @@ interface(`corenet_dontaudit_udp_receive_portmap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_portmap_port',`
- corenet_udp_send_portmap_port($1)
- corenet_udp_receive_portmap_port($1)
+interface(`corenet_udp_sendrecv_pktcable_cops_port',`
+ corenet_udp_send_pktcable_cops_port($1)
+ corenet_udp_receive_pktcable_cops_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the portmap port.
+## UDP traffic on the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63530,14 +64416,14 @@ interface(`corenet_udp_sendrecv_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
- corenet_dontaudit_udp_send_portmap_port($1)
- corenet_dontaudit_udp_receive_portmap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pktcable_cops_port',`
+ corenet_dontaudit_udp_send_pktcable_cops_port($1)
+ corenet_dontaudit_udp_receive_pktcable_cops_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the portmap port.
+## Bind TCP sockets to the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63546,18 +64432,18 @@ interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_portmap_port',`
+interface(`corenet_tcp_bind_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pktcable_cops_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the portmap port.
+## Bind UDP sockets to the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63566,18 +64452,18 @@ interface(`corenet_tcp_bind_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_portmap_port',`
+interface(`corenet_udp_bind_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pktcable_cops_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the portmap port.
+## Make a TCP connection to the pktcable_cops port.
## </summary>
## <param name="domain">
## <summary>
@@ -63585,18 +64471,18 @@ interface(`corenet_udp_bind_portmap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_portmap_port',`
+interface(`corenet_tcp_connect_pktcable_cops_port',`
gen_require(`
- type portmap_port_t;
+ type pktcable_cops_port_t;
')
- allow $1 portmap_port_t:tcp_socket name_connect;
+ allow $1 pktcable_cops_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send portmap_client packets.
+## Send pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63605,17 +64491,17 @@ interface(`corenet_tcp_connect_portmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_portmap_client_packets',`
+interface(`corenet_send_pktcable_cops_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type pktcable_cops_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet send;
+ allow $1 pktcable_cops_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send portmap_client packets.
+## Do not audit attempts to send pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63624,17 +64510,17 @@ interface(`corenet_send_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_portmap_client_packets',`
+interface(`corenet_dontaudit_send_pktcable_cops_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type pktcable_cops_client_packet_t;
')
- dontaudit $1 portmap_client_packet_t:packet send;
+ dontaudit $1 pktcable_cops_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive portmap_client packets.
+## Receive pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63643,17 +64529,17 @@ interface(`corenet_dontaudit_send_portmap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_portmap_client_packets',`
+interface(`corenet_receive_pktcable_cops_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type pktcable_cops_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet recv;
+ allow $1 pktcable_cops_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive portmap_client packets.
+## Do not audit attempts to receive pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63662,17 +64548,17 @@ interface(`corenet_receive_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_portmap_client_packets',`
+interface(`corenet_dontaudit_receive_pktcable_cops_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type pktcable_cops_client_packet_t;
')
- dontaudit $1 portmap_client_packet_t:packet recv;
+ dontaudit $1 pktcable_cops_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive portmap_client packets.
+## Send and receive pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63681,14 +64567,14 @@ interface(`corenet_dontaudit_receive_portmap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_portmap_client_packets',`
- corenet_send_portmap_client_packets($1)
- corenet_receive_portmap_client_packets($1)
+interface(`corenet_sendrecv_pktcable_cops_client_packets',`
+ corenet_send_pktcable_cops_client_packets($1)
+ corenet_receive_pktcable_cops_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive portmap_client packets.
+## Do not audit attempts to send and receive pktcable_cops_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63697,14 +64583,14 @@ interface(`corenet_sendrecv_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
- corenet_dontaudit_send_portmap_client_packets($1)
- corenet_dontaudit_receive_portmap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pktcable_cops_client_packets',`
+ corenet_dontaudit_send_pktcable_cops_client_packets($1)
+ corenet_dontaudit_receive_pktcable_cops_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to portmap_client the packet type.
+## Relabel packets to pktcable_cops_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63712,18 +64598,18 @@ interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_portmap_client_packets',`
+interface(`corenet_relabelto_pktcable_cops_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type pktcable_cops_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet relabelto;
+ allow $1 pktcable_cops_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send portmap_server packets.
+## Send pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63732,17 +64618,17 @@ interface(`corenet_relabelto_portmap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_portmap_server_packets',`
+interface(`corenet_send_pktcable_cops_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type pktcable_cops_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet send;
+ allow $1 pktcable_cops_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send portmap_server packets.
+## Do not audit attempts to send pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63751,17 +64637,17 @@ interface(`corenet_send_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_portmap_server_packets',`
+interface(`corenet_dontaudit_send_pktcable_cops_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type pktcable_cops_server_packet_t;
')
- dontaudit $1 portmap_server_packet_t:packet send;
+ dontaudit $1 pktcable_cops_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive portmap_server packets.
+## Receive pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63770,17 +64656,17 @@ interface(`corenet_dontaudit_send_portmap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_portmap_server_packets',`
+interface(`corenet_receive_pktcable_cops_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type pktcable_cops_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet recv;
+ allow $1 pktcable_cops_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive portmap_server packets.
+## Do not audit attempts to receive pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63789,17 +64675,17 @@ interface(`corenet_receive_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_portmap_server_packets',`
+interface(`corenet_dontaudit_receive_pktcable_cops_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type pktcable_cops_server_packet_t;
')
- dontaudit $1 portmap_server_packet_t:packet recv;
+ dontaudit $1 pktcable_cops_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive portmap_server packets.
+## Send and receive pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63808,14 +64694,14 @@ interface(`corenet_dontaudit_receive_portmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_portmap_server_packets',`
- corenet_send_portmap_server_packets($1)
- corenet_receive_portmap_server_packets($1)
+interface(`corenet_sendrecv_pktcable_cops_server_packets',`
+ corenet_send_pktcable_cops_server_packets($1)
+ corenet_receive_pktcable_cops_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive portmap_server packets.
+## Do not audit attempts to send and receive pktcable_cops_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63824,14 +64710,14 @@ interface(`corenet_sendrecv_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
- corenet_dontaudit_send_portmap_server_packets($1)
- corenet_dontaudit_receive_portmap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pktcable_cops_server_packets',`
+ corenet_dontaudit_send_pktcable_cops_server_packets($1)
+ corenet_dontaudit_receive_pktcable_cops_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to portmap_server the packet type.
+## Relabel packets to pktcable_cops_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63839,12 +64725,12 @@ interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_portmap_server_packets',`
+interface(`corenet_relabelto_pktcable_cops_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type pktcable_cops_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet relabelto;
+ allow $1 pktcable_cops_server_packet_t:packet relabelto;
')
@@ -63852,7 +64738,7 @@ interface(`corenet_relabelto_portmap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postfix_policyd port.
+## Send and receive TCP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63861,17 +64747,17 @@ interface(`corenet_relabelto_portmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
+interface(`corenet_tcp_sendrecv_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pop_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postfix_policyd port.
+## Send UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63880,17 +64766,17 @@ interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postfix_policyd_port',`
+interface(`corenet_udp_send_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket send_msg;
+ allow $1 pop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postfix_policyd port.
+## Do not audit attempts to send UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63899,17 +64785,17 @@ interface(`corenet_udp_send_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
+interface(`corenet_dontaudit_udp_send_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- dontaudit $1 postfix_policyd_port_t:udp_socket send_msg;
+ dontaudit $1 pop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postfix_policyd port.
+## Receive UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63918,17 +64804,17 @@ interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postfix_policyd_port',`
+interface(`corenet_udp_receive_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket recv_msg;
+ allow $1 pop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postfix_policyd port.
+## Do not audit attempts to receive UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63937,17 +64823,17 @@ interface(`corenet_udp_receive_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
+interface(`corenet_dontaudit_udp_receive_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- dontaudit $1 postfix_policyd_port_t:udp_socket recv_msg;
+ dontaudit $1 pop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postfix_policyd port.
+## Send and receive UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63956,15 +64842,15 @@ interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postfix_policyd_port',`
- corenet_udp_send_postfix_policyd_port($1)
- corenet_udp_receive_postfix_policyd_port($1)
+interface(`corenet_udp_sendrecv_pop_port',`
+ corenet_udp_send_pop_port($1)
+ corenet_udp_receive_pop_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postfix_policyd port.
+## UDP traffic on the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63973,14 +64859,14 @@ interface(`corenet_udp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
- corenet_dontaudit_udp_send_postfix_policyd_port($1)
- corenet_dontaudit_udp_receive_postfix_policyd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
+ corenet_dontaudit_udp_send_pop_port($1)
+ corenet_dontaudit_udp_receive_pop_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postfix_policyd port.
+## Bind TCP sockets to the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -63989,18 +64875,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postfix_policyd_port',`
+interface(`corenet_tcp_bind_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket name_bind;
-
+ allow $1 pop_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the postfix_policyd port.
+## Bind UDP sockets to the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -64009,18 +64895,18 @@ interface(`corenet_tcp_bind_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postfix_policyd_port',`
+interface(`corenet_udp_bind_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket name_bind;
-
+ allow $1 pop_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the postfix_policyd port.
+## Make a TCP connection to the pop port.
## </summary>
## <param name="domain">
## <summary>
@@ -64028,18 +64914,18 @@ interface(`corenet_udp_bind_postfix_policyd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postfix_policyd_port',`
+interface(`corenet_tcp_connect_pop_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type pop_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket name_connect;
+ allow $1 pop_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postfix_policyd_client packets.
+## Send pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64048,17 +64934,17 @@ interface(`corenet_tcp_connect_postfix_policyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postfix_policyd_client_packets',`
+interface(`corenet_send_pop_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type pop_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet send;
+ allow $1 pop_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postfix_policyd_client packets.
+## Do not audit attempts to send pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64067,17 +64953,17 @@ interface(`corenet_send_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
+interface(`corenet_dontaudit_send_pop_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type pop_client_packet_t;
')
- dontaudit $1 postfix_policyd_client_packet_t:packet send;
+ dontaudit $1 pop_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postfix_policyd_client packets.
+## Receive pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64086,17 +64972,17 @@ interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postfix_policyd_client_packets',`
+interface(`corenet_receive_pop_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type pop_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet recv;
+ allow $1 pop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postfix_policyd_client packets.
+## Do not audit attempts to receive pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64105,17 +64991,17 @@ interface(`corenet_receive_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
+interface(`corenet_dontaudit_receive_pop_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type pop_client_packet_t;
')
- dontaudit $1 postfix_policyd_client_packet_t:packet recv;
+ dontaudit $1 pop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postfix_policyd_client packets.
+## Send and receive pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64124,14 +65010,14 @@ interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postfix_policyd_client_packets',`
- corenet_send_postfix_policyd_client_packets($1)
- corenet_receive_postfix_policyd_client_packets($1)
+interface(`corenet_sendrecv_pop_client_packets',`
+ corenet_send_pop_client_packets($1)
+ corenet_receive_pop_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postfix_policyd_client packets.
+## Do not audit attempts to send and receive pop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64140,14 +65026,14 @@ interface(`corenet_sendrecv_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
- corenet_dontaudit_send_postfix_policyd_client_packets($1)
- corenet_dontaudit_receive_postfix_policyd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
+ corenet_dontaudit_send_pop_client_packets($1)
+ corenet_dontaudit_receive_pop_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postfix_policyd_client the packet type.
+## Relabel packets to pop_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64155,18 +65041,18 @@ interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postfix_policyd_client_packets',`
+interface(`corenet_relabelto_pop_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type pop_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet relabelto;
+ allow $1 pop_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postfix_policyd_server packets.
+## Send pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64175,17 +65061,17 @@ interface(`corenet_relabelto_postfix_policyd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postfix_policyd_server_packets',`
+interface(`corenet_send_pop_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type pop_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet send;
+ allow $1 pop_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postfix_policyd_server packets.
+## Do not audit attempts to send pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64194,17 +65080,17 @@ interface(`corenet_send_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
+interface(`corenet_dontaudit_send_pop_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type pop_server_packet_t;
')
- dontaudit $1 postfix_policyd_server_packet_t:packet send;
+ dontaudit $1 pop_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postfix_policyd_server packets.
+## Receive pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64213,17 +65099,17 @@ interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postfix_policyd_server_packets',`
+interface(`corenet_receive_pop_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type pop_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet recv;
+ allow $1 pop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postfix_policyd_server packets.
+## Do not audit attempts to receive pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64232,17 +65118,17 @@ interface(`corenet_receive_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
+interface(`corenet_dontaudit_receive_pop_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type pop_server_packet_t;
')
- dontaudit $1 postfix_policyd_server_packet_t:packet recv;
+ dontaudit $1 pop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postfix_policyd_server packets.
+## Send and receive pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64251,14 +65137,14 @@ interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postfix_policyd_server_packets',`
- corenet_send_postfix_policyd_server_packets($1)
- corenet_receive_postfix_policyd_server_packets($1)
+interface(`corenet_sendrecv_pop_server_packets',`
+ corenet_send_pop_server_packets($1)
+ corenet_receive_pop_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postfix_policyd_server packets.
+## Do not audit attempts to send and receive pop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64267,14 +65153,14 @@ interface(`corenet_sendrecv_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
- corenet_dontaudit_send_postfix_policyd_server_packets($1)
- corenet_dontaudit_receive_postfix_policyd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
+ corenet_dontaudit_send_pop_server_packets($1)
+ corenet_dontaudit_receive_pop_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postfix_policyd_server the packet type.
+## Relabel packets to pop_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64282,12 +65168,12 @@ interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postfix_policyd_server_packets',`
+interface(`corenet_relabelto_pop_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type pop_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet relabelto;
+ allow $1 pop_server_packet_t:packet relabelto;
')
@@ -64295,7 +65181,7 @@ interface(`corenet_relabelto_postfix_policyd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postgresql port.
+## Send and receive TCP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64304,17 +65190,17 @@ interface(`corenet_relabelto_postfix_policyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postgresql_port',`
+interface(`corenet_tcp_sendrecv_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 portmap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postgresql port.
+## Send UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64323,17 +65209,17 @@ interface(`corenet_tcp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postgresql_port',`
+interface(`corenet_udp_send_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:udp_socket send_msg;
+ allow $1 portmap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postgresql port.
+## Do not audit attempts to send UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64342,17 +65228,17 @@ interface(`corenet_udp_send_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postgresql_port',`
+interface(`corenet_dontaudit_udp_send_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- dontaudit $1 postgresql_port_t:udp_socket send_msg;
+ dontaudit $1 portmap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postgresql port.
+## Receive UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64361,17 +65247,17 @@ interface(`corenet_dontaudit_udp_send_postgresql_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postgresql_port',`
+interface(`corenet_udp_receive_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:udp_socket recv_msg;
+ allow $1 portmap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postgresql port.
+## Do not audit attempts to receive UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64380,17 +65266,17 @@ interface(`corenet_udp_receive_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postgresql_port',`
+interface(`corenet_dontaudit_udp_receive_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- dontaudit $1 postgresql_port_t:udp_socket recv_msg;
+ dontaudit $1 portmap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postgresql port.
+## Send and receive UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64399,15 +65285,15 @@ interface(`corenet_dontaudit_udp_receive_postgresql_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postgresql_port',`
- corenet_udp_send_postgresql_port($1)
- corenet_udp_receive_postgresql_port($1)
+interface(`corenet_udp_sendrecv_portmap_port',`
+ corenet_udp_send_portmap_port($1)
+ corenet_udp_receive_portmap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postgresql port.
+## UDP traffic on the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64416,14 +65302,14 @@ interface(`corenet_udp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
- corenet_dontaudit_udp_send_postgresql_port($1)
- corenet_dontaudit_udp_receive_postgresql_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
+ corenet_dontaudit_udp_send_portmap_port($1)
+ corenet_dontaudit_udp_receive_portmap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postgresql port.
+## Bind TCP sockets to the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64432,18 +65318,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postgresql_port',`
+interface(`corenet_tcp_bind_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:tcp_socket name_bind;
-
+ allow $1 portmap_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the postgresql port.
+## Bind UDP sockets to the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64452,18 +65338,18 @@ interface(`corenet_tcp_bind_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postgresql_port',`
+interface(`corenet_udp_bind_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:udp_socket name_bind;
-
+ allow $1 portmap_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the postgresql port.
+## Make a TCP connection to the portmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -64471,18 +65357,18 @@ interface(`corenet_udp_bind_postgresql_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postgresql_port',`
+interface(`corenet_tcp_connect_portmap_port',`
gen_require(`
- type postgresql_port_t;
+ type portmap_port_t;
')
- allow $1 postgresql_port_t:tcp_socket name_connect;
+ allow $1 portmap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postgresql_client packets.
+## Send portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64491,17 +65377,17 @@ interface(`corenet_tcp_connect_postgresql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgresql_client_packets',`
+interface(`corenet_send_portmap_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type portmap_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet send;
+ allow $1 portmap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgresql_client packets.
+## Do not audit attempts to send portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64510,17 +65396,17 @@ interface(`corenet_send_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgresql_client_packets',`
+interface(`corenet_dontaudit_send_portmap_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type portmap_client_packet_t;
')
- dontaudit $1 postgresql_client_packet_t:packet send;
+ dontaudit $1 portmap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgresql_client packets.
+## Receive portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64529,17 +65415,17 @@ interface(`corenet_dontaudit_send_postgresql_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgresql_client_packets',`
+interface(`corenet_receive_portmap_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type portmap_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet recv;
+ allow $1 portmap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgresql_client packets.
+## Do not audit attempts to receive portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64548,17 +65434,17 @@ interface(`corenet_receive_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgresql_client_packets',`
+interface(`corenet_dontaudit_receive_portmap_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type portmap_client_packet_t;
')
- dontaudit $1 postgresql_client_packet_t:packet recv;
+ dontaudit $1 portmap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgresql_client packets.
+## Send and receive portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64567,14 +65453,14 @@ interface(`corenet_dontaudit_receive_postgresql_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgresql_client_packets',`
- corenet_send_postgresql_client_packets($1)
- corenet_receive_postgresql_client_packets($1)
+interface(`corenet_sendrecv_portmap_client_packets',`
+ corenet_send_portmap_client_packets($1)
+ corenet_receive_portmap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgresql_client packets.
+## Do not audit attempts to send and receive portmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64583,14 +65469,14 @@ interface(`corenet_sendrecv_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
- corenet_dontaudit_send_postgresql_client_packets($1)
- corenet_dontaudit_receive_postgresql_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
+ corenet_dontaudit_send_portmap_client_packets($1)
+ corenet_dontaudit_receive_portmap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgresql_client the packet type.
+## Relabel packets to portmap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64598,18 +65484,18 @@ interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgresql_client_packets',`
+interface(`corenet_relabelto_portmap_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type portmap_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet relabelto;
+ allow $1 portmap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postgresql_server packets.
+## Send portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64618,17 +65504,17 @@ interface(`corenet_relabelto_postgresql_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgresql_server_packets',`
+interface(`corenet_send_portmap_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type portmap_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet send;
+ allow $1 portmap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgresql_server packets.
+## Do not audit attempts to send portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64637,17 +65523,17 @@ interface(`corenet_send_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgresql_server_packets',`
+interface(`corenet_dontaudit_send_portmap_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type portmap_server_packet_t;
')
- dontaudit $1 postgresql_server_packet_t:packet send;
+ dontaudit $1 portmap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgresql_server packets.
+## Receive portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64656,17 +65542,17 @@ interface(`corenet_dontaudit_send_postgresql_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgresql_server_packets',`
+interface(`corenet_receive_portmap_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type portmap_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet recv;
+ allow $1 portmap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgresql_server packets.
+## Do not audit attempts to receive portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64675,17 +65561,17 @@ interface(`corenet_receive_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgresql_server_packets',`
+interface(`corenet_dontaudit_receive_portmap_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type portmap_server_packet_t;
')
- dontaudit $1 postgresql_server_packet_t:packet recv;
+ dontaudit $1 portmap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgresql_server packets.
+## Send and receive portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64694,14 +65580,14 @@ interface(`corenet_dontaudit_receive_postgresql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgresql_server_packets',`
- corenet_send_postgresql_server_packets($1)
- corenet_receive_postgresql_server_packets($1)
+interface(`corenet_sendrecv_portmap_server_packets',`
+ corenet_send_portmap_server_packets($1)
+ corenet_receive_portmap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgresql_server packets.
+## Do not audit attempts to send and receive portmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64710,14 +65596,14 @@ interface(`corenet_sendrecv_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
- corenet_dontaudit_send_postgresql_server_packets($1)
- corenet_dontaudit_receive_postgresql_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
+ corenet_dontaudit_send_portmap_server_packets($1)
+ corenet_dontaudit_receive_portmap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgresql_server the packet type.
+## Relabel packets to portmap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64725,12 +65611,12 @@ interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgresql_server_packets',`
+interface(`corenet_relabelto_portmap_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type portmap_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet relabelto;
+ allow $1 portmap_server_packet_t:packet relabelto;
')
@@ -64738,7 +65624,7 @@ interface(`corenet_relabelto_postgresql_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postgrey port.
+## Send and receive TCP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64747,17 +65633,17 @@ interface(`corenet_relabelto_postgresql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postgrey_port',`
+interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 postfix_policyd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postgrey port.
+## Send UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64766,17 +65652,17 @@ interface(`corenet_tcp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postgrey_port',`
+interface(`corenet_udp_send_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:udp_socket send_msg;
+ allow $1 postfix_policyd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postgrey port.
+## Do not audit attempts to send UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64785,17 +65671,17 @@ interface(`corenet_udp_send_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postgrey_port',`
+interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- dontaudit $1 postgrey_port_t:udp_socket send_msg;
+ dontaudit $1 postfix_policyd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postgrey port.
+## Receive UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64804,17 +65690,17 @@ interface(`corenet_dontaudit_udp_send_postgrey_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postgrey_port',`
+interface(`corenet_udp_receive_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:udp_socket recv_msg;
+ allow $1 postfix_policyd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postgrey port.
+## Do not audit attempts to receive UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64823,17 +65709,17 @@ interface(`corenet_udp_receive_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postgrey_port',`
+interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- dontaudit $1 postgrey_port_t:udp_socket recv_msg;
+ dontaudit $1 postfix_policyd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postgrey port.
+## Send and receive UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64842,15 +65728,15 @@ interface(`corenet_dontaudit_udp_receive_postgrey_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postgrey_port',`
- corenet_udp_send_postgrey_port($1)
- corenet_udp_receive_postgrey_port($1)
+interface(`corenet_udp_sendrecv_postfix_policyd_port',`
+ corenet_udp_send_postfix_policyd_port($1)
+ corenet_udp_receive_postfix_policyd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postgrey port.
+## UDP traffic on the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64859,14 +65745,14 @@ interface(`corenet_udp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
- corenet_dontaudit_udp_send_postgrey_port($1)
- corenet_dontaudit_udp_receive_postgrey_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
+ corenet_dontaudit_udp_send_postfix_policyd_port($1)
+ corenet_dontaudit_udp_receive_postfix_policyd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postgrey port.
+## Bind TCP sockets to the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64875,18 +65761,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postgrey_port',`
+interface(`corenet_tcp_bind_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:tcp_socket name_bind;
+ allow $1 postfix_policyd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the postgrey port.
+## Bind UDP sockets to the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64895,18 +65781,18 @@ interface(`corenet_tcp_bind_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postgrey_port',`
+interface(`corenet_udp_bind_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:udp_socket name_bind;
+ allow $1 postfix_policyd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the postgrey port.
+## Make a TCP connection to the postfix_policyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64914,18 +65800,18 @@ interface(`corenet_udp_bind_postgrey_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postgrey_port',`
+interface(`corenet_tcp_connect_postfix_policyd_port',`
gen_require(`
- type postgrey_port_t;
+ type postfix_policyd_port_t;
')
- allow $1 postgrey_port_t:tcp_socket name_connect;
+ allow $1 postfix_policyd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postgrey_client packets.
+## Send postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64934,17 +65820,17 @@ interface(`corenet_tcp_connect_postgrey_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgrey_client_packets',`
+interface(`corenet_send_postfix_policyd_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type postfix_policyd_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet send;
+ allow $1 postfix_policyd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgrey_client packets.
+## Do not audit attempts to send postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64953,17 +65839,17 @@ interface(`corenet_send_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgrey_client_packets',`
+interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type postfix_policyd_client_packet_t;
')
- dontaudit $1 postgrey_client_packet_t:packet send;
+ dontaudit $1 postfix_policyd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgrey_client packets.
+## Receive postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64972,17 +65858,17 @@ interface(`corenet_dontaudit_send_postgrey_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgrey_client_packets',`
+interface(`corenet_receive_postfix_policyd_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type postfix_policyd_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet recv;
+ allow $1 postfix_policyd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgrey_client packets.
+## Do not audit attempts to receive postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64991,17 +65877,17 @@ interface(`corenet_receive_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgrey_client_packets',`
+interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type postfix_policyd_client_packet_t;
')
- dontaudit $1 postgrey_client_packet_t:packet recv;
+ dontaudit $1 postfix_policyd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgrey_client packets.
+## Send and receive postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65010,14 +65896,14 @@ interface(`corenet_dontaudit_receive_postgrey_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgrey_client_packets',`
- corenet_send_postgrey_client_packets($1)
- corenet_receive_postgrey_client_packets($1)
+interface(`corenet_sendrecv_postfix_policyd_client_packets',`
+ corenet_send_postfix_policyd_client_packets($1)
+ corenet_receive_postfix_policyd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgrey_client packets.
+## Do not audit attempts to send and receive postfix_policyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65026,14 +65912,14 @@ interface(`corenet_sendrecv_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
- corenet_dontaudit_send_postgrey_client_packets($1)
- corenet_dontaudit_receive_postgrey_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
+ corenet_dontaudit_send_postfix_policyd_client_packets($1)
+ corenet_dontaudit_receive_postfix_policyd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgrey_client the packet type.
+## Relabel packets to postfix_policyd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65041,18 +65927,18 @@ interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgrey_client_packets',`
+interface(`corenet_relabelto_postfix_policyd_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type postfix_policyd_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet relabelto;
+ allow $1 postfix_policyd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postgrey_server packets.
+## Send postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65061,17 +65947,17 @@ interface(`corenet_relabelto_postgrey_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgrey_server_packets',`
+interface(`corenet_send_postfix_policyd_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type postfix_policyd_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet send;
+ allow $1 postfix_policyd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgrey_server packets.
+## Do not audit attempts to send postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65080,17 +65966,17 @@ interface(`corenet_send_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgrey_server_packets',`
+interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type postfix_policyd_server_packet_t;
')
- dontaudit $1 postgrey_server_packet_t:packet send;
+ dontaudit $1 postfix_policyd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgrey_server packets.
+## Receive postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65099,17 +65985,17 @@ interface(`corenet_dontaudit_send_postgrey_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgrey_server_packets',`
+interface(`corenet_receive_postfix_policyd_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type postfix_policyd_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet recv;
+ allow $1 postfix_policyd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgrey_server packets.
+## Do not audit attempts to receive postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65118,17 +66004,17 @@ interface(`corenet_receive_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgrey_server_packets',`
+interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type postfix_policyd_server_packet_t;
')
- dontaudit $1 postgrey_server_packet_t:packet recv;
+ dontaudit $1 postfix_policyd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgrey_server packets.
+## Send and receive postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65137,14 +66023,14 @@ interface(`corenet_dontaudit_receive_postgrey_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgrey_server_packets',`
- corenet_send_postgrey_server_packets($1)
- corenet_receive_postgrey_server_packets($1)
+interface(`corenet_sendrecv_postfix_policyd_server_packets',`
+ corenet_send_postfix_policyd_server_packets($1)
+ corenet_receive_postfix_policyd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgrey_server packets.
+## Do not audit attempts to send and receive postfix_policyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65153,14 +66039,14 @@ interface(`corenet_sendrecv_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
- corenet_dontaudit_send_postgrey_server_packets($1)
- corenet_dontaudit_receive_postgrey_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
+ corenet_dontaudit_send_postfix_policyd_server_packets($1)
+ corenet_dontaudit_receive_postfix_policyd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgrey_server the packet type.
+## Relabel packets to postfix_policyd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65168,12 +66054,12 @@ interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgrey_server_packets',`
+interface(`corenet_relabelto_postfix_policyd_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type postfix_policyd_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet relabelto;
+ allow $1 postfix_policyd_server_packet_t:packet relabelto;
')
@@ -65181,7 +66067,7 @@ interface(`corenet_relabelto_postgrey_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pptp port.
+## Send and receive TCP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65190,17 +66076,17 @@ interface(`corenet_relabelto_postgrey_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pptp_port',`
+interface(`corenet_tcp_sendrecv_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 postgresql_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pptp port.
+## Send UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65209,17 +66095,17 @@ interface(`corenet_tcp_sendrecv_pptp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pptp_port',`
+interface(`corenet_udp_send_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:udp_socket send_msg;
+ allow $1 postgresql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pptp port.
+## Do not audit attempts to send UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65228,17 +66114,17 @@ interface(`corenet_udp_send_pptp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pptp_port',`
+interface(`corenet_dontaudit_udp_send_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- dontaudit $1 pptp_port_t:udp_socket send_msg;
+ dontaudit $1 postgresql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pptp port.
+## Receive UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65247,17 +66133,17 @@ interface(`corenet_dontaudit_udp_send_pptp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pptp_port',`
+interface(`corenet_udp_receive_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:udp_socket recv_msg;
+ allow $1 postgresql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pptp port.
+## Do not audit attempts to receive UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65266,17 +66152,17 @@ interface(`corenet_udp_receive_pptp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pptp_port',`
+interface(`corenet_dontaudit_udp_receive_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- dontaudit $1 pptp_port_t:udp_socket recv_msg;
+ dontaudit $1 postgresql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pptp port.
+## Send and receive UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65285,15 +66171,15 @@ interface(`corenet_dontaudit_udp_receive_pptp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pptp_port',`
- corenet_udp_send_pptp_port($1)
- corenet_udp_receive_pptp_port($1)
+interface(`corenet_udp_sendrecv_postgresql_port',`
+ corenet_udp_send_postgresql_port($1)
+ corenet_udp_receive_postgresql_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pptp port.
+## UDP traffic on the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65302,14 +66188,14 @@ interface(`corenet_udp_sendrecv_pptp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pptp_port',`
- corenet_dontaudit_udp_send_pptp_port($1)
- corenet_dontaudit_udp_receive_pptp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
+ corenet_dontaudit_udp_send_postgresql_port($1)
+ corenet_dontaudit_udp_receive_postgresql_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pptp port.
+## Bind TCP sockets to the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65318,18 +66204,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pptp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pptp_port',`
+interface(`corenet_tcp_bind_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:tcp_socket name_bind;
+ allow $1 postgresql_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pptp port.
+## Bind UDP sockets to the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65338,18 +66224,18 @@ interface(`corenet_tcp_bind_pptp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pptp_port',`
+interface(`corenet_udp_bind_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:udp_socket name_bind;
+ allow $1 postgresql_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pptp port.
+## Make a TCP connection to the postgresql port.
## </summary>
## <param name="domain">
## <summary>
@@ -65357,18 +66243,18 @@ interface(`corenet_udp_bind_pptp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pptp_port',`
+interface(`corenet_tcp_connect_postgresql_port',`
gen_require(`
- type pptp_port_t;
+ type postgresql_port_t;
')
- allow $1 pptp_port_t:tcp_socket name_connect;
+ allow $1 postgresql_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pptp_client packets.
+## Send postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65377,17 +66263,17 @@ interface(`corenet_tcp_connect_pptp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pptp_client_packets',`
+interface(`corenet_send_postgresql_client_packets',`
gen_require(`
- type pptp_client_packet_t;
+ type postgresql_client_packet_t;
')
- allow $1 pptp_client_packet_t:packet send;
+ allow $1 postgresql_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pptp_client packets.
+## Do not audit attempts to send postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65396,17 +66282,17 @@ interface(`corenet_send_pptp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pptp_client_packets',`
+interface(`corenet_dontaudit_send_postgresql_client_packets',`
gen_require(`
- type pptp_client_packet_t;
+ type postgresql_client_packet_t;
')
- dontaudit $1 pptp_client_packet_t:packet send;
+ dontaudit $1 postgresql_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pptp_client packets.
+## Receive postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65415,17 +66301,17 @@ interface(`corenet_dontaudit_send_pptp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pptp_client_packets',`
+interface(`corenet_receive_postgresql_client_packets',`
gen_require(`
- type pptp_client_packet_t;
+ type postgresql_client_packet_t;
')
- allow $1 pptp_client_packet_t:packet recv;
+ allow $1 postgresql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pptp_client packets.
+## Do not audit attempts to receive postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65434,17 +66320,17 @@ interface(`corenet_receive_pptp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pptp_client_packets',`
+interface(`corenet_dontaudit_receive_postgresql_client_packets',`
gen_require(`
- type pptp_client_packet_t;
+ type postgresql_client_packet_t;
')
- dontaudit $1 pptp_client_packet_t:packet recv;
+ dontaudit $1 postgresql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pptp_client packets.
+## Send and receive postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65453,14 +66339,14 @@ interface(`corenet_dontaudit_receive_pptp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pptp_client_packets',`
- corenet_send_pptp_client_packets($1)
- corenet_receive_pptp_client_packets($1)
+interface(`corenet_sendrecv_postgresql_client_packets',`
+ corenet_send_postgresql_client_packets($1)
+ corenet_receive_postgresql_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pptp_client packets.
+## Do not audit attempts to send and receive postgresql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65469,14 +66355,14 @@ interface(`corenet_sendrecv_pptp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pptp_client_packets',`
- corenet_dontaudit_send_pptp_client_packets($1)
- corenet_dontaudit_receive_pptp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
+ corenet_dontaudit_send_postgresql_client_packets($1)
+ corenet_dontaudit_receive_postgresql_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pptp_client the packet type.
+## Relabel packets to postgresql_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65484,18 +66370,18 @@ interface(`corenet_dontaudit_sendrecv_pptp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pptp_client_packets',`
+interface(`corenet_relabelto_postgresql_client_packets',`
gen_require(`
- type pptp_client_packet_t;
+ type postgresql_client_packet_t;
')
- allow $1 pptp_client_packet_t:packet relabelto;
+ allow $1 postgresql_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pptp_server packets.
+## Send postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65504,17 +66390,17 @@ interface(`corenet_relabelto_pptp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pptp_server_packets',`
+interface(`corenet_send_postgresql_server_packets',`
gen_require(`
- type pptp_server_packet_t;
+ type postgresql_server_packet_t;
')
- allow $1 pptp_server_packet_t:packet send;
+ allow $1 postgresql_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pptp_server packets.
+## Do not audit attempts to send postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65523,17 +66409,17 @@ interface(`corenet_send_pptp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pptp_server_packets',`
+interface(`corenet_dontaudit_send_postgresql_server_packets',`
gen_require(`
- type pptp_server_packet_t;
+ type postgresql_server_packet_t;
')
- dontaudit $1 pptp_server_packet_t:packet send;
+ dontaudit $1 postgresql_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pptp_server packets.
+## Receive postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65542,17 +66428,17 @@ interface(`corenet_dontaudit_send_pptp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pptp_server_packets',`
+interface(`corenet_receive_postgresql_server_packets',`
gen_require(`
- type pptp_server_packet_t;
+ type postgresql_server_packet_t;
')
- allow $1 pptp_server_packet_t:packet recv;
+ allow $1 postgresql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pptp_server packets.
+## Do not audit attempts to receive postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65561,17 +66447,17 @@ interface(`corenet_receive_pptp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pptp_server_packets',`
+interface(`corenet_dontaudit_receive_postgresql_server_packets',`
gen_require(`
- type pptp_server_packet_t;
+ type postgresql_server_packet_t;
')
- dontaudit $1 pptp_server_packet_t:packet recv;
+ dontaudit $1 postgresql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pptp_server packets.
+## Send and receive postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65580,14 +66466,14 @@ interface(`corenet_dontaudit_receive_pptp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pptp_server_packets',`
- corenet_send_pptp_server_packets($1)
- corenet_receive_pptp_server_packets($1)
+interface(`corenet_sendrecv_postgresql_server_packets',`
+ corenet_send_postgresql_server_packets($1)
+ corenet_receive_postgresql_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pptp_server packets.
+## Do not audit attempts to send and receive postgresql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65596,14 +66482,14 @@ interface(`corenet_sendrecv_pptp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pptp_server_packets',`
- corenet_dontaudit_send_pptp_server_packets($1)
- corenet_dontaudit_receive_pptp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
+ corenet_dontaudit_send_postgresql_server_packets($1)
+ corenet_dontaudit_receive_postgresql_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pptp_server the packet type.
+## Relabel packets to postgresql_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65611,12 +66497,12 @@ interface(`corenet_dontaudit_sendrecv_pptp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pptp_server_packets',`
+interface(`corenet_relabelto_postgresql_server_packets',`
gen_require(`
- type pptp_server_packet_t;
+ type postgresql_server_packet_t;
')
- allow $1 pptp_server_packet_t:packet relabelto;
+ allow $1 postgresql_server_packet_t:packet relabelto;
')
@@ -65624,7 +66510,7 @@ interface(`corenet_relabelto_pptp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the prelude port.
+## Send and receive TCP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65633,17 +66519,17 @@ interface(`corenet_relabelto_pptp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_prelude_port',`
+interface(`corenet_tcp_sendrecv_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 postgrey_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the prelude port.
+## Send UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65652,17 +66538,17 @@ interface(`corenet_tcp_sendrecv_prelude_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_prelude_port',`
+interface(`corenet_udp_send_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:udp_socket send_msg;
+ allow $1 postgrey_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the prelude port.
+## Do not audit attempts to send UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65671,17 +66557,17 @@ interface(`corenet_udp_send_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_prelude_port',`
+interface(`corenet_dontaudit_udp_send_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- dontaudit $1 prelude_port_t:udp_socket send_msg;
+ dontaudit $1 postgrey_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the prelude port.
+## Receive UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65690,17 +66576,17 @@ interface(`corenet_dontaudit_udp_send_prelude_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_prelude_port',`
+interface(`corenet_udp_receive_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:udp_socket recv_msg;
+ allow $1 postgrey_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the prelude port.
+## Do not audit attempts to receive UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65709,17 +66595,17 @@ interface(`corenet_udp_receive_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_prelude_port',`
+interface(`corenet_dontaudit_udp_receive_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- dontaudit $1 prelude_port_t:udp_socket recv_msg;
+ dontaudit $1 postgrey_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the prelude port.
+## Send and receive UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65728,15 +66614,15 @@ interface(`corenet_dontaudit_udp_receive_prelude_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_prelude_port',`
- corenet_udp_send_prelude_port($1)
- corenet_udp_receive_prelude_port($1)
+interface(`corenet_udp_sendrecv_postgrey_port',`
+ corenet_udp_send_postgrey_port($1)
+ corenet_udp_receive_postgrey_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the prelude port.
+## UDP traffic on the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65745,14 +66631,14 @@ interface(`corenet_udp_sendrecv_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
- corenet_dontaudit_udp_send_prelude_port($1)
- corenet_dontaudit_udp_receive_prelude_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
+ corenet_dontaudit_udp_send_postgrey_port($1)
+ corenet_dontaudit_udp_receive_postgrey_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the prelude port.
+## Bind TCP sockets to the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65761,18 +66647,18 @@ interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_prelude_port',`
+interface(`corenet_tcp_bind_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:tcp_socket name_bind;
+ allow $1 postgrey_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the prelude port.
+## Bind UDP sockets to the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65781,18 +66667,18 @@ interface(`corenet_tcp_bind_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_prelude_port',`
+interface(`corenet_udp_bind_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:udp_socket name_bind;
+ allow $1 postgrey_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the prelude port.
+## Make a TCP connection to the postgrey port.
## </summary>
## <param name="domain">
## <summary>
@@ -65800,18 +66686,18 @@ interface(`corenet_udp_bind_prelude_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_prelude_port',`
+interface(`corenet_tcp_connect_postgrey_port',`
gen_require(`
- type prelude_port_t;
+ type postgrey_port_t;
')
- allow $1 prelude_port_t:tcp_socket name_connect;
+ allow $1 postgrey_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send prelude_client packets.
+## Send postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65820,17 +66706,17 @@ interface(`corenet_tcp_connect_prelude_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_prelude_client_packets',`
+interface(`corenet_send_postgrey_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type postgrey_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet send;
+ allow $1 postgrey_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send prelude_client packets.
+## Do not audit attempts to send postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65839,17 +66725,17 @@ interface(`corenet_send_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_prelude_client_packets',`
+interface(`corenet_dontaudit_send_postgrey_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type postgrey_client_packet_t;
')
- dontaudit $1 prelude_client_packet_t:packet send;
+ dontaudit $1 postgrey_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive prelude_client packets.
+## Receive postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65858,17 +66744,17 @@ interface(`corenet_dontaudit_send_prelude_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_prelude_client_packets',`
+interface(`corenet_receive_postgrey_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type postgrey_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet recv;
+ allow $1 postgrey_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive prelude_client packets.
+## Do not audit attempts to receive postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65877,17 +66763,17 @@ interface(`corenet_receive_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_prelude_client_packets',`
+interface(`corenet_dontaudit_receive_postgrey_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type postgrey_client_packet_t;
')
- dontaudit $1 prelude_client_packet_t:packet recv;
+ dontaudit $1 postgrey_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive prelude_client packets.
+## Send and receive postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65896,14 +66782,14 @@ interface(`corenet_dontaudit_receive_prelude_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_prelude_client_packets',`
- corenet_send_prelude_client_packets($1)
- corenet_receive_prelude_client_packets($1)
+interface(`corenet_sendrecv_postgrey_client_packets',`
+ corenet_send_postgrey_client_packets($1)
+ corenet_receive_postgrey_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive prelude_client packets.
+## Do not audit attempts to send and receive postgrey_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65912,14 +66798,14 @@ interface(`corenet_sendrecv_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
- corenet_dontaudit_send_prelude_client_packets($1)
- corenet_dontaudit_receive_prelude_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
+ corenet_dontaudit_send_postgrey_client_packets($1)
+ corenet_dontaudit_receive_postgrey_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to prelude_client the packet type.
+## Relabel packets to postgrey_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65927,18 +66813,18 @@ interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_prelude_client_packets',`
+interface(`corenet_relabelto_postgrey_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type postgrey_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet relabelto;
+ allow $1 postgrey_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send prelude_server packets.
+## Send postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65947,17 +66833,17 @@ interface(`corenet_relabelto_prelude_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_prelude_server_packets',`
+interface(`corenet_send_postgrey_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type postgrey_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet send;
+ allow $1 postgrey_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send prelude_server packets.
+## Do not audit attempts to send postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65966,17 +66852,17 @@ interface(`corenet_send_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_prelude_server_packets',`
+interface(`corenet_dontaudit_send_postgrey_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type postgrey_server_packet_t;
')
- dontaudit $1 prelude_server_packet_t:packet send;
+ dontaudit $1 postgrey_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive prelude_server packets.
+## Receive postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65985,17 +66871,17 @@ interface(`corenet_dontaudit_send_prelude_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_prelude_server_packets',`
+interface(`corenet_receive_postgrey_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type postgrey_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet recv;
+ allow $1 postgrey_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive prelude_server packets.
+## Do not audit attempts to receive postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66004,17 +66890,17 @@ interface(`corenet_receive_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_prelude_server_packets',`
+interface(`corenet_dontaudit_receive_postgrey_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type postgrey_server_packet_t;
')
- dontaudit $1 prelude_server_packet_t:packet recv;
+ dontaudit $1 postgrey_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive prelude_server packets.
+## Send and receive postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66023,14 +66909,14 @@ interface(`corenet_dontaudit_receive_prelude_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_prelude_server_packets',`
- corenet_send_prelude_server_packets($1)
- corenet_receive_prelude_server_packets($1)
+interface(`corenet_sendrecv_postgrey_server_packets',`
+ corenet_send_postgrey_server_packets($1)
+ corenet_receive_postgrey_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive prelude_server packets.
+## Do not audit attempts to send and receive postgrey_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66039,14 +66925,14 @@ interface(`corenet_sendrecv_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
- corenet_dontaudit_send_prelude_server_packets($1)
- corenet_dontaudit_receive_prelude_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
+ corenet_dontaudit_send_postgrey_server_packets($1)
+ corenet_dontaudit_receive_postgrey_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to prelude_server the packet type.
+## Relabel packets to postgrey_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66054,12 +66940,12 @@ interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_prelude_server_packets',`
+interface(`corenet_relabelto_postgrey_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type postgrey_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet relabelto;
+ allow $1 postgrey_server_packet_t:packet relabelto;
')
@@ -66067,7 +66953,7 @@ interface(`corenet_relabelto_prelude_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the presence port.
+## Send and receive TCP traffic on the pptp port.
## </summary>
## <param name="domain">
## <summary>
@@ -66076,17 +66962,17 @@ interface(`corenet_relabelto_prelude_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_presence_port',`
+interface(`corenet_tcp_sendrecv_pptp_port',`
gen_require(`
- type presence_port_t;
+ type pptp_port_t;
')
- allow $1 presence_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pptp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the presence port.
+## Send UDP traffic on the pptp port.
## </summary>
## <param name="domain">
## <summary>
@@ -66095,12 +66981,898 @@ interface(`corenet_tcp_sendrecv_presence_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_presence_port',`
+interface(`corenet_udp_send_pptp_port',`
gen_require(`
- type presence_port_t;
+ type pptp_port_t;
')
- allow $1 presence_port_t:udp_socket send_msg;
+ allow $1 pptp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ dontaudit $1 pptp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ dontaudit $1 pptp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pptp_port',`
+ corenet_udp_send_pptp_port($1)
+ corenet_udp_receive_pptp_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pptp_port',`
+ corenet_dontaudit_udp_send_pptp_port($1)
+ corenet_dontaudit_udp_receive_pptp_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ dontaudit $1 pptp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ dontaudit $1 pptp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pptp_client_packets',`
+ corenet_send_pptp_client_packets($1)
+ corenet_receive_pptp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pptp_client_packets',`
+ corenet_dontaudit_send_pptp_client_packets($1)
+ corenet_dontaudit_receive_pptp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pptp_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ dontaudit $1 pptp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ dontaudit $1 pptp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pptp_server_packets',`
+ corenet_send_pptp_server_packets($1)
+ corenet_receive_pptp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pptp_server_packets',`
+ corenet_dontaudit_send_pptp_server_packets($1)
+ corenet_dontaudit_receive_pptp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pptp_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ dontaudit $1 prelude_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ dontaudit $1 prelude_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_prelude_port',`
+ corenet_udp_send_prelude_port($1)
+ corenet_udp_receive_prelude_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
+ corenet_dontaudit_udp_send_prelude_port($1)
+ corenet_dontaudit_udp_receive_prelude_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ dontaudit $1 prelude_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ dontaudit $1 prelude_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_prelude_client_packets',`
+ corenet_send_prelude_client_packets($1)
+ corenet_receive_prelude_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
+ corenet_dontaudit_send_prelude_client_packets($1)
+ corenet_dontaudit_receive_prelude_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to prelude_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ dontaudit $1 prelude_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ dontaudit $1 prelude_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_prelude_server_packets',`
+ corenet_send_prelude_server_packets($1)
+ corenet_receive_prelude_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
+ corenet_dontaudit_send_prelude_server_packets($1)
+ corenet_dontaudit_receive_prelude_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to prelude_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket send_msg;
')
########################################
@@ -66114,17 +67886,903 @@ interface(`corenet_udp_send_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_presence_port',`
+interface(`corenet_dontaudit_udp_send_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ dontaudit $1 presence_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ dontaudit $1 presence_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_presence_port',`
+ corenet_udp_send_presence_port($1)
+ corenet_udp_receive_presence_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
+ corenet_dontaudit_udp_send_presence_port($1)
+ corenet_dontaudit_udp_receive_presence_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ dontaudit $1 presence_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ dontaudit $1 presence_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_presence_client_packets',`
+ corenet_send_presence_client_packets($1)
+ corenet_receive_presence_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
+ corenet_dontaudit_send_presence_client_packets($1)
+ corenet_dontaudit_receive_presence_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to presence_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ dontaudit $1 presence_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ dontaudit $1 presence_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_presence_server_packets',`
+ corenet_send_presence_server_packets($1)
+ corenet_receive_presence_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
+ corenet_dontaudit_send_presence_server_packets($1)
+ corenet_dontaudit_receive_presence_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to presence_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ dontaudit $1 printer_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ dontaudit $1 printer_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_printer_port',`
+ corenet_udp_send_printer_port($1)
+ corenet_udp_receive_printer_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
+ corenet_dontaudit_udp_send_printer_port($1)
+ corenet_dontaudit_udp_receive_printer_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ dontaudit $1 printer_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ dontaudit $1 printer_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_printer_client_packets',`
+ corenet_send_printer_client_packets($1)
+ corenet_receive_printer_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
+ corenet_dontaudit_send_printer_client_packets($1)
+ corenet_dontaudit_receive_printer_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to printer_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ dontaudit $1 printer_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ dontaudit $1 printer_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_printer_server_packets',`
+ corenet_send_printer_server_packets($1)
+ corenet_receive_printer_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
+ corenet_dontaudit_send_printer_server_packets($1)
+ corenet_dontaudit_receive_printer_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to printer_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ptal_port',`
gen_require(`
- type presence_port_t;
+ type ptal_port_t;
')
- dontaudit $1 presence_port_t:udp_socket send_msg;
+ dontaudit $1 ptal_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the presence port.
+## Receive UDP traffic on the ptal port.
## </summary>
## <param name="domain">
## <summary>
@@ -66133,17 +68791,17 @@ interface(`corenet_dontaudit_udp_send_presence_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_presence_port',`
+interface(`corenet_udp_receive_ptal_port',`
gen_require(`
- type presence_port_t;
+ type ptal_port_t;
')
- allow $1 presence_port_t:udp_socket recv_msg;
+ allow $1 ptal_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the presence port.
+## Do not audit attempts to receive UDP traffic on the ptal port.
## </summary>
## <param name="domain">
## <summary>
@@ -66152,17 +68810,17 @@ interface(`corenet_udp_receive_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_presence_port',`
+interface(`corenet_dontaudit_udp_receive_ptal_port',`
gen_require(`
- type presence_port_t;
+ type ptal_port_t;
')
- dontaudit $1 presence_port_t:udp_socket recv_msg;
+ dontaudit $1 ptal_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the presence port.
+## Send and receive UDP traffic on the ptal port.
## </summary>
## <param name="domain">
## <summary>
@@ -66171,15 +68829,458 @@ interface(`corenet_dontaudit_udp_receive_presence_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_presence_port',`
- corenet_udp_send_presence_port($1)
- corenet_udp_receive_presence_port($1)
+interface(`corenet_udp_sendrecv_ptal_port',`
+ corenet_udp_send_ptal_port($1)
+ corenet_udp_receive_ptal_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the presence port.
+## UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
+ corenet_dontaudit_udp_send_ptal_port($1)
+ corenet_dontaudit_udp_receive_ptal_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ dontaudit $1 ptal_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ dontaudit $1 ptal_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ptal_client_packets',`
+ corenet_send_ptal_client_packets($1)
+ corenet_receive_ptal_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
+ corenet_dontaudit_send_ptal_client_packets($1)
+ corenet_dontaudit_receive_ptal_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ptal_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ dontaudit $1 ptal_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ dontaudit $1 ptal_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ptal_server_packets',`
+ corenet_send_ptal_server_packets($1)
+ corenet_receive_ptal_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
+ corenet_dontaudit_send_ptal_server_packets($1)
+ corenet_dontaudit_receive_ptal_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ptal_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ dontaudit $1 pulseaudio_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ dontaudit $1 pulseaudio_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pulseaudio_port',`
+ corenet_udp_send_pulseaudio_port($1)
+ corenet_udp_receive_pulseaudio_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pulseaudio port.
## </summary>
## <param name="domain">
## <summary>
@@ -66188,14 +69289,14 @@ interface(`corenet_udp_sendrecv_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
- corenet_dontaudit_udp_send_presence_port($1)
- corenet_dontaudit_udp_receive_presence_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
+ corenet_dontaudit_udp_send_pulseaudio_port($1)
+ corenet_dontaudit_udp_receive_pulseaudio_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the presence port.
+## Bind TCP sockets to the pulseaudio port.
## </summary>
## <param name="domain">
## <summary>
@@ -66204,18 +69305,18 @@ interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_presence_port',`
+interface(`corenet_tcp_bind_pulseaudio_port',`
gen_require(`
- type presence_port_t;
+ type pulseaudio_port_t;
')
- allow $1 presence_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pulseaudio_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the presence port.
+## Bind UDP sockets to the pulseaudio port.
## </summary>
## <param name="domain">
## <summary>
@@ -66224,18 +69325,18 @@ interface(`corenet_tcp_bind_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_presence_port',`
+interface(`corenet_udp_bind_pulseaudio_port',`
gen_require(`
- type presence_port_t;
+ type pulseaudio_port_t;
')
- allow $1 presence_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 pulseaudio_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the presence port.
+## Make a TCP connection to the pulseaudio port.
## </summary>
## <param name="domain">
## <summary>
@@ -66243,18 +69344,18 @@ interface(`corenet_udp_bind_presence_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_presence_port',`
+interface(`corenet_tcp_connect_pulseaudio_port',`
gen_require(`
- type presence_port_t;
+ type pulseaudio_port_t;
')
- allow $1 presence_port_t:tcp_socket name_connect;
+ allow $1 pulseaudio_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send presence_client packets.
+## Send pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66263,17 +69364,17 @@ interface(`corenet_tcp_connect_presence_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_presence_client_packets',`
+interface(`corenet_send_pulseaudio_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type pulseaudio_client_packet_t;
')
- allow $1 presence_client_packet_t:packet send;
+ allow $1 pulseaudio_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send presence_client packets.
+## Do not audit attempts to send pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66282,17 +69383,17 @@ interface(`corenet_send_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_presence_client_packets',`
+interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type pulseaudio_client_packet_t;
')
- dontaudit $1 presence_client_packet_t:packet send;
+ dontaudit $1 pulseaudio_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive presence_client packets.
+## Receive pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66301,17 +69402,17 @@ interface(`corenet_dontaudit_send_presence_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_presence_client_packets',`
+interface(`corenet_receive_pulseaudio_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type pulseaudio_client_packet_t;
')
- allow $1 presence_client_packet_t:packet recv;
+ allow $1 pulseaudio_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive presence_client packets.
+## Do not audit attempts to receive pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66320,17 +69421,17 @@ interface(`corenet_receive_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_presence_client_packets',`
+interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type pulseaudio_client_packet_t;
')
- dontaudit $1 presence_client_packet_t:packet recv;
+ dontaudit $1 pulseaudio_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive presence_client packets.
+## Send and receive pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66339,14 +69440,14 @@ interface(`corenet_dontaudit_receive_presence_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_presence_client_packets',`
- corenet_send_presence_client_packets($1)
- corenet_receive_presence_client_packets($1)
+interface(`corenet_sendrecv_pulseaudio_client_packets',`
+ corenet_send_pulseaudio_client_packets($1)
+ corenet_receive_pulseaudio_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive presence_client packets.
+## Do not audit attempts to send and receive pulseaudio_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66355,14 +69456,14 @@ interface(`corenet_sendrecv_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
- corenet_dontaudit_send_presence_client_packets($1)
- corenet_dontaudit_receive_presence_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
+ corenet_dontaudit_send_pulseaudio_client_packets($1)
+ corenet_dontaudit_receive_pulseaudio_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to presence_client the packet type.
+## Relabel packets to pulseaudio_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66370,18 +69471,18 @@ interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_presence_client_packets',`
+interface(`corenet_relabelto_pulseaudio_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type pulseaudio_client_packet_t;
')
- allow $1 presence_client_packet_t:packet relabelto;
+ allow $1 pulseaudio_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send presence_server packets.
+## Send pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66390,17 +69491,17 @@ interface(`corenet_relabelto_presence_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_presence_server_packets',`
+interface(`corenet_send_pulseaudio_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type pulseaudio_server_packet_t;
')
- allow $1 presence_server_packet_t:packet send;
+ allow $1 pulseaudio_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send presence_server packets.
+## Do not audit attempts to send pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66409,17 +69510,17 @@ interface(`corenet_send_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_presence_server_packets',`
+interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type pulseaudio_server_packet_t;
')
- dontaudit $1 presence_server_packet_t:packet send;
+ dontaudit $1 pulseaudio_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive presence_server packets.
+## Receive pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66428,17 +69529,17 @@ interface(`corenet_dontaudit_send_presence_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_presence_server_packets',`
+interface(`corenet_receive_pulseaudio_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type pulseaudio_server_packet_t;
')
- allow $1 presence_server_packet_t:packet recv;
+ allow $1 pulseaudio_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive presence_server packets.
+## Do not audit attempts to receive pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66447,17 +69548,17 @@ interface(`corenet_receive_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_presence_server_packets',`
+interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type pulseaudio_server_packet_t;
')
- dontaudit $1 presence_server_packet_t:packet recv;
+ dontaudit $1 pulseaudio_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive presence_server packets.
+## Send and receive pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66466,14 +69567,14 @@ interface(`corenet_dontaudit_receive_presence_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_presence_server_packets',`
- corenet_send_presence_server_packets($1)
- corenet_receive_presence_server_packets($1)
+interface(`corenet_sendrecv_pulseaudio_server_packets',`
+ corenet_send_pulseaudio_server_packets($1)
+ corenet_receive_pulseaudio_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive presence_server packets.
+## Do not audit attempts to send and receive pulseaudio_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66482,14 +69583,14 @@ interface(`corenet_sendrecv_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
- corenet_dontaudit_send_presence_server_packets($1)
- corenet_dontaudit_receive_presence_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
+ corenet_dontaudit_send_pulseaudio_server_packets($1)
+ corenet_dontaudit_receive_pulseaudio_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to presence_server the packet type.
+## Relabel packets to pulseaudio_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66497,12 +69598,12 @@ interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_presence_server_packets',`
+interface(`corenet_relabelto_pulseaudio_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type pulseaudio_server_packet_t;
')
- allow $1 presence_server_packet_t:packet relabelto;
+ allow $1 pulseaudio_server_packet_t:packet relabelto;
')
@@ -66510,7 +69611,7 @@ interface(`corenet_relabelto_presence_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the printer port.
+## Send and receive TCP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66519,17 +69620,17 @@ interface(`corenet_relabelto_presence_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_printer_port',`
+interface(`corenet_tcp_sendrecv_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 puppet_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the printer port.
+## Send UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66538,17 +69639,17 @@ interface(`corenet_tcp_sendrecv_printer_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_printer_port',`
+interface(`corenet_udp_send_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:udp_socket send_msg;
+ allow $1 puppet_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the printer port.
+## Do not audit attempts to send UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66557,17 +69658,17 @@ interface(`corenet_udp_send_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_printer_port',`
+interface(`corenet_dontaudit_udp_send_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- dontaudit $1 printer_port_t:udp_socket send_msg;
+ dontaudit $1 puppet_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the printer port.
+## Receive UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66576,17 +69677,17 @@ interface(`corenet_dontaudit_udp_send_printer_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_printer_port',`
+interface(`corenet_udp_receive_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:udp_socket recv_msg;
+ allow $1 puppet_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the printer port.
+## Do not audit attempts to receive UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66595,17 +69696,17 @@ interface(`corenet_udp_receive_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_printer_port',`
+interface(`corenet_dontaudit_udp_receive_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- dontaudit $1 printer_port_t:udp_socket recv_msg;
+ dontaudit $1 puppet_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the printer port.
+## Send and receive UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66614,15 +69715,15 @@ interface(`corenet_dontaudit_udp_receive_printer_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_printer_port',`
- corenet_udp_send_printer_port($1)
- corenet_udp_receive_printer_port($1)
+interface(`corenet_udp_sendrecv_puppet_port',`
+ corenet_udp_send_puppet_port($1)
+ corenet_udp_receive_puppet_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the printer port.
+## UDP traffic on the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66631,14 +69732,14 @@ interface(`corenet_udp_sendrecv_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
- corenet_dontaudit_udp_send_printer_port($1)
- corenet_dontaudit_udp_receive_printer_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
+ corenet_dontaudit_udp_send_puppet_port($1)
+ corenet_dontaudit_udp_receive_puppet_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the printer port.
+## Bind TCP sockets to the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66647,18 +69748,18 @@ interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_printer_port',`
+interface(`corenet_tcp_bind_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 puppet_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the printer port.
+## Bind UDP sockets to the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66667,18 +69768,18 @@ interface(`corenet_tcp_bind_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_printer_port',`
+interface(`corenet_udp_bind_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 puppet_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the printer port.
+## Make a TCP connection to the puppet port.
## </summary>
## <param name="domain">
## <summary>
@@ -66686,18 +69787,18 @@ interface(`corenet_udp_bind_printer_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_printer_port',`
+interface(`corenet_tcp_connect_puppet_port',`
gen_require(`
- type printer_port_t;
+ type puppet_port_t;
')
- allow $1 printer_port_t:tcp_socket name_connect;
+ allow $1 puppet_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send printer_client packets.
+## Send puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66706,17 +69807,17 @@ interface(`corenet_tcp_connect_printer_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_printer_client_packets',`
+interface(`corenet_send_puppet_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type puppet_client_packet_t;
')
- allow $1 printer_client_packet_t:packet send;
+ allow $1 puppet_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send printer_client packets.
+## Do not audit attempts to send puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66725,17 +69826,17 @@ interface(`corenet_send_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_printer_client_packets',`
+interface(`corenet_dontaudit_send_puppet_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type puppet_client_packet_t;
')
- dontaudit $1 printer_client_packet_t:packet send;
+ dontaudit $1 puppet_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive printer_client packets.
+## Receive puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66744,17 +69845,17 @@ interface(`corenet_dontaudit_send_printer_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_printer_client_packets',`
+interface(`corenet_receive_puppet_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type puppet_client_packet_t;
')
- allow $1 printer_client_packet_t:packet recv;
+ allow $1 puppet_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive printer_client packets.
+## Do not audit attempts to receive puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66763,17 +69864,17 @@ interface(`corenet_receive_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_printer_client_packets',`
+interface(`corenet_dontaudit_receive_puppet_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type puppet_client_packet_t;
')
- dontaudit $1 printer_client_packet_t:packet recv;
+ dontaudit $1 puppet_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive printer_client packets.
+## Send and receive puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66782,14 +69883,14 @@ interface(`corenet_dontaudit_receive_printer_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_printer_client_packets',`
- corenet_send_printer_client_packets($1)
- corenet_receive_printer_client_packets($1)
+interface(`corenet_sendrecv_puppet_client_packets',`
+ corenet_send_puppet_client_packets($1)
+ corenet_receive_puppet_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive printer_client packets.
+## Do not audit attempts to send and receive puppet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66798,14 +69899,14 @@ interface(`corenet_sendrecv_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
- corenet_dontaudit_send_printer_client_packets($1)
- corenet_dontaudit_receive_printer_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
+ corenet_dontaudit_send_puppet_client_packets($1)
+ corenet_dontaudit_receive_puppet_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to printer_client the packet type.
+## Relabel packets to puppet_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66813,18 +69914,18 @@ interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_printer_client_packets',`
+interface(`corenet_relabelto_puppet_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type puppet_client_packet_t;
')
- allow $1 printer_client_packet_t:packet relabelto;
+ allow $1 puppet_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send printer_server packets.
+## Send puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66833,17 +69934,17 @@ interface(`corenet_relabelto_printer_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_printer_server_packets',`
+interface(`corenet_send_puppet_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type puppet_server_packet_t;
')
- allow $1 printer_server_packet_t:packet send;
+ allow $1 puppet_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send printer_server packets.
+## Do not audit attempts to send puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66852,17 +69953,17 @@ interface(`corenet_send_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_printer_server_packets',`
+interface(`corenet_dontaudit_send_puppet_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type puppet_server_packet_t;
')
- dontaudit $1 printer_server_packet_t:packet send;
+ dontaudit $1 puppet_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive printer_server packets.
+## Receive puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66871,17 +69972,17 @@ interface(`corenet_dontaudit_send_printer_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_printer_server_packets',`
+interface(`corenet_receive_puppet_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type puppet_server_packet_t;
')
- allow $1 printer_server_packet_t:packet recv;
+ allow $1 puppet_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive printer_server packets.
+## Do not audit attempts to receive puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66890,17 +69991,17 @@ interface(`corenet_receive_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_printer_server_packets',`
+interface(`corenet_dontaudit_receive_puppet_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type puppet_server_packet_t;
')
- dontaudit $1 printer_server_packet_t:packet recv;
+ dontaudit $1 puppet_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive printer_server packets.
+## Send and receive puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66909,14 +70010,14 @@ interface(`corenet_dontaudit_receive_printer_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_printer_server_packets',`
- corenet_send_printer_server_packets($1)
- corenet_receive_printer_server_packets($1)
+interface(`corenet_sendrecv_puppet_server_packets',`
+ corenet_send_puppet_server_packets($1)
+ corenet_receive_puppet_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive printer_server packets.
+## Do not audit attempts to send and receive puppet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66925,14 +70026,14 @@ interface(`corenet_sendrecv_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
- corenet_dontaudit_send_printer_server_packets($1)
- corenet_dontaudit_receive_printer_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
+ corenet_dontaudit_send_puppet_server_packets($1)
+ corenet_dontaudit_receive_puppet_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to printer_server the packet type.
+## Relabel packets to puppet_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66940,12 +70041,12 @@ interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_printer_server_packets',`
+interface(`corenet_relabelto_puppet_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type puppet_server_packet_t;
')
- allow $1 printer_server_packet_t:packet relabelto;
+ allow $1 puppet_server_packet_t:packet relabelto;
')
@@ -66953,7 +70054,7 @@ interface(`corenet_relabelto_printer_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ptal port.
+## Send and receive TCP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -66962,17 +70063,17 @@ interface(`corenet_relabelto_printer_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ptal_port',`
+interface(`corenet_tcp_sendrecv_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 puppetclient_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ptal port.
+## Send UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -66981,17 +70082,17 @@ interface(`corenet_tcp_sendrecv_ptal_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ptal_port',`
+interface(`corenet_udp_send_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:udp_socket send_msg;
+ allow $1 puppetclient_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ptal port.
+## Do not audit attempts to send UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67000,17 +70101,17 @@ interface(`corenet_udp_send_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ptal_port',`
+interface(`corenet_dontaudit_udp_send_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- dontaudit $1 ptal_port_t:udp_socket send_msg;
+ dontaudit $1 puppetclient_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ptal port.
+## Receive UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67019,17 +70120,17 @@ interface(`corenet_dontaudit_udp_send_ptal_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ptal_port',`
+interface(`corenet_udp_receive_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:udp_socket recv_msg;
+ allow $1 puppetclient_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ptal port.
+## Do not audit attempts to receive UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67038,17 +70139,17 @@ interface(`corenet_udp_receive_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ptal_port',`
+interface(`corenet_dontaudit_udp_receive_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- dontaudit $1 ptal_port_t:udp_socket recv_msg;
+ dontaudit $1 puppetclient_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ptal port.
+## Send and receive UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67057,15 +70158,15 @@ interface(`corenet_dontaudit_udp_receive_ptal_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ptal_port',`
- corenet_udp_send_ptal_port($1)
- corenet_udp_receive_ptal_port($1)
+interface(`corenet_udp_sendrecv_puppetclient_port',`
+ corenet_udp_send_puppetclient_port($1)
+ corenet_udp_receive_puppetclient_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ptal port.
+## UDP traffic on the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67074,14 +70175,14 @@ interface(`corenet_udp_sendrecv_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
- corenet_dontaudit_udp_send_ptal_port($1)
- corenet_dontaudit_udp_receive_ptal_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_puppetclient_port',`
+ corenet_dontaudit_udp_send_puppetclient_port($1)
+ corenet_dontaudit_udp_receive_puppetclient_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ptal port.
+## Bind TCP sockets to the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67090,18 +70191,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ptal_port',`
+interface(`corenet_tcp_bind_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:tcp_socket name_bind;
+ allow $1 puppetclient_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ptal port.
+## Bind UDP sockets to the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67110,18 +70211,18 @@ interface(`corenet_tcp_bind_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ptal_port',`
+interface(`corenet_udp_bind_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:udp_socket name_bind;
+ allow $1 puppetclient_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ptal port.
+## Make a TCP connection to the puppetclient port.
## </summary>
## <param name="domain">
## <summary>
@@ -67129,18 +70230,18 @@ interface(`corenet_udp_bind_ptal_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ptal_port',`
+interface(`corenet_tcp_connect_puppetclient_port',`
gen_require(`
- type ptal_port_t;
+ type puppetclient_port_t;
')
- allow $1 ptal_port_t:tcp_socket name_connect;
+ allow $1 puppetclient_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ptal_client packets.
+## Send puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67149,17 +70250,17 @@ interface(`corenet_tcp_connect_ptal_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ptal_client_packets',`
+interface(`corenet_send_puppetclient_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type puppetclient_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet send;
+ allow $1 puppetclient_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ptal_client packets.
+## Do not audit attempts to send puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67168,17 +70269,17 @@ interface(`corenet_send_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ptal_client_packets',`
+interface(`corenet_dontaudit_send_puppetclient_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type puppetclient_client_packet_t;
')
- dontaudit $1 ptal_client_packet_t:packet send;
+ dontaudit $1 puppetclient_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ptal_client packets.
+## Receive puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67187,17 +70288,17 @@ interface(`corenet_dontaudit_send_ptal_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ptal_client_packets',`
+interface(`corenet_receive_puppetclient_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type puppetclient_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet recv;
+ allow $1 puppetclient_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ptal_client packets.
+## Do not audit attempts to receive puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67206,17 +70307,17 @@ interface(`corenet_receive_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ptal_client_packets',`
+interface(`corenet_dontaudit_receive_puppetclient_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type puppetclient_client_packet_t;
')
- dontaudit $1 ptal_client_packet_t:packet recv;
+ dontaudit $1 puppetclient_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ptal_client packets.
+## Send and receive puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67225,14 +70326,14 @@ interface(`corenet_dontaudit_receive_ptal_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ptal_client_packets',`
- corenet_send_ptal_client_packets($1)
- corenet_receive_ptal_client_packets($1)
+interface(`corenet_sendrecv_puppetclient_client_packets',`
+ corenet_send_puppetclient_client_packets($1)
+ corenet_receive_puppetclient_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ptal_client packets.
+## Do not audit attempts to send and receive puppetclient_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67241,14 +70342,14 @@ interface(`corenet_sendrecv_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
- corenet_dontaudit_send_ptal_client_packets($1)
- corenet_dontaudit_receive_ptal_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_puppetclient_client_packets',`
+ corenet_dontaudit_send_puppetclient_client_packets($1)
+ corenet_dontaudit_receive_puppetclient_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ptal_client the packet type.
+## Relabel packets to puppetclient_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67256,18 +70357,18 @@ interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ptal_client_packets',`
+interface(`corenet_relabelto_puppetclient_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type puppetclient_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet relabelto;
+ allow $1 puppetclient_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ptal_server packets.
+## Send puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67276,17 +70377,17 @@ interface(`corenet_relabelto_ptal_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ptal_server_packets',`
+interface(`corenet_send_puppetclient_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type puppetclient_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet send;
+ allow $1 puppetclient_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ptal_server packets.
+## Do not audit attempts to send puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67295,17 +70396,17 @@ interface(`corenet_send_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ptal_server_packets',`
+interface(`corenet_dontaudit_send_puppetclient_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type puppetclient_server_packet_t;
')
- dontaudit $1 ptal_server_packet_t:packet send;
+ dontaudit $1 puppetclient_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ptal_server packets.
+## Receive puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67314,17 +70415,17 @@ interface(`corenet_dontaudit_send_ptal_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ptal_server_packets',`
+interface(`corenet_receive_puppetclient_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type puppetclient_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet recv;
+ allow $1 puppetclient_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ptal_server packets.
+## Do not audit attempts to receive puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67333,17 +70434,17 @@ interface(`corenet_receive_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ptal_server_packets',`
+interface(`corenet_dontaudit_receive_puppetclient_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type puppetclient_server_packet_t;
')
- dontaudit $1 ptal_server_packet_t:packet recv;
+ dontaudit $1 puppetclient_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ptal_server packets.
+## Send and receive puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67352,14 +70453,14 @@ interface(`corenet_dontaudit_receive_ptal_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ptal_server_packets',`
- corenet_send_ptal_server_packets($1)
- corenet_receive_ptal_server_packets($1)
+interface(`corenet_sendrecv_puppetclient_server_packets',`
+ corenet_send_puppetclient_server_packets($1)
+ corenet_receive_puppetclient_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ptal_server packets.
+## Do not audit attempts to send and receive puppetclient_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67368,14 +70469,14 @@ interface(`corenet_sendrecv_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
- corenet_dontaudit_send_ptal_server_packets($1)
- corenet_dontaudit_receive_ptal_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_puppetclient_server_packets',`
+ corenet_dontaudit_send_puppetclient_server_packets($1)
+ corenet_dontaudit_receive_puppetclient_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ptal_server the packet type.
+## Relabel packets to puppetclient_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67383,12 +70484,12 @@ interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ptal_server_packets',`
+interface(`corenet_relabelto_puppetclient_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type puppetclient_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet relabelto;
+ allow $1 puppetclient_server_packet_t:packet relabelto;
')
@@ -67396,7 +70497,7 @@ interface(`corenet_relabelto_ptal_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pulseaudio port.
+## Send and receive TCP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67405,17 +70506,17 @@ interface(`corenet_relabelto_ptal_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pulseaudio_port',`
+interface(`corenet_tcp_sendrecv_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pxe_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pulseaudio port.
+## Send UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67424,17 +70525,17 @@ interface(`corenet_tcp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pulseaudio_port',`
+interface(`corenet_udp_send_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket send_msg;
+ allow $1 pxe_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pulseaudio port.
+## Do not audit attempts to send UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67443,17 +70544,17 @@ interface(`corenet_udp_send_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
+interface(`corenet_dontaudit_udp_send_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- dontaudit $1 pulseaudio_port_t:udp_socket send_msg;
+ dontaudit $1 pxe_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pulseaudio port.
+## Receive UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67462,17 +70563,17 @@ interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pulseaudio_port',`
+interface(`corenet_udp_receive_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket recv_msg;
+ allow $1 pxe_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pulseaudio port.
+## Do not audit attempts to receive UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67481,17 +70582,17 @@ interface(`corenet_udp_receive_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
+interface(`corenet_dontaudit_udp_receive_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- dontaudit $1 pulseaudio_port_t:udp_socket recv_msg;
+ dontaudit $1 pxe_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pulseaudio port.
+## Send and receive UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67500,15 +70601,15 @@ interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pulseaudio_port',`
- corenet_udp_send_pulseaudio_port($1)
- corenet_udp_receive_pulseaudio_port($1)
+interface(`corenet_udp_sendrecv_pxe_port',`
+ corenet_udp_send_pxe_port($1)
+ corenet_udp_receive_pxe_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pulseaudio port.
+## UDP traffic on the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67517,14 +70618,14 @@ interface(`corenet_udp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
- corenet_dontaudit_udp_send_pulseaudio_port($1)
- corenet_dontaudit_udp_receive_pulseaudio_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
+ corenet_dontaudit_udp_send_pxe_port($1)
+ corenet_dontaudit_udp_receive_pxe_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pulseaudio port.
+## Bind TCP sockets to the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67533,18 +70634,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pulseaudio_port',`
+interface(`corenet_tcp_bind_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket name_bind;
+ allow $1 pxe_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pulseaudio port.
+## Bind UDP sockets to the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67553,18 +70654,18 @@ interface(`corenet_tcp_bind_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pulseaudio_port',`
+interface(`corenet_udp_bind_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket name_bind;
+ allow $1 pxe_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pulseaudio port.
+## Make a TCP connection to the pxe port.
## </summary>
## <param name="domain">
## <summary>
@@ -67572,18 +70673,18 @@ interface(`corenet_udp_bind_pulseaudio_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pulseaudio_port',`
+interface(`corenet_tcp_connect_pxe_port',`
gen_require(`
- type pulseaudio_port_t;
+ type pxe_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket name_connect;
+ allow $1 pxe_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pulseaudio_client packets.
+## Send pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67592,17 +70693,17 @@ interface(`corenet_tcp_connect_pulseaudio_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pulseaudio_client_packets',`
+interface(`corenet_send_pxe_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type pxe_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet send;
+ allow $1 pxe_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pulseaudio_client packets.
+## Do not audit attempts to send pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67611,17 +70712,17 @@ interface(`corenet_send_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
+interface(`corenet_dontaudit_send_pxe_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type pxe_client_packet_t;
')
- dontaudit $1 pulseaudio_client_packet_t:packet send;
+ dontaudit $1 pxe_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pulseaudio_client packets.
+## Receive pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67630,17 +70731,17 @@ interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pulseaudio_client_packets',`
+interface(`corenet_receive_pxe_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type pxe_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet recv;
+ allow $1 pxe_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pulseaudio_client packets.
+## Do not audit attempts to receive pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67649,17 +70750,17 @@ interface(`corenet_receive_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
+interface(`corenet_dontaudit_receive_pxe_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type pxe_client_packet_t;
')
- dontaudit $1 pulseaudio_client_packet_t:packet recv;
+ dontaudit $1 pxe_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pulseaudio_client packets.
+## Send and receive pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67668,14 +70769,14 @@ interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pulseaudio_client_packets',`
- corenet_send_pulseaudio_client_packets($1)
- corenet_receive_pulseaudio_client_packets($1)
+interface(`corenet_sendrecv_pxe_client_packets',`
+ corenet_send_pxe_client_packets($1)
+ corenet_receive_pxe_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pulseaudio_client packets.
+## Do not audit attempts to send and receive pxe_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67684,14 +70785,14 @@ interface(`corenet_sendrecv_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
- corenet_dontaudit_send_pulseaudio_client_packets($1)
- corenet_dontaudit_receive_pulseaudio_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
+ corenet_dontaudit_send_pxe_client_packets($1)
+ corenet_dontaudit_receive_pxe_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pulseaudio_client the packet type.
+## Relabel packets to pxe_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67699,18 +70800,18 @@ interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pulseaudio_client_packets',`
+interface(`corenet_relabelto_pxe_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type pxe_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet relabelto;
+ allow $1 pxe_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pulseaudio_server packets.
+## Send pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67719,17 +70820,17 @@ interface(`corenet_relabelto_pulseaudio_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pulseaudio_server_packets',`
+interface(`corenet_send_pxe_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type pxe_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet send;
+ allow $1 pxe_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pulseaudio_server packets.
+## Do not audit attempts to send pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67738,17 +70839,17 @@ interface(`corenet_send_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
+interface(`corenet_dontaudit_send_pxe_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type pxe_server_packet_t;
')
- dontaudit $1 pulseaudio_server_packet_t:packet send;
+ dontaudit $1 pxe_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pulseaudio_server packets.
+## Receive pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67757,17 +70858,17 @@ interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pulseaudio_server_packets',`
+interface(`corenet_receive_pxe_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type pxe_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet recv;
+ allow $1 pxe_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pulseaudio_server packets.
+## Do not audit attempts to receive pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67776,17 +70877,17 @@ interface(`corenet_receive_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
+interface(`corenet_dontaudit_receive_pxe_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type pxe_server_packet_t;
')
- dontaudit $1 pulseaudio_server_packet_t:packet recv;
+ dontaudit $1 pxe_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pulseaudio_server packets.
+## Send and receive pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67795,14 +70896,14 @@ interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pulseaudio_server_packets',`
- corenet_send_pulseaudio_server_packets($1)
- corenet_receive_pulseaudio_server_packets($1)
+interface(`corenet_sendrecv_pxe_server_packets',`
+ corenet_send_pxe_server_packets($1)
+ corenet_receive_pxe_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pulseaudio_server packets.
+## Do not audit attempts to send and receive pxe_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67811,14 +70912,14 @@ interface(`corenet_sendrecv_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
- corenet_dontaudit_send_pulseaudio_server_packets($1)
- corenet_dontaudit_receive_pulseaudio_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
+ corenet_dontaudit_send_pxe_server_packets($1)
+ corenet_dontaudit_receive_pxe_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pulseaudio_server the packet type.
+## Relabel packets to pxe_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67826,12 +70927,12 @@ interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pulseaudio_server_packets',`
+interface(`corenet_relabelto_pxe_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type pxe_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet relabelto;
+ allow $1 pxe_server_packet_t:packet relabelto;
')
@@ -67839,7 +70940,7 @@ interface(`corenet_relabelto_pulseaudio_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the puppet port.
+## Send and receive TCP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67848,17 +70949,17 @@ interface(`corenet_relabelto_pulseaudio_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_puppet_port',`
+interface(`corenet_tcp_sendrecv_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 pyzor_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the puppet port.
+## Send UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67867,17 +70968,17 @@ interface(`corenet_tcp_sendrecv_puppet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_puppet_port',`
+interface(`corenet_udp_send_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:udp_socket send_msg;
+ allow $1 pyzor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the puppet port.
+## Do not audit attempts to send UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67886,17 +70987,17 @@ interface(`corenet_udp_send_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_puppet_port',`
+interface(`corenet_dontaudit_udp_send_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- dontaudit $1 puppet_port_t:udp_socket send_msg;
+ dontaudit $1 pyzor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the puppet port.
+## Receive UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67905,17 +71006,17 @@ interface(`corenet_dontaudit_udp_send_puppet_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_puppet_port',`
+interface(`corenet_udp_receive_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:udp_socket recv_msg;
+ allow $1 pyzor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the puppet port.
+## Do not audit attempts to receive UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67924,17 +71025,17 @@ interface(`corenet_udp_receive_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_puppet_port',`
+interface(`corenet_dontaudit_udp_receive_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- dontaudit $1 puppet_port_t:udp_socket recv_msg;
+ dontaudit $1 pyzor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the puppet port.
+## Send and receive UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67943,15 +71044,15 @@ interface(`corenet_dontaudit_udp_receive_puppet_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_puppet_port',`
- corenet_udp_send_puppet_port($1)
- corenet_udp_receive_puppet_port($1)
+interface(`corenet_udp_sendrecv_pyzor_port',`
+ corenet_udp_send_pyzor_port($1)
+ corenet_udp_receive_pyzor_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the puppet port.
+## UDP traffic on the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67960,14 +71061,14 @@ interface(`corenet_udp_sendrecv_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
- corenet_dontaudit_udp_send_puppet_port($1)
- corenet_dontaudit_udp_receive_puppet_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
+ corenet_dontaudit_udp_send_pyzor_port($1)
+ corenet_dontaudit_udp_receive_pyzor_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the puppet port.
+## Bind TCP sockets to the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67976,18 +71077,18 @@ interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_puppet_port',`
+interface(`corenet_tcp_bind_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:tcp_socket name_bind;
+ allow $1 pyzor_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the puppet port.
+## Bind UDP sockets to the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -67996,18 +71097,18 @@ interface(`corenet_tcp_bind_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_puppet_port',`
+interface(`corenet_udp_bind_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:udp_socket name_bind;
+ allow $1 pyzor_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the puppet port.
+## Make a TCP connection to the pyzor port.
## </summary>
## <param name="domain">
## <summary>
@@ -68015,18 +71116,18 @@ interface(`corenet_udp_bind_puppet_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_puppet_port',`
+interface(`corenet_tcp_connect_pyzor_port',`
gen_require(`
- type puppet_port_t;
+ type pyzor_port_t;
')
- allow $1 puppet_port_t:tcp_socket name_connect;
+ allow $1 pyzor_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send puppet_client packets.
+## Send pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68035,17 +71136,17 @@ interface(`corenet_tcp_connect_puppet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppet_client_packets',`
+interface(`corenet_send_pyzor_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type pyzor_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet send;
+ allow $1 pyzor_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppet_client packets.
+## Do not audit attempts to send pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68054,17 +71155,17 @@ interface(`corenet_send_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppet_client_packets',`
+interface(`corenet_dontaudit_send_pyzor_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type pyzor_client_packet_t;
')
- dontaudit $1 puppet_client_packet_t:packet send;
+ dontaudit $1 pyzor_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppet_client packets.
+## Receive pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68073,17 +71174,17 @@ interface(`corenet_dontaudit_send_puppet_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppet_client_packets',`
+interface(`corenet_receive_pyzor_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type pyzor_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet recv;
+ allow $1 pyzor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppet_client packets.
+## Do not audit attempts to receive pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68092,17 +71193,17 @@ interface(`corenet_receive_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppet_client_packets',`
+interface(`corenet_dontaudit_receive_pyzor_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type pyzor_client_packet_t;
')
- dontaudit $1 puppet_client_packet_t:packet recv;
+ dontaudit $1 pyzor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppet_client packets.
+## Send and receive pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68111,14 +71212,14 @@ interface(`corenet_dontaudit_receive_puppet_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppet_client_packets',`
- corenet_send_puppet_client_packets($1)
- corenet_receive_puppet_client_packets($1)
+interface(`corenet_sendrecv_pyzor_client_packets',`
+ corenet_send_pyzor_client_packets($1)
+ corenet_receive_pyzor_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppet_client packets.
+## Do not audit attempts to send and receive pyzor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68127,14 +71228,14 @@ interface(`corenet_sendrecv_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
- corenet_dontaudit_send_puppet_client_packets($1)
- corenet_dontaudit_receive_puppet_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
+ corenet_dontaudit_send_pyzor_client_packets($1)
+ corenet_dontaudit_receive_pyzor_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppet_client the packet type.
+## Relabel packets to pyzor_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68142,18 +71243,18 @@ interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppet_client_packets',`
+interface(`corenet_relabelto_pyzor_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type pyzor_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet relabelto;
+ allow $1 pyzor_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send puppet_server packets.
+## Send pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68162,17 +71263,17 @@ interface(`corenet_relabelto_puppet_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppet_server_packets',`
+interface(`corenet_send_pyzor_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type pyzor_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet send;
+ allow $1 pyzor_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppet_server packets.
+## Do not audit attempts to send pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68181,17 +71282,17 @@ interface(`corenet_send_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppet_server_packets',`
+interface(`corenet_dontaudit_send_pyzor_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type pyzor_server_packet_t;
')
- dontaudit $1 puppet_server_packet_t:packet send;
+ dontaudit $1 pyzor_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppet_server packets.
+## Receive pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68200,17 +71301,17 @@ interface(`corenet_dontaudit_send_puppet_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppet_server_packets',`
+interface(`corenet_receive_pyzor_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type pyzor_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet recv;
+ allow $1 pyzor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppet_server packets.
+## Do not audit attempts to receive pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68219,17 +71320,17 @@ interface(`corenet_receive_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppet_server_packets',`
+interface(`corenet_dontaudit_receive_pyzor_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type pyzor_server_packet_t;
')
- dontaudit $1 puppet_server_packet_t:packet recv;
+ dontaudit $1 pyzor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppet_server packets.
+## Send and receive pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68238,14 +71339,14 @@ interface(`corenet_dontaudit_receive_puppet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppet_server_packets',`
- corenet_send_puppet_server_packets($1)
- corenet_receive_puppet_server_packets($1)
+interface(`corenet_sendrecv_pyzor_server_packets',`
+ corenet_send_pyzor_server_packets($1)
+ corenet_receive_pyzor_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppet_server packets.
+## Do not audit attempts to send and receive pyzor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68254,14 +71355,14 @@ interface(`corenet_sendrecv_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
- corenet_dontaudit_send_puppet_server_packets($1)
- corenet_dontaudit_receive_puppet_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
+ corenet_dontaudit_send_pyzor_server_packets($1)
+ corenet_dontaudit_receive_pyzor_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppet_server the packet type.
+## Relabel packets to pyzor_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68269,12 +71370,12 @@ interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppet_server_packets',`
+interface(`corenet_relabelto_pyzor_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type pyzor_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet relabelto;
+ allow $1 pyzor_server_packet_t:packet relabelto;
')
@@ -68282,7 +71383,7 @@ interface(`corenet_relabelto_puppet_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the puppetclient port.
+## Send and receive TCP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68291,17 +71392,17 @@ interface(`corenet_relabelto_puppet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_puppetclient_port',`
+interface(`corenet_tcp_sendrecv_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 radacct_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the puppetclient port.
+## Send UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68310,17 +71411,17 @@ interface(`corenet_tcp_sendrecv_puppetclient_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_puppetclient_port',`
+interface(`corenet_udp_send_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:udp_socket send_msg;
+ allow $1 radacct_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the puppetclient port.
+## Do not audit attempts to send UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68329,17 +71430,17 @@ interface(`corenet_udp_send_puppetclient_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_puppetclient_port',`
+interface(`corenet_dontaudit_udp_send_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- dontaudit $1 puppetclient_port_t:udp_socket send_msg;
+ dontaudit $1 radacct_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the puppetclient port.
+## Receive UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68348,17 +71449,17 @@ interface(`corenet_dontaudit_udp_send_puppetclient_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_puppetclient_port',`
+interface(`corenet_udp_receive_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:udp_socket recv_msg;
+ allow $1 radacct_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the puppetclient port.
+## Do not audit attempts to receive UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68367,17 +71468,17 @@ interface(`corenet_udp_receive_puppetclient_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_puppetclient_port',`
+interface(`corenet_dontaudit_udp_receive_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- dontaudit $1 puppetclient_port_t:udp_socket recv_msg;
+ dontaudit $1 radacct_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the puppetclient port.
+## Send and receive UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68386,15 +71487,15 @@ interface(`corenet_dontaudit_udp_receive_puppetclient_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_puppetclient_port',`
- corenet_udp_send_puppetclient_port($1)
- corenet_udp_receive_puppetclient_port($1)
+interface(`corenet_udp_sendrecv_radacct_port',`
+ corenet_udp_send_radacct_port($1)
+ corenet_udp_receive_radacct_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the puppetclient port.
+## UDP traffic on the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68403,14 +71504,14 @@ interface(`corenet_udp_sendrecv_puppetclient_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_puppetclient_port',`
- corenet_dontaudit_udp_send_puppetclient_port($1)
- corenet_dontaudit_udp_receive_puppetclient_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
+ corenet_dontaudit_udp_send_radacct_port($1)
+ corenet_dontaudit_udp_receive_radacct_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the puppetclient port.
+## Bind TCP sockets to the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68419,18 +71520,18 @@ interface(`corenet_dontaudit_udp_sendrecv_puppetclient_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_puppetclient_port',`
+interface(`corenet_tcp_bind_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:tcp_socket name_bind;
+ allow $1 radacct_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the puppetclient port.
+## Bind UDP sockets to the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68439,18 +71540,18 @@ interface(`corenet_tcp_bind_puppetclient_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_puppetclient_port',`
+interface(`corenet_udp_bind_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:udp_socket name_bind;
+ allow $1 radacct_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the puppetclient port.
+## Make a TCP connection to the radacct port.
## </summary>
## <param name="domain">
## <summary>
@@ -68458,18 +71559,18 @@ interface(`corenet_udp_bind_puppetclient_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_puppetclient_port',`
+interface(`corenet_tcp_connect_radacct_port',`
gen_require(`
- type puppetclient_port_t;
+ type radacct_port_t;
')
- allow $1 puppetclient_port_t:tcp_socket name_connect;
+ allow $1 radacct_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send puppetclient_client packets.
+## Send radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68478,17 +71579,17 @@ interface(`corenet_tcp_connect_puppetclient_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppetclient_client_packets',`
+interface(`corenet_send_radacct_client_packets',`
gen_require(`
- type puppetclient_client_packet_t;
+ type radacct_client_packet_t;
')
- allow $1 puppetclient_client_packet_t:packet send;
+ allow $1 radacct_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppetclient_client packets.
+## Do not audit attempts to send radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68497,17 +71598,17 @@ interface(`corenet_send_puppetclient_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppetclient_client_packets',`
+interface(`corenet_dontaudit_send_radacct_client_packets',`
gen_require(`
- type puppetclient_client_packet_t;
+ type radacct_client_packet_t;
')
- dontaudit $1 puppetclient_client_packet_t:packet send;
+ dontaudit $1 radacct_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppetclient_client packets.
+## Receive radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68516,17 +71617,17 @@ interface(`corenet_dontaudit_send_puppetclient_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppetclient_client_packets',`
+interface(`corenet_receive_radacct_client_packets',`
gen_require(`
- type puppetclient_client_packet_t;
+ type radacct_client_packet_t;
')
- allow $1 puppetclient_client_packet_t:packet recv;
+ allow $1 radacct_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppetclient_client packets.
+## Do not audit attempts to receive radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68535,17 +71636,17 @@ interface(`corenet_receive_puppetclient_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppetclient_client_packets',`
+interface(`corenet_dontaudit_receive_radacct_client_packets',`
gen_require(`
- type puppetclient_client_packet_t;
+ type radacct_client_packet_t;
')
- dontaudit $1 puppetclient_client_packet_t:packet recv;
+ dontaudit $1 radacct_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppetclient_client packets.
+## Send and receive radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68554,14 +71655,14 @@ interface(`corenet_dontaudit_receive_puppetclient_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppetclient_client_packets',`
- corenet_send_puppetclient_client_packets($1)
- corenet_receive_puppetclient_client_packets($1)
+interface(`corenet_sendrecv_radacct_client_packets',`
+ corenet_send_radacct_client_packets($1)
+ corenet_receive_radacct_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppetclient_client packets.
+## Do not audit attempts to send and receive radacct_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68570,14 +71671,14 @@ interface(`corenet_sendrecv_puppetclient_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppetclient_client_packets',`
- corenet_dontaudit_send_puppetclient_client_packets($1)
- corenet_dontaudit_receive_puppetclient_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
+ corenet_dontaudit_send_radacct_client_packets($1)
+ corenet_dontaudit_receive_radacct_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppetclient_client the packet type.
+## Relabel packets to radacct_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68585,18 +71686,18 @@ interface(`corenet_dontaudit_sendrecv_puppetclient_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppetclient_client_packets',`
+interface(`corenet_relabelto_radacct_client_packets',`
gen_require(`
- type puppetclient_client_packet_t;
+ type radacct_client_packet_t;
')
- allow $1 puppetclient_client_packet_t:packet relabelto;
+ allow $1 radacct_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send puppetclient_server packets.
+## Send radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68605,17 +71706,17 @@ interface(`corenet_relabelto_puppetclient_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppetclient_server_packets',`
+interface(`corenet_send_radacct_server_packets',`
gen_require(`
- type puppetclient_server_packet_t;
+ type radacct_server_packet_t;
')
- allow $1 puppetclient_server_packet_t:packet send;
+ allow $1 radacct_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppetclient_server packets.
+## Do not audit attempts to send radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68624,17 +71725,17 @@ interface(`corenet_send_puppetclient_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppetclient_server_packets',`
+interface(`corenet_dontaudit_send_radacct_server_packets',`
gen_require(`
- type puppetclient_server_packet_t;
+ type radacct_server_packet_t;
')
- dontaudit $1 puppetclient_server_packet_t:packet send;
+ dontaudit $1 radacct_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppetclient_server packets.
+## Receive radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68643,17 +71744,17 @@ interface(`corenet_dontaudit_send_puppetclient_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppetclient_server_packets',`
+interface(`corenet_receive_radacct_server_packets',`
gen_require(`
- type puppetclient_server_packet_t;
+ type radacct_server_packet_t;
')
- allow $1 puppetclient_server_packet_t:packet recv;
+ allow $1 radacct_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppetclient_server packets.
+## Do not audit attempts to receive radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68662,17 +71763,17 @@ interface(`corenet_receive_puppetclient_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppetclient_server_packets',`
+interface(`corenet_dontaudit_receive_radacct_server_packets',`
gen_require(`
- type puppetclient_server_packet_t;
+ type radacct_server_packet_t;
')
- dontaudit $1 puppetclient_server_packet_t:packet recv;
+ dontaudit $1 radacct_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppetclient_server packets.
+## Send and receive radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68681,14 +71782,14 @@ interface(`corenet_dontaudit_receive_puppetclient_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppetclient_server_packets',`
- corenet_send_puppetclient_server_packets($1)
- corenet_receive_puppetclient_server_packets($1)
+interface(`corenet_sendrecv_radacct_server_packets',`
+ corenet_send_radacct_server_packets($1)
+ corenet_receive_radacct_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppetclient_server packets.
+## Do not audit attempts to send and receive radacct_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68697,14 +71798,14 @@ interface(`corenet_sendrecv_puppetclient_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppetclient_server_packets',`
- corenet_dontaudit_send_puppetclient_server_packets($1)
- corenet_dontaudit_receive_puppetclient_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
+ corenet_dontaudit_send_radacct_server_packets($1)
+ corenet_dontaudit_receive_radacct_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppetclient_server the packet type.
+## Relabel packets to radacct_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68712,12 +71813,12 @@ interface(`corenet_dontaudit_sendrecv_puppetclient_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppetclient_server_packets',`
+interface(`corenet_relabelto_radacct_server_packets',`
gen_require(`
- type puppetclient_server_packet_t;
+ type radacct_server_packet_t;
')
- allow $1 puppetclient_server_packet_t:packet relabelto;
+ allow $1 radacct_server_packet_t:packet relabelto;
')
@@ -68725,7 +71826,7 @@ interface(`corenet_relabelto_puppetclient_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pxe port.
+## Send and receive TCP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68734,17 +71835,17 @@ interface(`corenet_relabelto_puppetclient_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pxe_port',`
+interface(`corenet_tcp_sendrecv_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 radius_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pxe port.
+## Send UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68753,17 +71854,17 @@ interface(`corenet_tcp_sendrecv_pxe_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pxe_port',`
+interface(`corenet_udp_send_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:udp_socket send_msg;
+ allow $1 radius_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pxe port.
+## Do not audit attempts to send UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68772,17 +71873,17 @@ interface(`corenet_udp_send_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pxe_port',`
+interface(`corenet_dontaudit_udp_send_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- dontaudit $1 pxe_port_t:udp_socket send_msg;
+ dontaudit $1 radius_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pxe port.
+## Receive UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68791,17 +71892,17 @@ interface(`corenet_dontaudit_udp_send_pxe_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pxe_port',`
+interface(`corenet_udp_receive_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:udp_socket recv_msg;
+ allow $1 radius_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pxe port.
+## Do not audit attempts to receive UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68810,17 +71911,17 @@ interface(`corenet_udp_receive_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pxe_port',`
+interface(`corenet_dontaudit_udp_receive_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- dontaudit $1 pxe_port_t:udp_socket recv_msg;
+ dontaudit $1 radius_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pxe port.
+## Send and receive UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68829,15 +71930,15 @@ interface(`corenet_dontaudit_udp_receive_pxe_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pxe_port',`
- corenet_udp_send_pxe_port($1)
- corenet_udp_receive_pxe_port($1)
+interface(`corenet_udp_sendrecv_radius_port',`
+ corenet_udp_send_radius_port($1)
+ corenet_udp_receive_radius_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pxe port.
+## UDP traffic on the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68846,14 +71947,14 @@ interface(`corenet_udp_sendrecv_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
- corenet_dontaudit_udp_send_pxe_port($1)
- corenet_dontaudit_udp_receive_pxe_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
+ corenet_dontaudit_udp_send_radius_port($1)
+ corenet_dontaudit_udp_receive_radius_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pxe port.
+## Bind TCP sockets to the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68862,18 +71963,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pxe_port',`
+interface(`corenet_tcp_bind_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:tcp_socket name_bind;
+ allow $1 radius_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pxe port.
+## Bind UDP sockets to the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68882,18 +71983,18 @@ interface(`corenet_tcp_bind_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pxe_port',`
+interface(`corenet_udp_bind_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:udp_socket name_bind;
+ allow $1 radius_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pxe port.
+## Make a TCP connection to the radius port.
## </summary>
## <param name="domain">
## <summary>
@@ -68901,18 +72002,18 @@ interface(`corenet_udp_bind_pxe_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pxe_port',`
+interface(`corenet_tcp_connect_radius_port',`
gen_require(`
- type pxe_port_t;
+ type radius_port_t;
')
- allow $1 pxe_port_t:tcp_socket name_connect;
+ allow $1 radius_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pxe_client packets.
+## Send radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68921,17 +72022,17 @@ interface(`corenet_tcp_connect_pxe_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pxe_client_packets',`
+interface(`corenet_send_radius_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type radius_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet send;
+ allow $1 radius_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pxe_client packets.
+## Do not audit attempts to send radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68940,17 +72041,17 @@ interface(`corenet_send_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pxe_client_packets',`
+interface(`corenet_dontaudit_send_radius_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type radius_client_packet_t;
')
- dontaudit $1 pxe_client_packet_t:packet send;
+ dontaudit $1 radius_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pxe_client packets.
+## Receive radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68959,17 +72060,17 @@ interface(`corenet_dontaudit_send_pxe_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pxe_client_packets',`
+interface(`corenet_receive_radius_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type radius_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet recv;
+ allow $1 radius_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pxe_client packets.
+## Do not audit attempts to receive radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68978,17 +72079,17 @@ interface(`corenet_receive_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pxe_client_packets',`
+interface(`corenet_dontaudit_receive_radius_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type radius_client_packet_t;
')
- dontaudit $1 pxe_client_packet_t:packet recv;
+ dontaudit $1 radius_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pxe_client packets.
+## Send and receive radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68997,14 +72098,14 @@ interface(`corenet_dontaudit_receive_pxe_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pxe_client_packets',`
- corenet_send_pxe_client_packets($1)
- corenet_receive_pxe_client_packets($1)
+interface(`corenet_sendrecv_radius_client_packets',`
+ corenet_send_radius_client_packets($1)
+ corenet_receive_radius_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pxe_client packets.
+## Do not audit attempts to send and receive radius_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69013,14 +72114,14 @@ interface(`corenet_sendrecv_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
- corenet_dontaudit_send_pxe_client_packets($1)
- corenet_dontaudit_receive_pxe_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
+ corenet_dontaudit_send_radius_client_packets($1)
+ corenet_dontaudit_receive_radius_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pxe_client the packet type.
+## Relabel packets to radius_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69028,18 +72129,18 @@ interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pxe_client_packets',`
+interface(`corenet_relabelto_radius_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type radius_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet relabelto;
+ allow $1 radius_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pxe_server packets.
+## Send radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69048,17 +72149,17 @@ interface(`corenet_relabelto_pxe_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pxe_server_packets',`
+interface(`corenet_send_radius_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type radius_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet send;
+ allow $1 radius_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pxe_server packets.
+## Do not audit attempts to send radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69067,17 +72168,17 @@ interface(`corenet_send_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pxe_server_packets',`
+interface(`corenet_dontaudit_send_radius_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type radius_server_packet_t;
')
- dontaudit $1 pxe_server_packet_t:packet send;
+ dontaudit $1 radius_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pxe_server packets.
+## Receive radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69086,17 +72187,17 @@ interface(`corenet_dontaudit_send_pxe_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pxe_server_packets',`
+interface(`corenet_receive_radius_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type radius_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet recv;
+ allow $1 radius_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pxe_server packets.
+## Do not audit attempts to receive radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69105,17 +72206,17 @@ interface(`corenet_receive_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pxe_server_packets',`
+interface(`corenet_dontaudit_receive_radius_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type radius_server_packet_t;
')
- dontaudit $1 pxe_server_packet_t:packet recv;
+ dontaudit $1 radius_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pxe_server packets.
+## Send and receive radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69124,14 +72225,14 @@ interface(`corenet_dontaudit_receive_pxe_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pxe_server_packets',`
- corenet_send_pxe_server_packets($1)
- corenet_receive_pxe_server_packets($1)
+interface(`corenet_sendrecv_radius_server_packets',`
+ corenet_send_radius_server_packets($1)
+ corenet_receive_radius_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pxe_server packets.
+## Do not audit attempts to send and receive radius_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69140,14 +72241,14 @@ interface(`corenet_sendrecv_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
- corenet_dontaudit_send_pxe_server_packets($1)
- corenet_dontaudit_receive_pxe_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
+ corenet_dontaudit_send_radius_server_packets($1)
+ corenet_dontaudit_receive_radius_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pxe_server the packet type.
+## Relabel packets to radius_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69155,12 +72256,12 @@ interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pxe_server_packets',`
+interface(`corenet_relabelto_radius_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type radius_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet relabelto;
+ allow $1 radius_server_packet_t:packet relabelto;
')
@@ -69168,7 +72269,7 @@ interface(`corenet_relabelto_pxe_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pyzor port.
+## Send and receive TCP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69177,17 +72278,17 @@ interface(`corenet_relabelto_pxe_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pyzor_port',`
+interface(`corenet_tcp_sendrecv_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 radsec_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pyzor port.
+## Send UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69196,17 +72297,17 @@ interface(`corenet_tcp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pyzor_port',`
+interface(`corenet_udp_send_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:udp_socket send_msg;
+ allow $1 radsec_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pyzor port.
+## Do not audit attempts to send UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69215,17 +72316,17 @@ interface(`corenet_udp_send_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pyzor_port',`
+interface(`corenet_dontaudit_udp_send_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- dontaudit $1 pyzor_port_t:udp_socket send_msg;
+ dontaudit $1 radsec_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pyzor port.
+## Receive UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69234,17 +72335,17 @@ interface(`corenet_dontaudit_udp_send_pyzor_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pyzor_port',`
+interface(`corenet_udp_receive_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:udp_socket recv_msg;
+ allow $1 radsec_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pyzor port.
+## Do not audit attempts to receive UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69253,17 +72354,17 @@ interface(`corenet_udp_receive_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pyzor_port',`
+interface(`corenet_dontaudit_udp_receive_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- dontaudit $1 pyzor_port_t:udp_socket recv_msg;
+ dontaudit $1 radsec_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pyzor port.
+## Send and receive UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69272,15 +72373,15 @@ interface(`corenet_dontaudit_udp_receive_pyzor_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pyzor_port',`
- corenet_udp_send_pyzor_port($1)
- corenet_udp_receive_pyzor_port($1)
+interface(`corenet_udp_sendrecv_radsec_port',`
+ corenet_udp_send_radsec_port($1)
+ corenet_udp_receive_radsec_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pyzor port.
+## UDP traffic on the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69289,14 +72390,14 @@ interface(`corenet_udp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
- corenet_dontaudit_udp_send_pyzor_port($1)
- corenet_dontaudit_udp_receive_pyzor_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
+ corenet_dontaudit_udp_send_radsec_port($1)
+ corenet_dontaudit_udp_receive_radsec_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pyzor port.
+## Bind TCP sockets to the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69305,18 +72406,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pyzor_port',`
+interface(`corenet_tcp_bind_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:tcp_socket name_bind;
+ allow $1 radsec_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pyzor port.
+## Bind UDP sockets to the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69325,18 +72426,18 @@ interface(`corenet_tcp_bind_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pyzor_port',`
+interface(`corenet_udp_bind_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:udp_socket name_bind;
+ allow $1 radsec_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pyzor port.
+## Make a TCP connection to the radsec port.
## </summary>
## <param name="domain">
## <summary>
@@ -69344,18 +72445,18 @@ interface(`corenet_udp_bind_pyzor_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pyzor_port',`
+interface(`corenet_tcp_connect_radsec_port',`
gen_require(`
- type pyzor_port_t;
+ type radsec_port_t;
')
- allow $1 pyzor_port_t:tcp_socket name_connect;
+ allow $1 radsec_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pyzor_client packets.
+## Send radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69364,17 +72465,17 @@ interface(`corenet_tcp_connect_pyzor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pyzor_client_packets',`
+interface(`corenet_send_radsec_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type radsec_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet send;
+ allow $1 radsec_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pyzor_client packets.
+## Do not audit attempts to send radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69383,17 +72484,17 @@ interface(`corenet_send_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pyzor_client_packets',`
+interface(`corenet_dontaudit_send_radsec_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type radsec_client_packet_t;
')
- dontaudit $1 pyzor_client_packet_t:packet send;
+ dontaudit $1 radsec_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pyzor_client packets.
+## Receive radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69402,17 +72503,17 @@ interface(`corenet_dontaudit_send_pyzor_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pyzor_client_packets',`
+interface(`corenet_receive_radsec_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type radsec_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet recv;
+ allow $1 radsec_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pyzor_client packets.
+## Do not audit attempts to receive radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69421,17 +72522,17 @@ interface(`corenet_receive_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pyzor_client_packets',`
+interface(`corenet_dontaudit_receive_radsec_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type radsec_client_packet_t;
')
- dontaudit $1 pyzor_client_packet_t:packet recv;
+ dontaudit $1 radsec_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pyzor_client packets.
+## Send and receive radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69440,14 +72541,14 @@ interface(`corenet_dontaudit_receive_pyzor_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pyzor_client_packets',`
- corenet_send_pyzor_client_packets($1)
- corenet_receive_pyzor_client_packets($1)
+interface(`corenet_sendrecv_radsec_client_packets',`
+ corenet_send_radsec_client_packets($1)
+ corenet_receive_radsec_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pyzor_client packets.
+## Do not audit attempts to send and receive radsec_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69456,14 +72557,14 @@ interface(`corenet_sendrecv_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
- corenet_dontaudit_send_pyzor_client_packets($1)
- corenet_dontaudit_receive_pyzor_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
+ corenet_dontaudit_send_radsec_client_packets($1)
+ corenet_dontaudit_receive_radsec_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pyzor_client the packet type.
+## Relabel packets to radsec_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69471,18 +72572,18 @@ interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pyzor_client_packets',`
+interface(`corenet_relabelto_radsec_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type radsec_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet relabelto;
+ allow $1 radsec_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pyzor_server packets.
+## Send radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69491,17 +72592,17 @@ interface(`corenet_relabelto_pyzor_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pyzor_server_packets',`
+interface(`corenet_send_radsec_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type radsec_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet send;
+ allow $1 radsec_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pyzor_server packets.
+## Do not audit attempts to send radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69510,17 +72611,17 @@ interface(`corenet_send_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pyzor_server_packets',`
+interface(`corenet_dontaudit_send_radsec_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type radsec_server_packet_t;
')
- dontaudit $1 pyzor_server_packet_t:packet send;
+ dontaudit $1 radsec_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pyzor_server packets.
+## Receive radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69529,17 +72630,17 @@ interface(`corenet_dontaudit_send_pyzor_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pyzor_server_packets',`
+interface(`corenet_receive_radsec_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type radsec_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet recv;
+ allow $1 radsec_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pyzor_server packets.
+## Do not audit attempts to receive radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69548,17 +72649,17 @@ interface(`corenet_receive_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pyzor_server_packets',`
+interface(`corenet_dontaudit_receive_radsec_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type radsec_server_packet_t;
')
- dontaudit $1 pyzor_server_packet_t:packet recv;
+ dontaudit $1 radsec_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pyzor_server packets.
+## Send and receive radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69567,14 +72668,14 @@ interface(`corenet_dontaudit_receive_pyzor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pyzor_server_packets',`
- corenet_send_pyzor_server_packets($1)
- corenet_receive_pyzor_server_packets($1)
+interface(`corenet_sendrecv_radsec_server_packets',`
+ corenet_send_radsec_server_packets($1)
+ corenet_receive_radsec_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pyzor_server packets.
+## Do not audit attempts to send and receive radsec_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69583,14 +72684,14 @@ interface(`corenet_sendrecv_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
- corenet_dontaudit_send_pyzor_server_packets($1)
- corenet_dontaudit_receive_pyzor_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
+ corenet_dontaudit_send_radsec_server_packets($1)
+ corenet_dontaudit_receive_radsec_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pyzor_server the packet type.
+## Relabel packets to radsec_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69598,12 +72699,12 @@ interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pyzor_server_packets',`
+interface(`corenet_relabelto_radsec_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type radsec_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet relabelto;
+ allow $1 radsec_server_packet_t:packet relabelto;
')
@@ -69611,7 +72712,7 @@ interface(`corenet_relabelto_pyzor_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radacct port.
+## Send and receive TCP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69620,17 +72721,17 @@ interface(`corenet_relabelto_pyzor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radacct_port',`
+interface(`corenet_tcp_sendrecv_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 razor_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radacct port.
+## Send UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69639,17 +72740,17 @@ interface(`corenet_tcp_sendrecv_radacct_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radacct_port',`
+interface(`corenet_udp_send_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:udp_socket send_msg;
+ allow $1 razor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radacct port.
+## Do not audit attempts to send UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69658,17 +72759,17 @@ interface(`corenet_udp_send_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radacct_port',`
+interface(`corenet_dontaudit_udp_send_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- dontaudit $1 radacct_port_t:udp_socket send_msg;
+ dontaudit $1 razor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radacct port.
+## Receive UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69677,17 +72778,17 @@ interface(`corenet_dontaudit_udp_send_radacct_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radacct_port',`
+interface(`corenet_udp_receive_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:udp_socket recv_msg;
+ allow $1 razor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radacct port.
+## Do not audit attempts to receive UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69696,17 +72797,17 @@ interface(`corenet_udp_receive_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radacct_port',`
+interface(`corenet_dontaudit_udp_receive_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- dontaudit $1 radacct_port_t:udp_socket recv_msg;
+ dontaudit $1 razor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radacct port.
+## Send and receive UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69715,15 +72816,15 @@ interface(`corenet_dontaudit_udp_receive_radacct_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radacct_port',`
- corenet_udp_send_radacct_port($1)
- corenet_udp_receive_radacct_port($1)
+interface(`corenet_udp_sendrecv_razor_port',`
+ corenet_udp_send_razor_port($1)
+ corenet_udp_receive_razor_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radacct port.
+## UDP traffic on the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69732,14 +72833,14 @@ interface(`corenet_udp_sendrecv_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
- corenet_dontaudit_udp_send_radacct_port($1)
- corenet_dontaudit_udp_receive_radacct_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
+ corenet_dontaudit_udp_send_razor_port($1)
+ corenet_dontaudit_udp_receive_razor_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radacct port.
+## Bind TCP sockets to the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69748,18 +72849,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radacct_port',`
+interface(`corenet_tcp_bind_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:tcp_socket name_bind;
+ allow $1 razor_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the radacct port.
+## Bind UDP sockets to the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69768,18 +72869,18 @@ interface(`corenet_tcp_bind_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radacct_port',`
+interface(`corenet_udp_bind_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:udp_socket name_bind;
+ allow $1 razor_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the radacct port.
+## Make a TCP connection to the razor port.
## </summary>
## <param name="domain">
## <summary>
@@ -69787,18 +72888,18 @@ interface(`corenet_udp_bind_radacct_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radacct_port',`
+interface(`corenet_tcp_connect_razor_port',`
gen_require(`
- type radacct_port_t;
+ type razor_port_t;
')
- allow $1 radacct_port_t:tcp_socket name_connect;
+ allow $1 razor_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radacct_client packets.
+## Send razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69807,17 +72908,17 @@ interface(`corenet_tcp_connect_radacct_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radacct_client_packets',`
+interface(`corenet_send_razor_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type razor_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet send;
+ allow $1 razor_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radacct_client packets.
+## Do not audit attempts to send razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69826,17 +72927,17 @@ interface(`corenet_send_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radacct_client_packets',`
+interface(`corenet_dontaudit_send_razor_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type razor_client_packet_t;
')
- dontaudit $1 radacct_client_packet_t:packet send;
+ dontaudit $1 razor_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radacct_client packets.
+## Receive razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69845,17 +72946,17 @@ interface(`corenet_dontaudit_send_radacct_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radacct_client_packets',`
+interface(`corenet_receive_razor_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type razor_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet recv;
+ allow $1 razor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radacct_client packets.
+## Do not audit attempts to receive razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69864,17 +72965,17 @@ interface(`corenet_receive_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radacct_client_packets',`
+interface(`corenet_dontaudit_receive_razor_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type razor_client_packet_t;
')
- dontaudit $1 radacct_client_packet_t:packet recv;
+ dontaudit $1 razor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radacct_client packets.
+## Send and receive razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69883,14 +72984,14 @@ interface(`corenet_dontaudit_receive_radacct_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radacct_client_packets',`
- corenet_send_radacct_client_packets($1)
- corenet_receive_radacct_client_packets($1)
+interface(`corenet_sendrecv_razor_client_packets',`
+ corenet_send_razor_client_packets($1)
+ corenet_receive_razor_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radacct_client packets.
+## Do not audit attempts to send and receive razor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69899,14 +73000,14 @@ interface(`corenet_sendrecv_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
- corenet_dontaudit_send_radacct_client_packets($1)
- corenet_dontaudit_receive_radacct_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
+ corenet_dontaudit_send_razor_client_packets($1)
+ corenet_dontaudit_receive_razor_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radacct_client the packet type.
+## Relabel packets to razor_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69914,18 +73015,18 @@ interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radacct_client_packets',`
+interface(`corenet_relabelto_razor_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type razor_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet relabelto;
+ allow $1 razor_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radacct_server packets.
+## Send razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69934,17 +73035,17 @@ interface(`corenet_relabelto_radacct_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radacct_server_packets',`
+interface(`corenet_send_razor_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type razor_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet send;
+ allow $1 razor_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radacct_server packets.
+## Do not audit attempts to send razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69953,17 +73054,17 @@ interface(`corenet_send_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radacct_server_packets',`
+interface(`corenet_dontaudit_send_razor_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type razor_server_packet_t;
')
- dontaudit $1 radacct_server_packet_t:packet send;
+ dontaudit $1 razor_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radacct_server packets.
+## Receive razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69972,17 +73073,17 @@ interface(`corenet_dontaudit_send_radacct_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radacct_server_packets',`
+interface(`corenet_receive_razor_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type razor_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet recv;
+ allow $1 razor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radacct_server packets.
+## Do not audit attempts to receive razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69991,17 +73092,17 @@ interface(`corenet_receive_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radacct_server_packets',`
+interface(`corenet_dontaudit_receive_razor_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type razor_server_packet_t;
')
- dontaudit $1 radacct_server_packet_t:packet recv;
+ dontaudit $1 razor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radacct_server packets.
+## Send and receive razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70010,14 +73111,14 @@ interface(`corenet_dontaudit_receive_radacct_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radacct_server_packets',`
- corenet_send_radacct_server_packets($1)
- corenet_receive_radacct_server_packets($1)
+interface(`corenet_sendrecv_razor_server_packets',`
+ corenet_send_razor_server_packets($1)
+ corenet_receive_razor_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radacct_server packets.
+## Do not audit attempts to send and receive razor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70026,14 +73127,14 @@ interface(`corenet_sendrecv_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
- corenet_dontaudit_send_radacct_server_packets($1)
- corenet_dontaudit_receive_radacct_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
+ corenet_dontaudit_send_razor_server_packets($1)
+ corenet_dontaudit_receive_razor_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radacct_server the packet type.
+## Relabel packets to razor_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70041,12 +73142,12 @@ interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radacct_server_packets',`
+interface(`corenet_relabelto_razor_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type razor_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet relabelto;
+ allow $1 razor_server_packet_t:packet relabelto;
')
@@ -70054,7 +73155,7 @@ interface(`corenet_relabelto_radacct_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radius port.
+## Send and receive TCP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70063,17 +73164,17 @@ interface(`corenet_relabelto_radacct_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radius_port',`
+interface(`corenet_tcp_sendrecv_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 redis_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radius port.
+## Send UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70082,17 +73183,17 @@ interface(`corenet_tcp_sendrecv_radius_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radius_port',`
+interface(`corenet_udp_send_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:udp_socket send_msg;
+ allow $1 redis_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radius port.
+## Do not audit attempts to send UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70101,17 +73202,17 @@ interface(`corenet_udp_send_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radius_port',`
+interface(`corenet_dontaudit_udp_send_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- dontaudit $1 radius_port_t:udp_socket send_msg;
+ dontaudit $1 redis_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radius port.
+## Receive UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70120,17 +73221,17 @@ interface(`corenet_dontaudit_udp_send_radius_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radius_port',`
+interface(`corenet_udp_receive_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:udp_socket recv_msg;
+ allow $1 redis_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radius port.
+## Do not audit attempts to receive UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70139,17 +73240,17 @@ interface(`corenet_udp_receive_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radius_port',`
+interface(`corenet_dontaudit_udp_receive_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- dontaudit $1 radius_port_t:udp_socket recv_msg;
+ dontaudit $1 redis_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radius port.
+## Send and receive UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70158,15 +73259,15 @@ interface(`corenet_dontaudit_udp_receive_radius_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radius_port',`
- corenet_udp_send_radius_port($1)
- corenet_udp_receive_radius_port($1)
+interface(`corenet_udp_sendrecv_redis_port',`
+ corenet_udp_send_redis_port($1)
+ corenet_udp_receive_redis_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radius port.
+## UDP traffic on the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70175,14 +73276,14 @@ interface(`corenet_udp_sendrecv_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
- corenet_dontaudit_udp_send_radius_port($1)
- corenet_dontaudit_udp_receive_radius_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_redis_port',`
+ corenet_dontaudit_udp_send_redis_port($1)
+ corenet_dontaudit_udp_receive_redis_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radius port.
+## Bind TCP sockets to the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70191,18 +73292,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radius_port',`
+interface(`corenet_tcp_bind_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:tcp_socket name_bind;
+ allow $1 redis_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the radius port.
+## Bind UDP sockets to the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70211,18 +73312,18 @@ interface(`corenet_tcp_bind_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radius_port',`
+interface(`corenet_udp_bind_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:udp_socket name_bind;
+ allow $1 redis_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the radius port.
+## Make a TCP connection to the redis port.
## </summary>
## <param name="domain">
## <summary>
@@ -70230,18 +73331,18 @@ interface(`corenet_udp_bind_radius_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radius_port',`
+interface(`corenet_tcp_connect_redis_port',`
gen_require(`
- type radius_port_t;
+ type redis_port_t;
')
- allow $1 radius_port_t:tcp_socket name_connect;
+ allow $1 redis_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radius_client packets.
+## Send redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70250,17 +73351,17 @@ interface(`corenet_tcp_connect_radius_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radius_client_packets',`
+interface(`corenet_send_redis_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type redis_client_packet_t;
')
- allow $1 radius_client_packet_t:packet send;
+ allow $1 redis_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radius_client packets.
+## Do not audit attempts to send redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70269,17 +73370,17 @@ interface(`corenet_send_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radius_client_packets',`
+interface(`corenet_dontaudit_send_redis_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type redis_client_packet_t;
')
- dontaudit $1 radius_client_packet_t:packet send;
+ dontaudit $1 redis_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radius_client packets.
+## Receive redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70288,17 +73389,17 @@ interface(`corenet_dontaudit_send_radius_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radius_client_packets',`
+interface(`corenet_receive_redis_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type redis_client_packet_t;
')
- allow $1 radius_client_packet_t:packet recv;
+ allow $1 redis_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radius_client packets.
+## Do not audit attempts to receive redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70307,17 +73408,17 @@ interface(`corenet_receive_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radius_client_packets',`
+interface(`corenet_dontaudit_receive_redis_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type redis_client_packet_t;
')
- dontaudit $1 radius_client_packet_t:packet recv;
+ dontaudit $1 redis_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radius_client packets.
+## Send and receive redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70326,14 +73427,14 @@ interface(`corenet_dontaudit_receive_radius_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radius_client_packets',`
- corenet_send_radius_client_packets($1)
- corenet_receive_radius_client_packets($1)
+interface(`corenet_sendrecv_redis_client_packets',`
+ corenet_send_redis_client_packets($1)
+ corenet_receive_redis_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radius_client packets.
+## Do not audit attempts to send and receive redis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70342,14 +73443,14 @@ interface(`corenet_sendrecv_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
- corenet_dontaudit_send_radius_client_packets($1)
- corenet_dontaudit_receive_radius_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_redis_client_packets',`
+ corenet_dontaudit_send_redis_client_packets($1)
+ corenet_dontaudit_receive_redis_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radius_client the packet type.
+## Relabel packets to redis_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70357,18 +73458,18 @@ interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radius_client_packets',`
+interface(`corenet_relabelto_redis_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type redis_client_packet_t;
')
- allow $1 radius_client_packet_t:packet relabelto;
+ allow $1 redis_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radius_server packets.
+## Send redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70377,17 +73478,17 @@ interface(`corenet_relabelto_radius_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radius_server_packets',`
+interface(`corenet_send_redis_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type redis_server_packet_t;
')
- allow $1 radius_server_packet_t:packet send;
+ allow $1 redis_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radius_server packets.
+## Do not audit attempts to send redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70396,17 +73497,17 @@ interface(`corenet_send_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radius_server_packets',`
+interface(`corenet_dontaudit_send_redis_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type redis_server_packet_t;
')
- dontaudit $1 radius_server_packet_t:packet send;
+ dontaudit $1 redis_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radius_server packets.
+## Receive redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70415,17 +73516,17 @@ interface(`corenet_dontaudit_send_radius_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radius_server_packets',`
+interface(`corenet_receive_redis_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type redis_server_packet_t;
')
- allow $1 radius_server_packet_t:packet recv;
+ allow $1 redis_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radius_server packets.
+## Do not audit attempts to receive redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70434,17 +73535,17 @@ interface(`corenet_receive_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radius_server_packets',`
+interface(`corenet_dontaudit_receive_redis_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type redis_server_packet_t;
')
- dontaudit $1 radius_server_packet_t:packet recv;
+ dontaudit $1 redis_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radius_server packets.
+## Send and receive redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70453,14 +73554,14 @@ interface(`corenet_dontaudit_receive_radius_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radius_server_packets',`
- corenet_send_radius_server_packets($1)
- corenet_receive_radius_server_packets($1)
+interface(`corenet_sendrecv_redis_server_packets',`
+ corenet_send_redis_server_packets($1)
+ corenet_receive_redis_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radius_server packets.
+## Do not audit attempts to send and receive redis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70469,14 +73570,14 @@ interface(`corenet_sendrecv_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
- corenet_dontaudit_send_radius_server_packets($1)
- corenet_dontaudit_receive_radius_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_redis_server_packets',`
+ corenet_dontaudit_send_redis_server_packets($1)
+ corenet_dontaudit_receive_redis_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radius_server the packet type.
+## Relabel packets to redis_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70484,12 +73585,12 @@ interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radius_server_packets',`
+interface(`corenet_relabelto_redis_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type redis_server_packet_t;
')
- allow $1 radius_server_packet_t:packet relabelto;
+ allow $1 redis_server_packet_t:packet relabelto;
')
@@ -70497,7 +73598,7 @@ interface(`corenet_relabelto_radius_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radsec port.
+## Send and receive TCP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70506,17 +73607,17 @@ interface(`corenet_relabelto_radius_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radsec_port',`
+interface(`corenet_tcp_sendrecv_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 repository_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radsec port.
+## Send UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70525,17 +73626,17 @@ interface(`corenet_tcp_sendrecv_radsec_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radsec_port',`
+interface(`corenet_udp_send_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:udp_socket send_msg;
+ allow $1 repository_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radsec port.
+## Do not audit attempts to send UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70544,17 +73645,17 @@ interface(`corenet_udp_send_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radsec_port',`
+interface(`corenet_dontaudit_udp_send_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- dontaudit $1 radsec_port_t:udp_socket send_msg;
+ dontaudit $1 repository_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radsec port.
+## Receive UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70563,17 +73664,17 @@ interface(`corenet_dontaudit_udp_send_radsec_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radsec_port',`
+interface(`corenet_udp_receive_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:udp_socket recv_msg;
+ allow $1 repository_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radsec port.
+## Do not audit attempts to receive UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70582,17 +73683,17 @@ interface(`corenet_udp_receive_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radsec_port',`
+interface(`corenet_dontaudit_udp_receive_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- dontaudit $1 radsec_port_t:udp_socket recv_msg;
+ dontaudit $1 repository_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radsec port.
+## Send and receive UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70601,15 +73702,15 @@ interface(`corenet_dontaudit_udp_receive_radsec_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radsec_port',`
- corenet_udp_send_radsec_port($1)
- corenet_udp_receive_radsec_port($1)
+interface(`corenet_udp_sendrecv_repository_port',`
+ corenet_udp_send_repository_port($1)
+ corenet_udp_receive_repository_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radsec port.
+## UDP traffic on the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70618,14 +73719,14 @@ interface(`corenet_udp_sendrecv_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
- corenet_dontaudit_udp_send_radsec_port($1)
- corenet_dontaudit_udp_receive_radsec_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
+ corenet_dontaudit_udp_send_repository_port($1)
+ corenet_dontaudit_udp_receive_repository_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radsec port.
+## Bind TCP sockets to the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70634,18 +73735,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radsec_port',`
+interface(`corenet_tcp_bind_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:tcp_socket name_bind;
+ allow $1 repository_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the radsec port.
+## Bind UDP sockets to the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70654,18 +73755,18 @@ interface(`corenet_tcp_bind_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radsec_port',`
+interface(`corenet_udp_bind_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:udp_socket name_bind;
+ allow $1 repository_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the radsec port.
+## Make a TCP connection to the repository port.
## </summary>
## <param name="domain">
## <summary>
@@ -70673,18 +73774,18 @@ interface(`corenet_udp_bind_radsec_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radsec_port',`
+interface(`corenet_tcp_connect_repository_port',`
gen_require(`
- type radsec_port_t;
+ type repository_port_t;
')
- allow $1 radsec_port_t:tcp_socket name_connect;
+ allow $1 repository_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radsec_client packets.
+## Send repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70693,17 +73794,17 @@ interface(`corenet_tcp_connect_radsec_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radsec_client_packets',`
+interface(`corenet_send_repository_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type repository_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet send;
+ allow $1 repository_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radsec_client packets.
+## Do not audit attempts to send repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70712,17 +73813,17 @@ interface(`corenet_send_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radsec_client_packets',`
+interface(`corenet_dontaudit_send_repository_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type repository_client_packet_t;
')
- dontaudit $1 radsec_client_packet_t:packet send;
+ dontaudit $1 repository_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radsec_client packets.
+## Receive repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70731,17 +73832,17 @@ interface(`corenet_dontaudit_send_radsec_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radsec_client_packets',`
+interface(`corenet_receive_repository_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type repository_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet recv;
+ allow $1 repository_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radsec_client packets.
+## Do not audit attempts to receive repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70750,17 +73851,17 @@ interface(`corenet_receive_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radsec_client_packets',`
+interface(`corenet_dontaudit_receive_repository_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type repository_client_packet_t;
')
- dontaudit $1 radsec_client_packet_t:packet recv;
+ dontaudit $1 repository_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radsec_client packets.
+## Send and receive repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70769,14 +73870,14 @@ interface(`corenet_dontaudit_receive_radsec_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radsec_client_packets',`
- corenet_send_radsec_client_packets($1)
- corenet_receive_radsec_client_packets($1)
+interface(`corenet_sendrecv_repository_client_packets',`
+ corenet_send_repository_client_packets($1)
+ corenet_receive_repository_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radsec_client packets.
+## Do not audit attempts to send and receive repository_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70785,14 +73886,14 @@ interface(`corenet_sendrecv_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
- corenet_dontaudit_send_radsec_client_packets($1)
- corenet_dontaudit_receive_radsec_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
+ corenet_dontaudit_send_repository_client_packets($1)
+ corenet_dontaudit_receive_repository_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radsec_client the packet type.
+## Relabel packets to repository_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70800,18 +73901,18 @@ interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radsec_client_packets',`
+interface(`corenet_relabelto_repository_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type repository_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet relabelto;
+ allow $1 repository_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radsec_server packets.
+## Send repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70820,17 +73921,17 @@ interface(`corenet_relabelto_radsec_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radsec_server_packets',`
+interface(`corenet_send_repository_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type repository_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet send;
+ allow $1 repository_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radsec_server packets.
+## Do not audit attempts to send repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70839,17 +73940,17 @@ interface(`corenet_send_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radsec_server_packets',`
+interface(`corenet_dontaudit_send_repository_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type repository_server_packet_t;
')
- dontaudit $1 radsec_server_packet_t:packet send;
+ dontaudit $1 repository_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radsec_server packets.
+## Receive repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70858,17 +73959,17 @@ interface(`corenet_dontaudit_send_radsec_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radsec_server_packets',`
+interface(`corenet_receive_repository_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type repository_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet recv;
+ allow $1 repository_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radsec_server packets.
+## Do not audit attempts to receive repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70877,17 +73978,17 @@ interface(`corenet_receive_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radsec_server_packets',`
+interface(`corenet_dontaudit_receive_repository_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type repository_server_packet_t;
')
- dontaudit $1 radsec_server_packet_t:packet recv;
+ dontaudit $1 repository_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radsec_server packets.
+## Send and receive repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70896,14 +73997,14 @@ interface(`corenet_dontaudit_receive_radsec_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radsec_server_packets',`
- corenet_send_radsec_server_packets($1)
- corenet_receive_radsec_server_packets($1)
+interface(`corenet_sendrecv_repository_server_packets',`
+ corenet_send_repository_server_packets($1)
+ corenet_receive_repository_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radsec_server packets.
+## Do not audit attempts to send and receive repository_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70912,14 +74013,14 @@ interface(`corenet_sendrecv_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
- corenet_dontaudit_send_radsec_server_packets($1)
- corenet_dontaudit_receive_radsec_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
+ corenet_dontaudit_send_repository_server_packets($1)
+ corenet_dontaudit_receive_repository_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radsec_server the packet type.
+## Relabel packets to repository_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70927,12 +74028,12 @@ interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radsec_server_packets',`
+interface(`corenet_relabelto_repository_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type repository_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet relabelto;
+ allow $1 repository_server_packet_t:packet relabelto;
')
@@ -70940,7 +74041,7 @@ interface(`corenet_relabelto_radsec_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the razor port.
+## Send and receive TCP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -70949,17 +74050,17 @@ interface(`corenet_relabelto_radsec_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_razor_port',`
+interface(`corenet_tcp_sendrecv_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ricci_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the razor port.
+## Send UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -70968,17 +74069,17 @@ interface(`corenet_tcp_sendrecv_razor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_razor_port',`
+interface(`corenet_udp_send_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:udp_socket send_msg;
+ allow $1 ricci_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the razor port.
+## Do not audit attempts to send UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -70987,17 +74088,17 @@ interface(`corenet_udp_send_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_razor_port',`
+interface(`corenet_dontaudit_udp_send_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- dontaudit $1 razor_port_t:udp_socket send_msg;
+ dontaudit $1 ricci_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the razor port.
+## Receive UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71006,17 +74107,17 @@ interface(`corenet_dontaudit_udp_send_razor_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_razor_port',`
+interface(`corenet_udp_receive_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:udp_socket recv_msg;
+ allow $1 ricci_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the razor port.
+## Do not audit attempts to receive UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71025,17 +74126,17 @@ interface(`corenet_udp_receive_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_razor_port',`
+interface(`corenet_dontaudit_udp_receive_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- dontaudit $1 razor_port_t:udp_socket recv_msg;
+ dontaudit $1 ricci_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the razor port.
+## Send and receive UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71044,15 +74145,15 @@ interface(`corenet_dontaudit_udp_receive_razor_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_razor_port',`
- corenet_udp_send_razor_port($1)
- corenet_udp_receive_razor_port($1)
+interface(`corenet_udp_sendrecv_ricci_port',`
+ corenet_udp_send_ricci_port($1)
+ corenet_udp_receive_ricci_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the razor port.
+## UDP traffic on the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71061,14 +74162,14 @@ interface(`corenet_udp_sendrecv_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
- corenet_dontaudit_udp_send_razor_port($1)
- corenet_dontaudit_udp_receive_razor_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
+ corenet_dontaudit_udp_send_ricci_port($1)
+ corenet_dontaudit_udp_receive_ricci_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the razor port.
+## Bind TCP sockets to the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71077,18 +74178,18 @@ interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_razor_port',`
+interface(`corenet_tcp_bind_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:tcp_socket name_bind;
+ allow $1 ricci_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the razor port.
+## Bind UDP sockets to the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71097,18 +74198,18 @@ interface(`corenet_tcp_bind_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_razor_port',`
+interface(`corenet_udp_bind_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:udp_socket name_bind;
+ allow $1 ricci_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the razor port.
+## Make a TCP connection to the ricci port.
## </summary>
## <param name="domain">
## <summary>
@@ -71116,18 +74217,18 @@ interface(`corenet_udp_bind_razor_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_razor_port',`
+interface(`corenet_tcp_connect_ricci_port',`
gen_require(`
- type razor_port_t;
+ type ricci_port_t;
')
- allow $1 razor_port_t:tcp_socket name_connect;
+ allow $1 ricci_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send razor_client packets.
+## Send ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71136,17 +74237,17 @@ interface(`corenet_tcp_connect_razor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_razor_client_packets',`
+interface(`corenet_send_ricci_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type ricci_client_packet_t;
')
- allow $1 razor_client_packet_t:packet send;
+ allow $1 ricci_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send razor_client packets.
+## Do not audit attempts to send ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71155,17 +74256,17 @@ interface(`corenet_send_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_razor_client_packets',`
+interface(`corenet_dontaudit_send_ricci_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type ricci_client_packet_t;
')
- dontaudit $1 razor_client_packet_t:packet send;
+ dontaudit $1 ricci_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive razor_client packets.
+## Receive ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71174,17 +74275,17 @@ interface(`corenet_dontaudit_send_razor_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_razor_client_packets',`
+interface(`corenet_receive_ricci_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type ricci_client_packet_t;
')
- allow $1 razor_client_packet_t:packet recv;
+ allow $1 ricci_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive razor_client packets.
+## Do not audit attempts to receive ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71193,17 +74294,17 @@ interface(`corenet_receive_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_razor_client_packets',`
+interface(`corenet_dontaudit_receive_ricci_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type ricci_client_packet_t;
')
- dontaudit $1 razor_client_packet_t:packet recv;
+ dontaudit $1 ricci_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive razor_client packets.
+## Send and receive ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71212,14 +74313,14 @@ interface(`corenet_dontaudit_receive_razor_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_razor_client_packets',`
- corenet_send_razor_client_packets($1)
- corenet_receive_razor_client_packets($1)
+interface(`corenet_sendrecv_ricci_client_packets',`
+ corenet_send_ricci_client_packets($1)
+ corenet_receive_ricci_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive razor_client packets.
+## Do not audit attempts to send and receive ricci_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71228,14 +74329,14 @@ interface(`corenet_sendrecv_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
- corenet_dontaudit_send_razor_client_packets($1)
- corenet_dontaudit_receive_razor_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
+ corenet_dontaudit_send_ricci_client_packets($1)
+ corenet_dontaudit_receive_ricci_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to razor_client the packet type.
+## Relabel packets to ricci_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71243,18 +74344,18 @@ interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_razor_client_packets',`
+interface(`corenet_relabelto_ricci_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type ricci_client_packet_t;
')
- allow $1 razor_client_packet_t:packet relabelto;
+ allow $1 ricci_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send razor_server packets.
+## Send ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71263,17 +74364,17 @@ interface(`corenet_relabelto_razor_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_razor_server_packets',`
+interface(`corenet_send_ricci_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type ricci_server_packet_t;
')
- allow $1 razor_server_packet_t:packet send;
+ allow $1 ricci_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send razor_server packets.
+## Do not audit attempts to send ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71282,17 +74383,17 @@ interface(`corenet_send_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_razor_server_packets',`
+interface(`corenet_dontaudit_send_ricci_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type ricci_server_packet_t;
')
- dontaudit $1 razor_server_packet_t:packet send;
+ dontaudit $1 ricci_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive razor_server packets.
+## Receive ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71301,17 +74402,17 @@ interface(`corenet_dontaudit_send_razor_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_razor_server_packets',`
+interface(`corenet_receive_ricci_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type ricci_server_packet_t;
')
- allow $1 razor_server_packet_t:packet recv;
+ allow $1 ricci_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive razor_server packets.
+## Do not audit attempts to receive ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71320,17 +74421,17 @@ interface(`corenet_receive_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_razor_server_packets',`
+interface(`corenet_dontaudit_receive_ricci_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type ricci_server_packet_t;
')
- dontaudit $1 razor_server_packet_t:packet recv;
+ dontaudit $1 ricci_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive razor_server packets.
+## Send and receive ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71339,14 +74440,14 @@ interface(`corenet_dontaudit_receive_razor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_razor_server_packets',`
- corenet_send_razor_server_packets($1)
- corenet_receive_razor_server_packets($1)
+interface(`corenet_sendrecv_ricci_server_packets',`
+ corenet_send_ricci_server_packets($1)
+ corenet_receive_ricci_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive razor_server packets.
+## Do not audit attempts to send and receive ricci_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71355,14 +74456,14 @@ interface(`corenet_sendrecv_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
- corenet_dontaudit_send_razor_server_packets($1)
- corenet_dontaudit_receive_razor_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
+ corenet_dontaudit_send_ricci_server_packets($1)
+ corenet_dontaudit_receive_ricci_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to razor_server the packet type.
+## Relabel packets to ricci_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71370,12 +74471,12 @@ interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_razor_server_packets',`
+interface(`corenet_relabelto_ricci_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type ricci_server_packet_t;
')
- allow $1 razor_server_packet_t:packet relabelto;
+ allow $1 ricci_server_packet_t:packet relabelto;
')
@@ -71383,7 +74484,7 @@ interface(`corenet_relabelto_razor_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the redis port.
+## Send and receive TCP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71392,17 +74493,17 @@ interface(`corenet_relabelto_razor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_redis_port',`
+interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ricci_modcluster_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the redis port.
+## Send UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71411,17 +74512,17 @@ interface(`corenet_tcp_sendrecv_redis_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_redis_port',`
+interface(`corenet_udp_send_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:udp_socket send_msg;
+ allow $1 ricci_modcluster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the redis port.
+## Do not audit attempts to send UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71430,17 +74531,17 @@ interface(`corenet_udp_send_redis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_redis_port',`
+interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- dontaudit $1 redis_port_t:udp_socket send_msg;
+ dontaudit $1 ricci_modcluster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the redis port.
+## Receive UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71449,17 +74550,17 @@ interface(`corenet_dontaudit_udp_send_redis_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_redis_port',`
+interface(`corenet_udp_receive_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:udp_socket recv_msg;
+ allow $1 ricci_modcluster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the redis port.
+## Do not audit attempts to receive UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71468,17 +74569,17 @@ interface(`corenet_udp_receive_redis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_redis_port',`
+interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- dontaudit $1 redis_port_t:udp_socket recv_msg;
+ dontaudit $1 ricci_modcluster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the redis port.
+## Send and receive UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71487,15 +74588,15 @@ interface(`corenet_dontaudit_udp_receive_redis_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_redis_port',`
- corenet_udp_send_redis_port($1)
- corenet_udp_receive_redis_port($1)
+interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
+ corenet_udp_send_ricci_modcluster_port($1)
+ corenet_udp_receive_ricci_modcluster_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the redis port.
+## UDP traffic on the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71504,14 +74605,14 @@ interface(`corenet_udp_sendrecv_redis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_redis_port',`
- corenet_dontaudit_udp_send_redis_port($1)
- corenet_dontaudit_udp_receive_redis_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
+ corenet_dontaudit_udp_send_ricci_modcluster_port($1)
+ corenet_dontaudit_udp_receive_ricci_modcluster_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the redis port.
+## Bind TCP sockets to the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71520,18 +74621,18 @@ interface(`corenet_dontaudit_udp_sendrecv_redis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_redis_port',`
+interface(`corenet_tcp_bind_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:tcp_socket name_bind;
+ allow $1 ricci_modcluster_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the redis port.
+## Bind UDP sockets to the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71540,18 +74641,18 @@ interface(`corenet_tcp_bind_redis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_redis_port',`
+interface(`corenet_udp_bind_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:udp_socket name_bind;
+ allow $1 ricci_modcluster_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the redis port.
+## Make a TCP connection to the ricci_modcluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -71559,18 +74660,18 @@ interface(`corenet_udp_bind_redis_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_redis_port',`
+interface(`corenet_tcp_connect_ricci_modcluster_port',`
gen_require(`
- type redis_port_t;
+ type ricci_modcluster_port_t;
')
- allow $1 redis_port_t:tcp_socket name_connect;
+ allow $1 ricci_modcluster_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send redis_client packets.
+## Send ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71579,17 +74680,17 @@ interface(`corenet_tcp_connect_redis_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_redis_client_packets',`
+interface(`corenet_send_ricci_modcluster_client_packets',`
gen_require(`
- type redis_client_packet_t;
+ type ricci_modcluster_client_packet_t;
')
- allow $1 redis_client_packet_t:packet send;
+ allow $1 ricci_modcluster_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send redis_client packets.
+## Do not audit attempts to send ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71598,17 +74699,17 @@ interface(`corenet_send_redis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_redis_client_packets',`
+interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
gen_require(`
- type redis_client_packet_t;
+ type ricci_modcluster_client_packet_t;
')
- dontaudit $1 redis_client_packet_t:packet send;
+ dontaudit $1 ricci_modcluster_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive redis_client packets.
+## Receive ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71617,17 +74718,17 @@ interface(`corenet_dontaudit_send_redis_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_redis_client_packets',`
+interface(`corenet_receive_ricci_modcluster_client_packets',`
gen_require(`
- type redis_client_packet_t;
+ type ricci_modcluster_client_packet_t;
')
- allow $1 redis_client_packet_t:packet recv;
+ allow $1 ricci_modcluster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive redis_client packets.
+## Do not audit attempts to receive ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71636,17 +74737,17 @@ interface(`corenet_receive_redis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_redis_client_packets',`
+interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
gen_require(`
- type redis_client_packet_t;
+ type ricci_modcluster_client_packet_t;
')
- dontaudit $1 redis_client_packet_t:packet recv;
+ dontaudit $1 ricci_modcluster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive redis_client packets.
+## Send and receive ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71655,14 +74756,14 @@ interface(`corenet_dontaudit_receive_redis_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_redis_client_packets',`
- corenet_send_redis_client_packets($1)
- corenet_receive_redis_client_packets($1)
+interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
+ corenet_send_ricci_modcluster_client_packets($1)
+ corenet_receive_ricci_modcluster_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive redis_client packets.
+## Do not audit attempts to send and receive ricci_modcluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71671,14 +74772,14 @@ interface(`corenet_sendrecv_redis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_redis_client_packets',`
- corenet_dontaudit_send_redis_client_packets($1)
- corenet_dontaudit_receive_redis_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
+ corenet_dontaudit_send_ricci_modcluster_client_packets($1)
+ corenet_dontaudit_receive_ricci_modcluster_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to redis_client the packet type.
+## Relabel packets to ricci_modcluster_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71686,18 +74787,18 @@ interface(`corenet_dontaudit_sendrecv_redis_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_redis_client_packets',`
+interface(`corenet_relabelto_ricci_modcluster_client_packets',`
gen_require(`
- type redis_client_packet_t;
+ type ricci_modcluster_client_packet_t;
')
- allow $1 redis_client_packet_t:packet relabelto;
+ allow $1 ricci_modcluster_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send redis_server packets.
+## Send ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71706,17 +74807,17 @@ interface(`corenet_relabelto_redis_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_redis_server_packets',`
+interface(`corenet_send_ricci_modcluster_server_packets',`
gen_require(`
- type redis_server_packet_t;
+ type ricci_modcluster_server_packet_t;
')
- allow $1 redis_server_packet_t:packet send;
+ allow $1 ricci_modcluster_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send redis_server packets.
+## Do not audit attempts to send ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71725,17 +74826,17 @@ interface(`corenet_send_redis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_redis_server_packets',`
+interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
gen_require(`
- type redis_server_packet_t;
+ type ricci_modcluster_server_packet_t;
')
- dontaudit $1 redis_server_packet_t:packet send;
+ dontaudit $1 ricci_modcluster_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive redis_server packets.
+## Receive ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71744,17 +74845,17 @@ interface(`corenet_dontaudit_send_redis_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_redis_server_packets',`
+interface(`corenet_receive_ricci_modcluster_server_packets',`
gen_require(`
- type redis_server_packet_t;
+ type ricci_modcluster_server_packet_t;
')
- allow $1 redis_server_packet_t:packet recv;
+ allow $1 ricci_modcluster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive redis_server packets.
+## Do not audit attempts to receive ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71763,17 +74864,17 @@ interface(`corenet_receive_redis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_redis_server_packets',`
+interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
gen_require(`
- type redis_server_packet_t;
+ type ricci_modcluster_server_packet_t;
')
- dontaudit $1 redis_server_packet_t:packet recv;
+ dontaudit $1 ricci_modcluster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive redis_server packets.
+## Send and receive ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71782,14 +74883,14 @@ interface(`corenet_dontaudit_receive_redis_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_redis_server_packets',`
- corenet_send_redis_server_packets($1)
- corenet_receive_redis_server_packets($1)
+interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
+ corenet_send_ricci_modcluster_server_packets($1)
+ corenet_receive_ricci_modcluster_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive redis_server packets.
+## Do not audit attempts to send and receive ricci_modcluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71798,14 +74899,14 @@ interface(`corenet_sendrecv_redis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_redis_server_packets',`
- corenet_dontaudit_send_redis_server_packets($1)
- corenet_dontaudit_receive_redis_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
+ corenet_dontaudit_send_ricci_modcluster_server_packets($1)
+ corenet_dontaudit_receive_ricci_modcluster_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to redis_server the packet type.
+## Relabel packets to ricci_modcluster_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71813,12 +74914,12 @@ interface(`corenet_dontaudit_sendrecv_redis_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_redis_server_packets',`
+interface(`corenet_relabelto_ricci_modcluster_server_packets',`
gen_require(`
- type redis_server_packet_t;
+ type ricci_modcluster_server_packet_t;
')
- allow $1 redis_server_packet_t:packet relabelto;
+ allow $1 ricci_modcluster_server_packet_t:packet relabelto;
')
@@ -71826,7 +74927,7 @@ interface(`corenet_relabelto_redis_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the repository port.
+## Send and receive TCP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71835,17 +74936,17 @@ interface(`corenet_relabelto_redis_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_repository_port',`
+interface(`corenet_tcp_sendrecv_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rlogind_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the repository port.
+## Send UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71854,17 +74955,17 @@ interface(`corenet_tcp_sendrecv_repository_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_repository_port',`
+interface(`corenet_udp_send_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:udp_socket send_msg;
+ allow $1 rlogind_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the repository port.
+## Do not audit attempts to send UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71873,17 +74974,17 @@ interface(`corenet_udp_send_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_repository_port',`
+interface(`corenet_dontaudit_udp_send_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- dontaudit $1 repository_port_t:udp_socket send_msg;
+ dontaudit $1 rlogind_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the repository port.
+## Receive UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71892,17 +74993,17 @@ interface(`corenet_dontaudit_udp_send_repository_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_repository_port',`
+interface(`corenet_udp_receive_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:udp_socket recv_msg;
+ allow $1 rlogind_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the repository port.
+## Do not audit attempts to receive UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71911,17 +75012,17 @@ interface(`corenet_udp_receive_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_repository_port',`
+interface(`corenet_dontaudit_udp_receive_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- dontaudit $1 repository_port_t:udp_socket recv_msg;
+ dontaudit $1 rlogind_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the repository port.
+## Send and receive UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71930,15 +75031,15 @@ interface(`corenet_dontaudit_udp_receive_repository_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_repository_port',`
- corenet_udp_send_repository_port($1)
- corenet_udp_receive_repository_port($1)
+interface(`corenet_udp_sendrecv_rlogind_port',`
+ corenet_udp_send_rlogind_port($1)
+ corenet_udp_receive_rlogind_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the repository port.
+## UDP traffic on the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71947,14 +75048,14 @@ interface(`corenet_udp_sendrecv_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
- corenet_dontaudit_udp_send_repository_port($1)
- corenet_dontaudit_udp_receive_repository_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
+ corenet_dontaudit_udp_send_rlogind_port($1)
+ corenet_dontaudit_udp_receive_rlogind_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the repository port.
+## Bind TCP sockets to the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71963,18 +75064,18 @@ interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_repository_port',`
+interface(`corenet_tcp_bind_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:tcp_socket name_bind;
-
+ allow $1 rlogind_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the repository port.
+## Bind UDP sockets to the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -71983,18 +75084,18 @@ interface(`corenet_tcp_bind_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_repository_port',`
+interface(`corenet_udp_bind_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:udp_socket name_bind;
-
+ allow $1 rlogind_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the repository port.
+## Make a TCP connection to the rlogind port.
## </summary>
## <param name="domain">
## <summary>
@@ -72002,18 +75103,18 @@ interface(`corenet_udp_bind_repository_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_repository_port',`
+interface(`corenet_tcp_connect_rlogind_port',`
gen_require(`
- type repository_port_t;
+ type rlogind_port_t;
')
- allow $1 repository_port_t:tcp_socket name_connect;
+ allow $1 rlogind_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send repository_client packets.
+## Send rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72022,17 +75123,17 @@ interface(`corenet_tcp_connect_repository_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_repository_client_packets',`
+interface(`corenet_send_rlogind_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type rlogind_client_packet_t;
')
- allow $1 repository_client_packet_t:packet send;
+ allow $1 rlogind_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send repository_client packets.
+## Do not audit attempts to send rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72041,17 +75142,17 @@ interface(`corenet_send_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_repository_client_packets',`
+interface(`corenet_dontaudit_send_rlogind_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type rlogind_client_packet_t;
')
- dontaudit $1 repository_client_packet_t:packet send;
+ dontaudit $1 rlogind_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive repository_client packets.
+## Receive rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72060,17 +75161,17 @@ interface(`corenet_dontaudit_send_repository_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_repository_client_packets',`
+interface(`corenet_receive_rlogind_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type rlogind_client_packet_t;
')
- allow $1 repository_client_packet_t:packet recv;
+ allow $1 rlogind_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive repository_client packets.
+## Do not audit attempts to receive rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72079,17 +75180,17 @@ interface(`corenet_receive_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_repository_client_packets',`
+interface(`corenet_dontaudit_receive_rlogind_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type rlogind_client_packet_t;
')
- dontaudit $1 repository_client_packet_t:packet recv;
+ dontaudit $1 rlogind_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive repository_client packets.
+## Send and receive rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72098,14 +75199,14 @@ interface(`corenet_dontaudit_receive_repository_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_repository_client_packets',`
- corenet_send_repository_client_packets($1)
- corenet_receive_repository_client_packets($1)
+interface(`corenet_sendrecv_rlogind_client_packets',`
+ corenet_send_rlogind_client_packets($1)
+ corenet_receive_rlogind_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive repository_client packets.
+## Do not audit attempts to send and receive rlogind_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72114,14 +75215,14 @@ interface(`corenet_sendrecv_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
- corenet_dontaudit_send_repository_client_packets($1)
- corenet_dontaudit_receive_repository_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
+ corenet_dontaudit_send_rlogind_client_packets($1)
+ corenet_dontaudit_receive_rlogind_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to repository_client the packet type.
+## Relabel packets to rlogind_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72129,18 +75230,18 @@ interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_repository_client_packets',`
+interface(`corenet_relabelto_rlogind_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type rlogind_client_packet_t;
')
- allow $1 repository_client_packet_t:packet relabelto;
+ allow $1 rlogind_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send repository_server packets.
+## Send rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72149,17 +75250,17 @@ interface(`corenet_relabelto_repository_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_repository_server_packets',`
+interface(`corenet_send_rlogind_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type rlogind_server_packet_t;
')
- allow $1 repository_server_packet_t:packet send;
+ allow $1 rlogind_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send repository_server packets.
+## Do not audit attempts to send rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72168,17 +75269,17 @@ interface(`corenet_send_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_repository_server_packets',`
+interface(`corenet_dontaudit_send_rlogind_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type rlogind_server_packet_t;
')
- dontaudit $1 repository_server_packet_t:packet send;
+ dontaudit $1 rlogind_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive repository_server packets.
+## Receive rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72187,17 +75288,17 @@ interface(`corenet_dontaudit_send_repository_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_repository_server_packets',`
+interface(`corenet_receive_rlogind_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type rlogind_server_packet_t;
')
- allow $1 repository_server_packet_t:packet recv;
+ allow $1 rlogind_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive repository_server packets.
+## Do not audit attempts to receive rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72206,17 +75307,17 @@ interface(`corenet_receive_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_repository_server_packets',`
+interface(`corenet_dontaudit_receive_rlogind_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type rlogind_server_packet_t;
')
- dontaudit $1 repository_server_packet_t:packet recv;
+ dontaudit $1 rlogind_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive repository_server packets.
+## Send and receive rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72225,14 +75326,14 @@ interface(`corenet_dontaudit_receive_repository_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_repository_server_packets',`
- corenet_send_repository_server_packets($1)
- corenet_receive_repository_server_packets($1)
+interface(`corenet_sendrecv_rlogind_server_packets',`
+ corenet_send_rlogind_server_packets($1)
+ corenet_receive_rlogind_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive repository_server packets.
+## Do not audit attempts to send and receive rlogind_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72241,14 +75342,14 @@ interface(`corenet_sendrecv_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
- corenet_dontaudit_send_repository_server_packets($1)
- corenet_dontaudit_receive_repository_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
+ corenet_dontaudit_send_rlogind_server_packets($1)
+ corenet_dontaudit_receive_rlogind_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to repository_server the packet type.
+## Relabel packets to rlogind_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72256,12 +75357,12 @@ interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_repository_server_packets',`
+interface(`corenet_relabelto_rlogind_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type rlogind_server_packet_t;
')
- allow $1 repository_server_packet_t:packet relabelto;
+ allow $1 rlogind_server_packet_t:packet relabelto;
')
@@ -72269,7 +75370,7 @@ interface(`corenet_relabelto_repository_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ricci port.
+## Send and receive TCP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72278,17 +75379,17 @@ interface(`corenet_relabelto_repository_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ricci_port',`
+interface(`corenet_tcp_sendrecv_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rndc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ricci port.
+## Send UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72297,17 +75398,17 @@ interface(`corenet_tcp_sendrecv_ricci_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ricci_port',`
+interface(`corenet_udp_send_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:udp_socket send_msg;
+ allow $1 rndc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ricci port.
+## Do not audit attempts to send UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72316,17 +75417,17 @@ interface(`corenet_udp_send_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ricci_port',`
+interface(`corenet_dontaudit_udp_send_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- dontaudit $1 ricci_port_t:udp_socket send_msg;
+ dontaudit $1 rndc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ricci port.
+## Receive UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72335,17 +75436,17 @@ interface(`corenet_dontaudit_udp_send_ricci_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ricci_port',`
+interface(`corenet_udp_receive_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:udp_socket recv_msg;
+ allow $1 rndc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ricci port.
+## Do not audit attempts to receive UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72354,17 +75455,17 @@ interface(`corenet_udp_receive_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ricci_port',`
+interface(`corenet_dontaudit_udp_receive_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- dontaudit $1 ricci_port_t:udp_socket recv_msg;
+ dontaudit $1 rndc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ricci port.
+## Send and receive UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72373,15 +75474,15 @@ interface(`corenet_dontaudit_udp_receive_ricci_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ricci_port',`
- corenet_udp_send_ricci_port($1)
- corenet_udp_receive_ricci_port($1)
+interface(`corenet_udp_sendrecv_rndc_port',`
+ corenet_udp_send_rndc_port($1)
+ corenet_udp_receive_rndc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ricci port.
+## UDP traffic on the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72390,14 +75491,14 @@ interface(`corenet_udp_sendrecv_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
- corenet_dontaudit_udp_send_ricci_port($1)
- corenet_dontaudit_udp_receive_ricci_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
+ corenet_dontaudit_udp_send_rndc_port($1)
+ corenet_dontaudit_udp_receive_rndc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ricci port.
+## Bind TCP sockets to the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72406,18 +75507,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ricci_port',`
+interface(`corenet_tcp_bind_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:tcp_socket name_bind;
-
+ allow $1 rndc_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ricci port.
+## Bind UDP sockets to the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72426,18 +75527,18 @@ interface(`corenet_tcp_bind_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ricci_port',`
+interface(`corenet_udp_bind_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:udp_socket name_bind;
-
+ allow $1 rndc_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ricci port.
+## Make a TCP connection to the rndc port.
## </summary>
## <param name="domain">
## <summary>
@@ -72445,18 +75546,18 @@ interface(`corenet_udp_bind_ricci_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ricci_port',`
+interface(`corenet_tcp_connect_rndc_port',`
gen_require(`
- type ricci_port_t;
+ type rndc_port_t;
')
- allow $1 ricci_port_t:tcp_socket name_connect;
+ allow $1 rndc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ricci_client packets.
+## Send rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72465,17 +75566,17 @@ interface(`corenet_tcp_connect_ricci_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_client_packets',`
+interface(`corenet_send_rndc_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type rndc_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet send;
+ allow $1 rndc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_client packets.
+## Do not audit attempts to send rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72484,17 +75585,17 @@ interface(`corenet_send_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_client_packets',`
+interface(`corenet_dontaudit_send_rndc_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type rndc_client_packet_t;
')
- dontaudit $1 ricci_client_packet_t:packet send;
+ dontaudit $1 rndc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_client packets.
+## Receive rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72503,17 +75604,17 @@ interface(`corenet_dontaudit_send_ricci_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_client_packets',`
+interface(`corenet_receive_rndc_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type rndc_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet recv;
+ allow $1 rndc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_client packets.
+## Do not audit attempts to receive rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72522,17 +75623,17 @@ interface(`corenet_receive_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_client_packets',`
+interface(`corenet_dontaudit_receive_rndc_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type rndc_client_packet_t;
')
- dontaudit $1 ricci_client_packet_t:packet recv;
+ dontaudit $1 rndc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_client packets.
+## Send and receive rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72541,14 +75642,14 @@ interface(`corenet_dontaudit_receive_ricci_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_client_packets',`
- corenet_send_ricci_client_packets($1)
- corenet_receive_ricci_client_packets($1)
+interface(`corenet_sendrecv_rndc_client_packets',`
+ corenet_send_rndc_client_packets($1)
+ corenet_receive_rndc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_client packets.
+## Do not audit attempts to send and receive rndc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72557,14 +75658,14 @@ interface(`corenet_sendrecv_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
- corenet_dontaudit_send_ricci_client_packets($1)
- corenet_dontaudit_receive_ricci_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
+ corenet_dontaudit_send_rndc_client_packets($1)
+ corenet_dontaudit_receive_rndc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_client the packet type.
+## Relabel packets to rndc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72572,18 +75673,18 @@ interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_client_packets',`
+interface(`corenet_relabelto_rndc_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type rndc_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet relabelto;
+ allow $1 rndc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ricci_server packets.
+## Send rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72592,17 +75693,17 @@ interface(`corenet_relabelto_ricci_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_server_packets',`
+interface(`corenet_send_rndc_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type rndc_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet send;
+ allow $1 rndc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_server packets.
+## Do not audit attempts to send rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72611,17 +75712,17 @@ interface(`corenet_send_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_server_packets',`
+interface(`corenet_dontaudit_send_rndc_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type rndc_server_packet_t;
')
- dontaudit $1 ricci_server_packet_t:packet send;
+ dontaudit $1 rndc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_server packets.
+## Receive rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72630,17 +75731,17 @@ interface(`corenet_dontaudit_send_ricci_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_server_packets',`
+interface(`corenet_receive_rndc_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type rndc_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet recv;
+ allow $1 rndc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_server packets.
+## Do not audit attempts to receive rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72649,17 +75750,17 @@ interface(`corenet_receive_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_server_packets',`
+interface(`corenet_dontaudit_receive_rndc_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type rndc_server_packet_t;
')
- dontaudit $1 ricci_server_packet_t:packet recv;
+ dontaudit $1 rndc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_server packets.
+## Send and receive rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72668,14 +75769,14 @@ interface(`corenet_dontaudit_receive_ricci_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_server_packets',`
- corenet_send_ricci_server_packets($1)
- corenet_receive_ricci_server_packets($1)
+interface(`corenet_sendrecv_rndc_server_packets',`
+ corenet_send_rndc_server_packets($1)
+ corenet_receive_rndc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_server packets.
+## Do not audit attempts to send and receive rndc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72684,14 +75785,14 @@ interface(`corenet_sendrecv_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
- corenet_dontaudit_send_ricci_server_packets($1)
- corenet_dontaudit_receive_ricci_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
+ corenet_dontaudit_send_rndc_server_packets($1)
+ corenet_dontaudit_receive_rndc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_server the packet type.
+## Relabel packets to rndc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72699,12 +75800,12 @@ interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_server_packets',`
+interface(`corenet_relabelto_rndc_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type rndc_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet relabelto;
+ allow $1 rndc_server_packet_t:packet relabelto;
')
@@ -72712,7 +75813,7 @@ interface(`corenet_relabelto_ricci_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ricci_modcluster port.
+## Send and receive TCP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72721,17 +75822,17 @@ interface(`corenet_relabelto_ricci_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
+interface(`corenet_tcp_sendrecv_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 router_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ricci_modcluster port.
+## Send UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72740,17 +75841,17 @@ interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ricci_modcluster_port',`
+interface(`corenet_udp_send_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket send_msg;
+ allow $1 router_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ricci_modcluster port.
+## Do not audit attempts to send UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72759,17 +75860,17 @@ interface(`corenet_udp_send_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
+interface(`corenet_dontaudit_udp_send_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- dontaudit $1 ricci_modcluster_port_t:udp_socket send_msg;
+ dontaudit $1 router_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ricci_modcluster port.
+## Receive UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72778,17 +75879,17 @@ interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ricci_modcluster_port',`
+interface(`corenet_udp_receive_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket recv_msg;
+ allow $1 router_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ricci_modcluster port.
+## Do not audit attempts to receive UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72797,17 +75898,17 @@ interface(`corenet_udp_receive_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
+interface(`corenet_dontaudit_udp_receive_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- dontaudit $1 ricci_modcluster_port_t:udp_socket recv_msg;
+ dontaudit $1 router_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ricci_modcluster port.
+## Send and receive UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72816,15 +75917,15 @@ interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
- corenet_udp_send_ricci_modcluster_port($1)
- corenet_udp_receive_ricci_modcluster_port($1)
+interface(`corenet_udp_sendrecv_router_port',`
+ corenet_udp_send_router_port($1)
+ corenet_udp_receive_router_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ricci_modcluster port.
+## UDP traffic on the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72833,14 +75934,14 @@ interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
- corenet_dontaudit_udp_send_ricci_modcluster_port($1)
- corenet_dontaudit_udp_receive_ricci_modcluster_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_router_port',`
+ corenet_dontaudit_udp_send_router_port($1)
+ corenet_dontaudit_udp_receive_router_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ricci_modcluster port.
+## Bind TCP sockets to the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72849,18 +75950,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ricci_modcluster_port',`
+interface(`corenet_tcp_bind_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket name_bind;
-
+ allow $1 router_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ricci_modcluster port.
+## Bind UDP sockets to the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72869,18 +75970,18 @@ interface(`corenet_tcp_bind_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ricci_modcluster_port',`
+interface(`corenet_udp_bind_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket name_bind;
-
+ allow $1 router_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ricci_modcluster port.
+## Make a TCP connection to the router port.
## </summary>
## <param name="domain">
## <summary>
@@ -72888,18 +75989,18 @@ interface(`corenet_udp_bind_ricci_modcluster_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ricci_modcluster_port',`
+interface(`corenet_tcp_connect_router_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type router_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket name_connect;
+ allow $1 router_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ricci_modcluster_client packets.
+## Send router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72908,17 +76009,17 @@ interface(`corenet_tcp_connect_ricci_modcluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_modcluster_client_packets',`
+interface(`corenet_send_router_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type router_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet send;
+ allow $1 router_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_modcluster_client packets.
+## Do not audit attempts to send router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72927,17 +76028,17 @@ interface(`corenet_send_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
+interface(`corenet_dontaudit_send_router_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type router_client_packet_t;
')
- dontaudit $1 ricci_modcluster_client_packet_t:packet send;
+ dontaudit $1 router_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_modcluster_client packets.
+## Receive router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72946,17 +76047,17 @@ interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_modcluster_client_packets',`
+interface(`corenet_receive_router_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type router_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet recv;
+ allow $1 router_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_modcluster_client packets.
+## Do not audit attempts to receive router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72965,17 +76066,17 @@ interface(`corenet_receive_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
+interface(`corenet_dontaudit_receive_router_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type router_client_packet_t;
')
- dontaudit $1 ricci_modcluster_client_packet_t:packet recv;
+ dontaudit $1 router_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_modcluster_client packets.
+## Send and receive router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72984,14 +76085,14 @@ interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
- corenet_send_ricci_modcluster_client_packets($1)
- corenet_receive_ricci_modcluster_client_packets($1)
+interface(`corenet_sendrecv_router_client_packets',`
+ corenet_send_router_client_packets($1)
+ corenet_receive_router_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_modcluster_client packets.
+## Do not audit attempts to send and receive router_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73000,14 +76101,14 @@ interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
- corenet_dontaudit_send_ricci_modcluster_client_packets($1)
- corenet_dontaudit_receive_ricci_modcluster_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_router_client_packets',`
+ corenet_dontaudit_send_router_client_packets($1)
+ corenet_dontaudit_receive_router_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_modcluster_client the packet type.
+## Relabel packets to router_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73015,18 +76116,18 @@ interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_modcluster_client_packets',`
+interface(`corenet_relabelto_router_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type router_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet relabelto;
+ allow $1 router_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ricci_modcluster_server packets.
+## Send router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73035,17 +76136,17 @@ interface(`corenet_relabelto_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_modcluster_server_packets',`
+interface(`corenet_send_router_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type router_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet send;
+ allow $1 router_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_modcluster_server packets.
+## Do not audit attempts to send router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73054,17 +76155,17 @@ interface(`corenet_send_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
+interface(`corenet_dontaudit_send_router_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type router_server_packet_t;
')
- dontaudit $1 ricci_modcluster_server_packet_t:packet send;
+ dontaudit $1 router_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_modcluster_server packets.
+## Receive router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73073,17 +76174,17 @@ interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_modcluster_server_packets',`
+interface(`corenet_receive_router_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type router_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet recv;
+ allow $1 router_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_modcluster_server packets.
+## Do not audit attempts to receive router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73092,17 +76193,17 @@ interface(`corenet_receive_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
+interface(`corenet_dontaudit_receive_router_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type router_server_packet_t;
')
- dontaudit $1 ricci_modcluster_server_packet_t:packet recv;
+ dontaudit $1 router_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_modcluster_server packets.
+## Send and receive router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73111,14 +76212,14 @@ interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
- corenet_send_ricci_modcluster_server_packets($1)
- corenet_receive_ricci_modcluster_server_packets($1)
+interface(`corenet_sendrecv_router_server_packets',`
+ corenet_send_router_server_packets($1)
+ corenet_receive_router_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_modcluster_server packets.
+## Do not audit attempts to send and receive router_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73127,14 +76228,14 @@ interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
- corenet_dontaudit_send_ricci_modcluster_server_packets($1)
- corenet_dontaudit_receive_ricci_modcluster_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_router_server_packets',`
+ corenet_dontaudit_send_router_server_packets($1)
+ corenet_dontaudit_receive_router_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_modcluster_server the packet type.
+## Relabel packets to router_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73142,12 +76243,12 @@ interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_modcluster_server_packets',`
+interface(`corenet_relabelto_router_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type router_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet relabelto;
+ allow $1 router_server_packet_t:packet relabelto;
')
@@ -73155,7 +76256,7 @@ interface(`corenet_relabelto_ricci_modcluster_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rlogind port.
+## Send and receive TCP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73164,17 +76265,17 @@ interface(`corenet_relabelto_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rlogind_port',`
+interface(`corenet_tcp_sendrecv_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rsh_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rlogind port.
+## Send UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73183,17 +76284,17 @@ interface(`corenet_tcp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rlogind_port',`
+interface(`corenet_udp_send_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:udp_socket send_msg;
+ allow $1 rsh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rlogind port.
+## Do not audit attempts to send UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73202,17 +76303,17 @@ interface(`corenet_udp_send_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rlogind_port',`
+interface(`corenet_dontaudit_udp_send_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- dontaudit $1 rlogind_port_t:udp_socket send_msg;
+ dontaudit $1 rsh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rlogind port.
+## Receive UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73221,17 +76322,17 @@ interface(`corenet_dontaudit_udp_send_rlogind_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rlogind_port',`
+interface(`corenet_udp_receive_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:udp_socket recv_msg;
+ allow $1 rsh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rlogind port.
+## Do not audit attempts to receive UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73240,17 +76341,17 @@ interface(`corenet_udp_receive_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rlogind_port',`
+interface(`corenet_dontaudit_udp_receive_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- dontaudit $1 rlogind_port_t:udp_socket recv_msg;
+ dontaudit $1 rsh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rlogind port.
+## Send and receive UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73259,15 +76360,15 @@ interface(`corenet_dontaudit_udp_receive_rlogind_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rlogind_port',`
- corenet_udp_send_rlogind_port($1)
- corenet_udp_receive_rlogind_port($1)
+interface(`corenet_udp_sendrecv_rsh_port',`
+ corenet_udp_send_rsh_port($1)
+ corenet_udp_receive_rsh_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rlogind port.
+## UDP traffic on the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73276,14 +76377,14 @@ interface(`corenet_udp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
- corenet_dontaudit_udp_send_rlogind_port($1)
- corenet_dontaudit_udp_receive_rlogind_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
+ corenet_dontaudit_udp_send_rsh_port($1)
+ corenet_dontaudit_udp_receive_rsh_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rlogind port.
+## Bind TCP sockets to the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73292,18 +76393,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rlogind_port',`
+interface(`corenet_tcp_bind_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:tcp_socket name_bind;
+ allow $1 rsh_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rlogind port.
+## Bind UDP sockets to the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73312,18 +76413,18 @@ interface(`corenet_tcp_bind_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rlogind_port',`
+interface(`corenet_udp_bind_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:udp_socket name_bind;
+ allow $1 rsh_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rlogind port.
+## Make a TCP connection to the rsh port.
## </summary>
## <param name="domain">
## <summary>
@@ -73331,18 +76432,18 @@ interface(`corenet_udp_bind_rlogind_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rlogind_port',`
+interface(`corenet_tcp_connect_rsh_port',`
gen_require(`
- type rlogind_port_t;
+ type rsh_port_t;
')
- allow $1 rlogind_port_t:tcp_socket name_connect;
+ allow $1 rsh_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rlogind_client packets.
+## Send rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73351,17 +76452,17 @@ interface(`corenet_tcp_connect_rlogind_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rlogind_client_packets',`
+interface(`corenet_send_rsh_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type rsh_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet send;
+ allow $1 rsh_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rlogind_client packets.
+## Do not audit attempts to send rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73370,17 +76471,17 @@ interface(`corenet_send_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rlogind_client_packets',`
+interface(`corenet_dontaudit_send_rsh_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type rsh_client_packet_t;
')
- dontaudit $1 rlogind_client_packet_t:packet send;
+ dontaudit $1 rsh_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rlogind_client packets.
+## Receive rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73389,17 +76490,17 @@ interface(`corenet_dontaudit_send_rlogind_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rlogind_client_packets',`
+interface(`corenet_receive_rsh_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type rsh_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet recv;
+ allow $1 rsh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rlogind_client packets.
+## Do not audit attempts to receive rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73408,17 +76509,17 @@ interface(`corenet_receive_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rlogind_client_packets',`
+interface(`corenet_dontaudit_receive_rsh_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type rsh_client_packet_t;
')
- dontaudit $1 rlogind_client_packet_t:packet recv;
+ dontaudit $1 rsh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rlogind_client packets.
+## Send and receive rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73427,14 +76528,14 @@ interface(`corenet_dontaudit_receive_rlogind_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rlogind_client_packets',`
- corenet_send_rlogind_client_packets($1)
- corenet_receive_rlogind_client_packets($1)
+interface(`corenet_sendrecv_rsh_client_packets',`
+ corenet_send_rsh_client_packets($1)
+ corenet_receive_rsh_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rlogind_client packets.
+## Do not audit attempts to send and receive rsh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73443,14 +76544,14 @@ interface(`corenet_sendrecv_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
- corenet_dontaudit_send_rlogind_client_packets($1)
- corenet_dontaudit_receive_rlogind_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
+ corenet_dontaudit_send_rsh_client_packets($1)
+ corenet_dontaudit_receive_rsh_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rlogind_client the packet type.
+## Relabel packets to rsh_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73458,18 +76559,18 @@ interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rlogind_client_packets',`
+interface(`corenet_relabelto_rsh_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type rsh_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet relabelto;
+ allow $1 rsh_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rlogind_server packets.
+## Send rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73478,17 +76579,17 @@ interface(`corenet_relabelto_rlogind_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rlogind_server_packets',`
+interface(`corenet_send_rsh_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type rsh_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet send;
+ allow $1 rsh_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rlogind_server packets.
+## Do not audit attempts to send rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73497,17 +76598,17 @@ interface(`corenet_send_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rlogind_server_packets',`
+interface(`corenet_dontaudit_send_rsh_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type rsh_server_packet_t;
')
- dontaudit $1 rlogind_server_packet_t:packet send;
+ dontaudit $1 rsh_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rlogind_server packets.
+## Receive rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73516,17 +76617,17 @@ interface(`corenet_dontaudit_send_rlogind_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rlogind_server_packets',`
+interface(`corenet_receive_rsh_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type rsh_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet recv;
+ allow $1 rsh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rlogind_server packets.
+## Do not audit attempts to receive rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73535,17 +76636,17 @@ interface(`corenet_receive_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rlogind_server_packets',`
+interface(`corenet_dontaudit_receive_rsh_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type rsh_server_packet_t;
')
- dontaudit $1 rlogind_server_packet_t:packet recv;
+ dontaudit $1 rsh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rlogind_server packets.
+## Send and receive rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73554,14 +76655,14 @@ interface(`corenet_dontaudit_receive_rlogind_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rlogind_server_packets',`
- corenet_send_rlogind_server_packets($1)
- corenet_receive_rlogind_server_packets($1)
+interface(`corenet_sendrecv_rsh_server_packets',`
+ corenet_send_rsh_server_packets($1)
+ corenet_receive_rsh_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rlogind_server packets.
+## Do not audit attempts to send and receive rsh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73570,14 +76671,14 @@ interface(`corenet_sendrecv_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
- corenet_dontaudit_send_rlogind_server_packets($1)
- corenet_dontaudit_receive_rlogind_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
+ corenet_dontaudit_send_rsh_server_packets($1)
+ corenet_dontaudit_receive_rsh_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rlogind_server the packet type.
+## Relabel packets to rsh_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73585,12 +76686,12 @@ interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rlogind_server_packets',`
+interface(`corenet_relabelto_rsh_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type rsh_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet relabelto;
+ allow $1 rsh_server_packet_t:packet relabelto;
')
@@ -73598,7 +76699,7 @@ interface(`corenet_relabelto_rlogind_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rndc port.
+## Send and receive TCP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73607,17 +76708,17 @@ interface(`corenet_relabelto_rlogind_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rndc_port',`
+interface(`corenet_tcp_sendrecv_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rsync_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rndc port.
+## Send UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73626,17 +76727,17 @@ interface(`corenet_tcp_sendrecv_rndc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rndc_port',`
+interface(`corenet_udp_send_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:udp_socket send_msg;
+ allow $1 rsync_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rndc port.
+## Do not audit attempts to send UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73645,17 +76746,17 @@ interface(`corenet_udp_send_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rndc_port',`
+interface(`corenet_dontaudit_udp_send_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- dontaudit $1 rndc_port_t:udp_socket send_msg;
+ dontaudit $1 rsync_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rndc port.
+## Receive UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73664,17 +76765,17 @@ interface(`corenet_dontaudit_udp_send_rndc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rndc_port',`
+interface(`corenet_udp_receive_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:udp_socket recv_msg;
+ allow $1 rsync_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rndc port.
+## Do not audit attempts to receive UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73683,17 +76784,17 @@ interface(`corenet_udp_receive_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rndc_port',`
+interface(`corenet_dontaudit_udp_receive_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- dontaudit $1 rndc_port_t:udp_socket recv_msg;
+ dontaudit $1 rsync_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rndc port.
+## Send and receive UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73702,15 +76803,15 @@ interface(`corenet_dontaudit_udp_receive_rndc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rndc_port',`
- corenet_udp_send_rndc_port($1)
- corenet_udp_receive_rndc_port($1)
+interface(`corenet_udp_sendrecv_rsync_port',`
+ corenet_udp_send_rsync_port($1)
+ corenet_udp_receive_rsync_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rndc port.
+## UDP traffic on the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73719,14 +76820,14 @@ interface(`corenet_udp_sendrecv_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
- corenet_dontaudit_udp_send_rndc_port($1)
- corenet_dontaudit_udp_receive_rndc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
+ corenet_dontaudit_udp_send_rsync_port($1)
+ corenet_dontaudit_udp_receive_rsync_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rndc port.
+## Bind TCP sockets to the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73735,18 +76836,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rndc_port',`
+interface(`corenet_tcp_bind_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:tcp_socket name_bind;
+ allow $1 rsync_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rndc port.
+## Bind UDP sockets to the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73755,18 +76856,18 @@ interface(`corenet_tcp_bind_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rndc_port',`
+interface(`corenet_udp_bind_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:udp_socket name_bind;
+ allow $1 rsync_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rndc port.
+## Make a TCP connection to the rsync port.
## </summary>
## <param name="domain">
## <summary>
@@ -73774,18 +76875,18 @@ interface(`corenet_udp_bind_rndc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rndc_port',`
+interface(`corenet_tcp_connect_rsync_port',`
gen_require(`
- type rndc_port_t;
+ type rsync_port_t;
')
- allow $1 rndc_port_t:tcp_socket name_connect;
+ allow $1 rsync_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rndc_client packets.
+## Send rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73794,17 +76895,17 @@ interface(`corenet_tcp_connect_rndc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rndc_client_packets',`
+interface(`corenet_send_rsync_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type rsync_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet send;
+ allow $1 rsync_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rndc_client packets.
+## Do not audit attempts to send rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73813,17 +76914,17 @@ interface(`corenet_send_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rndc_client_packets',`
+interface(`corenet_dontaudit_send_rsync_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type rsync_client_packet_t;
')
- dontaudit $1 rndc_client_packet_t:packet send;
+ dontaudit $1 rsync_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rndc_client packets.
+## Receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73832,17 +76933,17 @@ interface(`corenet_dontaudit_send_rndc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rndc_client_packets',`
+interface(`corenet_receive_rsync_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type rsync_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet recv;
+ allow $1 rsync_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rndc_client packets.
+## Do not audit attempts to receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73851,17 +76952,17 @@ interface(`corenet_receive_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rndc_client_packets',`
+interface(`corenet_dontaudit_receive_rsync_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type rsync_client_packet_t;
')
- dontaudit $1 rndc_client_packet_t:packet recv;
+ dontaudit $1 rsync_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rndc_client packets.
+## Send and receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73870,14 +76971,14 @@ interface(`corenet_dontaudit_receive_rndc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rndc_client_packets',`
- corenet_send_rndc_client_packets($1)
- corenet_receive_rndc_client_packets($1)
+interface(`corenet_sendrecv_rsync_client_packets',`
+ corenet_send_rsync_client_packets($1)
+ corenet_receive_rsync_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rndc_client packets.
+## Do not audit attempts to send and receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73886,14 +76987,14 @@ interface(`corenet_sendrecv_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
- corenet_dontaudit_send_rndc_client_packets($1)
- corenet_dontaudit_receive_rndc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
+ corenet_dontaudit_send_rsync_client_packets($1)
+ corenet_dontaudit_receive_rsync_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rndc_client the packet type.
+## Relabel packets to rsync_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73901,18 +77002,18 @@ interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rndc_client_packets',`
+interface(`corenet_relabelto_rsync_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type rsync_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet relabelto;
+ allow $1 rsync_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rndc_server packets.
+## Send rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73921,17 +77022,17 @@ interface(`corenet_relabelto_rndc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rndc_server_packets',`
+interface(`corenet_send_rsync_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet send;
+ allow $1 rsync_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rndc_server packets.
+## Do not audit attempts to send rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73940,17 +77041,17 @@ interface(`corenet_send_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rndc_server_packets',`
+interface(`corenet_dontaudit_send_rsync_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type rsync_server_packet_t;
')
- dontaudit $1 rndc_server_packet_t:packet send;
+ dontaudit $1 rsync_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rndc_server packets.
+## Receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73959,17 +77060,17 @@ interface(`corenet_dontaudit_send_rndc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rndc_server_packets',`
+interface(`corenet_receive_rsync_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet recv;
+ allow $1 rsync_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rndc_server packets.
+## Do not audit attempts to receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73978,17 +77079,17 @@ interface(`corenet_receive_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rndc_server_packets',`
+interface(`corenet_dontaudit_receive_rsync_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type rsync_server_packet_t;
')
- dontaudit $1 rndc_server_packet_t:packet recv;
+ dontaudit $1 rsync_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rndc_server packets.
+## Send and receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73997,14 +77098,14 @@ interface(`corenet_dontaudit_receive_rndc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rndc_server_packets',`
- corenet_send_rndc_server_packets($1)
- corenet_receive_rndc_server_packets($1)
+interface(`corenet_sendrecv_rsync_server_packets',`
+ corenet_send_rsync_server_packets($1)
+ corenet_receive_rsync_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rndc_server packets.
+## Do not audit attempts to send and receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74013,14 +77114,14 @@ interface(`corenet_sendrecv_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
- corenet_dontaudit_send_rndc_server_packets($1)
- corenet_dontaudit_receive_rndc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
+ corenet_dontaudit_send_rsync_server_packets($1)
+ corenet_dontaudit_receive_rsync_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rndc_server the packet type.
+## Relabel packets to rsync_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -74028,12 +77129,12 @@ interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rndc_server_packets',`
+interface(`corenet_relabelto_rsync_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet relabelto;
+ allow $1 rsync_server_packet_t:packet relabelto;
')
@@ -74041,7 +77142,7 @@ interface(`corenet_relabelto_rndc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the router port.
+## Send and receive TCP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74050,17 +77151,17 @@ interface(`corenet_relabelto_rndc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_router_port',`
+interface(`corenet_tcp_sendrecv_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rtorrent_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the router port.
+## Send UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74069,17 +77170,17 @@ interface(`corenet_tcp_sendrecv_router_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_router_port',`
+interface(`corenet_udp_send_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:udp_socket send_msg;
+ allow $1 rtorrent_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the router port.
+## Do not audit attempts to send UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74088,17 +77189,17 @@ interface(`corenet_udp_send_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_router_port',`
+interface(`corenet_dontaudit_udp_send_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- dontaudit $1 router_port_t:udp_socket send_msg;
+ dontaudit $1 rtorrent_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the router port.
+## Receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74107,17 +77208,17 @@ interface(`corenet_dontaudit_udp_send_router_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_router_port',`
+interface(`corenet_udp_receive_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:udp_socket recv_msg;
+ allow $1 rtorrent_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the router port.
+## Do not audit attempts to receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74126,17 +77227,17 @@ interface(`corenet_udp_receive_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_router_port',`
+interface(`corenet_dontaudit_udp_receive_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- dontaudit $1 router_port_t:udp_socket recv_msg;
+ dontaudit $1 rtorrent_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the router port.
+## Send and receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74145,15 +77246,15 @@ interface(`corenet_dontaudit_udp_receive_router_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_router_port',`
- corenet_udp_send_router_port($1)
- corenet_udp_receive_router_port($1)
+interface(`corenet_udp_sendrecv_rtorrent_port',`
+ corenet_udp_send_rtorrent_port($1)
+ corenet_udp_receive_rtorrent_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the router port.
+## UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74162,14 +77263,14 @@ interface(`corenet_udp_sendrecv_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_router_port',`
- corenet_dontaudit_udp_send_router_port($1)
- corenet_dontaudit_udp_receive_router_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rtorrent_port',`
+ corenet_dontaudit_udp_send_rtorrent_port($1)
+ corenet_dontaudit_udp_receive_rtorrent_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the router port.
+## Bind TCP sockets to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74178,18 +77279,18 @@ interface(`corenet_dontaudit_udp_sendrecv_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_router_port',`
+interface(`corenet_tcp_bind_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 rtorrent_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the router port.
+## Bind UDP sockets to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74198,18 +77299,18 @@ interface(`corenet_tcp_bind_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_router_port',`
+interface(`corenet_udp_bind_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 rtorrent_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the router port.
+## Make a TCP connection to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -74217,18 +77318,18 @@ interface(`corenet_udp_bind_router_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_router_port',`
+interface(`corenet_tcp_connect_rtorrent_port',`
gen_require(`
- type router_port_t;
+ type rtorrent_port_t;
')
- allow $1 router_port_t:tcp_socket name_connect;
+ allow $1 rtorrent_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send router_client packets.
+## Send rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74237,17 +77338,17 @@ interface(`corenet_tcp_connect_router_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_router_client_packets',`
+interface(`corenet_send_rtorrent_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 router_client_packet_t:packet send;
+ allow $1 rtorrent_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send router_client packets.
+## Do not audit attempts to send rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74256,17 +77357,17 @@ interface(`corenet_send_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_router_client_packets',`
+interface(`corenet_dontaudit_send_rtorrent_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type rtorrent_client_packet_t;
')
- dontaudit $1 router_client_packet_t:packet send;
+ dontaudit $1 rtorrent_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive router_client packets.
+## Receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74275,17 +77376,17 @@ interface(`corenet_dontaudit_send_router_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_router_client_packets',`
+interface(`corenet_receive_rtorrent_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 router_client_packet_t:packet recv;
+ allow $1 rtorrent_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive router_client packets.
+## Do not audit attempts to receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74294,17 +77395,17 @@ interface(`corenet_receive_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_router_client_packets',`
+interface(`corenet_dontaudit_receive_rtorrent_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type rtorrent_client_packet_t;
')
- dontaudit $1 router_client_packet_t:packet recv;
+ dontaudit $1 rtorrent_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive router_client packets.
+## Send and receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74313,14 +77414,14 @@ interface(`corenet_dontaudit_receive_router_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_router_client_packets',`
- corenet_send_router_client_packets($1)
- corenet_receive_router_client_packets($1)
+interface(`corenet_sendrecv_rtorrent_client_packets',`
+ corenet_send_rtorrent_client_packets($1)
+ corenet_receive_rtorrent_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive router_client packets.
+## Do not audit attempts to send and receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74329,14 +77430,14 @@ interface(`corenet_sendrecv_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_router_client_packets',`
- corenet_dontaudit_send_router_client_packets($1)
- corenet_dontaudit_receive_router_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtorrent_client_packets',`
+ corenet_dontaudit_send_rtorrent_client_packets($1)
+ corenet_dontaudit_receive_rtorrent_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to router_client the packet type.
+## Relabel packets to rtorrent_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -74344,18 +77445,18 @@ interface(`corenet_dontaudit_sendrecv_router_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_router_client_packets',`
+interface(`corenet_relabelto_rtorrent_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 router_client_packet_t:packet relabelto;
+ allow $1 rtorrent_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send router_server packets.
+## Send rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74364,17 +77465,17 @@ interface(`corenet_relabelto_router_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_router_server_packets',`
+interface(`corenet_send_rtorrent_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 router_server_packet_t:packet send;
+ allow $1 rtorrent_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send router_server packets.
+## Do not audit attempts to send rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74383,17 +77484,17 @@ interface(`corenet_send_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_router_server_packets',`
+interface(`corenet_dontaudit_send_rtorrent_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type rtorrent_server_packet_t;
')
- dontaudit $1 router_server_packet_t:packet send;
+ dontaudit $1 rtorrent_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive router_server packets.
+## Receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74402,17 +77503,17 @@ interface(`corenet_dontaudit_send_router_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_router_server_packets',`
+interface(`corenet_receive_rtorrent_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 router_server_packet_t:packet recv;
+ allow $1 rtorrent_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive router_server packets.
+## Do not audit attempts to receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74421,17 +77522,17 @@ interface(`corenet_receive_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_router_server_packets',`
+interface(`corenet_dontaudit_receive_rtorrent_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type rtorrent_server_packet_t;
')
- dontaudit $1 router_server_packet_t:packet recv;
+ dontaudit $1 rtorrent_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive router_server packets.
+## Send and receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74440,14 +77541,14 @@ interface(`corenet_dontaudit_receive_router_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_router_server_packets',`
- corenet_send_router_server_packets($1)
- corenet_receive_router_server_packets($1)
+interface(`corenet_sendrecv_rtorrent_server_packets',`
+ corenet_send_rtorrent_server_packets($1)
+ corenet_receive_rtorrent_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive router_server packets.
+## Do not audit attempts to send and receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74456,14 +77557,14 @@ interface(`corenet_sendrecv_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_router_server_packets',`
- corenet_dontaudit_send_router_server_packets($1)
- corenet_dontaudit_receive_router_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtorrent_server_packets',`
+ corenet_dontaudit_send_rtorrent_server_packets($1)
+ corenet_dontaudit_receive_rtorrent_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to router_server the packet type.
+## Relabel packets to rtorrent_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -74471,12 +77572,12 @@ interface(`corenet_dontaudit_sendrecv_router_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_router_server_packets',`
+interface(`corenet_relabelto_rtorrent_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 router_server_packet_t:packet relabelto;
+ allow $1 rtorrent_server_packet_t:packet relabelto;
')
@@ -74484,7 +77585,7 @@ interface(`corenet_relabelto_router_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rsh port.
+## Send and receive TCP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74493,17 +77594,17 @@ interface(`corenet_relabelto_router_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rsh_port',`
+interface(`corenet_tcp_sendrecv_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rtsp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rsh port.
+## Send UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74512,17 +77613,17 @@ interface(`corenet_tcp_sendrecv_rsh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rsh_port',`
+interface(`corenet_udp_send_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:udp_socket send_msg;
+ allow $1 rtsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rsh port.
+## Do not audit attempts to send UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74531,17 +77632,17 @@ interface(`corenet_udp_send_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rsh_port',`
+interface(`corenet_dontaudit_udp_send_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- dontaudit $1 rsh_port_t:udp_socket send_msg;
+ dontaudit $1 rtsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rsh port.
+## Receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74550,17 +77651,17 @@ interface(`corenet_dontaudit_udp_send_rsh_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rsh_port',`
+interface(`corenet_udp_receive_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:udp_socket recv_msg;
+ allow $1 rtsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rsh port.
+## Do not audit attempts to receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74569,17 +77670,17 @@ interface(`corenet_udp_receive_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rsh_port',`
+interface(`corenet_dontaudit_udp_receive_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- dontaudit $1 rsh_port_t:udp_socket recv_msg;
+ dontaudit $1 rtsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rsh port.
+## Send and receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74588,15 +77689,15 @@ interface(`corenet_dontaudit_udp_receive_rsh_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rsh_port',`
- corenet_udp_send_rsh_port($1)
- corenet_udp_receive_rsh_port($1)
+interface(`corenet_udp_sendrecv_rtsp_port',`
+ corenet_udp_send_rtsp_port($1)
+ corenet_udp_receive_rtsp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rsh port.
+## UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74605,14 +77706,14 @@ interface(`corenet_udp_sendrecv_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
- corenet_dontaudit_udp_send_rsh_port($1)
- corenet_dontaudit_udp_receive_rsh_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rtsp_port',`
+ corenet_dontaudit_udp_send_rtsp_port($1)
+ corenet_dontaudit_udp_receive_rtsp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rsh port.
+## Bind TCP sockets to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74621,18 +77722,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rsh_port',`
+interface(`corenet_tcp_bind_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:tcp_socket name_bind;
+ allow $1 rtsp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rsh port.
+## Bind UDP sockets to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74641,18 +77742,18 @@ interface(`corenet_tcp_bind_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rsh_port',`
+interface(`corenet_udp_bind_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:udp_socket name_bind;
+ allow $1 rtsp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rsh port.
+## Make a TCP connection to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -74660,18 +77761,18 @@ interface(`corenet_udp_bind_rsh_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rsh_port',`
+interface(`corenet_tcp_connect_rtsp_port',`
gen_require(`
- type rsh_port_t;
+ type rtsp_port_t;
')
- allow $1 rsh_port_t:tcp_socket name_connect;
+ allow $1 rtsp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rsh_client packets.
+## Send rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74680,17 +77781,17 @@ interface(`corenet_tcp_connect_rsh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsh_client_packets',`
+interface(`corenet_send_rtsp_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet send;
+ allow $1 rtsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsh_client packets.
+## Do not audit attempts to send rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74699,17 +77800,17 @@ interface(`corenet_send_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsh_client_packets',`
+interface(`corenet_dontaudit_send_rtsp_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type rtsp_client_packet_t;
')
- dontaudit $1 rsh_client_packet_t:packet send;
+ dontaudit $1 rtsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsh_client packets.
+## Receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74718,17 +77819,17 @@ interface(`corenet_dontaudit_send_rsh_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsh_client_packets',`
+interface(`corenet_receive_rtsp_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet recv;
+ allow $1 rtsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsh_client packets.
+## Do not audit attempts to receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74737,17 +77838,17 @@ interface(`corenet_receive_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsh_client_packets',`
+interface(`corenet_dontaudit_receive_rtsp_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type rtsp_client_packet_t;
')
- dontaudit $1 rsh_client_packet_t:packet recv;
+ dontaudit $1 rtsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsh_client packets.
+## Send and receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74756,14 +77857,14 @@ interface(`corenet_dontaudit_receive_rsh_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsh_client_packets',`
- corenet_send_rsh_client_packets($1)
- corenet_receive_rsh_client_packets($1)
+interface(`corenet_sendrecv_rtsp_client_packets',`
+ corenet_send_rtsp_client_packets($1)
+ corenet_receive_rtsp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsh_client packets.
+## Do not audit attempts to send and receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74772,14 +77873,14 @@ interface(`corenet_sendrecv_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
- corenet_dontaudit_send_rsh_client_packets($1)
- corenet_dontaudit_receive_rsh_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtsp_client_packets',`
+ corenet_dontaudit_send_rtsp_client_packets($1)
+ corenet_dontaudit_receive_rtsp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsh_client the packet type.
+## Relabel packets to rtsp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -74787,18 +77888,18 @@ interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsh_client_packets',`
+interface(`corenet_relabelto_rtsp_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet relabelto;
+ allow $1 rtsp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rsh_server packets.
+## Send rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74807,17 +77908,17 @@ interface(`corenet_relabelto_rsh_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsh_server_packets',`
+interface(`corenet_send_rtsp_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet send;
+ allow $1 rtsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsh_server packets.
+## Do not audit attempts to send rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74826,17 +77927,17 @@ interface(`corenet_send_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsh_server_packets',`
+interface(`corenet_dontaudit_send_rtsp_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type rtsp_server_packet_t;
')
- dontaudit $1 rsh_server_packet_t:packet send;
+ dontaudit $1 rtsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsh_server packets.
+## Receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74845,17 +77946,17 @@ interface(`corenet_dontaudit_send_rsh_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsh_server_packets',`
+interface(`corenet_receive_rtsp_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet recv;
+ allow $1 rtsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsh_server packets.
+## Do not audit attempts to receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74864,17 +77965,17 @@ interface(`corenet_receive_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsh_server_packets',`
+interface(`corenet_dontaudit_receive_rtsp_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type rtsp_server_packet_t;
')
- dontaudit $1 rsh_server_packet_t:packet recv;
+ dontaudit $1 rtsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsh_server packets.
+## Send and receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74883,14 +77984,14 @@ interface(`corenet_dontaudit_receive_rsh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsh_server_packets',`
- corenet_send_rsh_server_packets($1)
- corenet_receive_rsh_server_packets($1)
+interface(`corenet_sendrecv_rtsp_server_packets',`
+ corenet_send_rtsp_server_packets($1)
+ corenet_receive_rtsp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsh_server packets.
+## Do not audit attempts to send and receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -74899,14 +78000,14 @@ interface(`corenet_sendrecv_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
- corenet_dontaudit_send_rsh_server_packets($1)
- corenet_dontaudit_receive_rsh_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtsp_server_packets',`
+ corenet_dontaudit_send_rtsp_server_packets($1)
+ corenet_dontaudit_receive_rtsp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsh_server the packet type.
+## Relabel packets to rtsp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -74914,12 +78015,12 @@ interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsh_server_packets',`
+interface(`corenet_relabelto_rtsp_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet relabelto;
+ allow $1 rtsp_server_packet_t:packet relabelto;
')
@@ -74927,7 +78028,7 @@ interface(`corenet_relabelto_rsh_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rsync port.
+## Send and receive TCP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -74936,17 +78037,17 @@ interface(`corenet_relabelto_rsh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rsync_port',`
+interface(`corenet_tcp_sendrecv_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rwho_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rsync port.
+## Send UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -74955,17 +78056,17 @@ interface(`corenet_tcp_sendrecv_rsync_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rsync_port',`
+interface(`corenet_udp_send_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:udp_socket send_msg;
+ allow $1 rwho_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rsync port.
+## Do not audit attempts to send UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -74974,17 +78075,17 @@ interface(`corenet_udp_send_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rsync_port',`
+interface(`corenet_dontaudit_udp_send_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- dontaudit $1 rsync_port_t:udp_socket send_msg;
+ dontaudit $1 rwho_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rsync port.
+## Receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -74993,17 +78094,17 @@ interface(`corenet_dontaudit_udp_send_rsync_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rsync_port',`
+interface(`corenet_udp_receive_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:udp_socket recv_msg;
+ allow $1 rwho_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rsync port.
+## Do not audit attempts to receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75012,17 +78113,17 @@ interface(`corenet_udp_receive_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rsync_port',`
+interface(`corenet_dontaudit_udp_receive_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- dontaudit $1 rsync_port_t:udp_socket recv_msg;
+ dontaudit $1 rwho_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rsync port.
+## Send and receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75031,15 +78132,15 @@ interface(`corenet_dontaudit_udp_receive_rsync_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rsync_port',`
- corenet_udp_send_rsync_port($1)
- corenet_udp_receive_rsync_port($1)
+interface(`corenet_udp_sendrecv_rwho_port',`
+ corenet_udp_send_rwho_port($1)
+ corenet_udp_receive_rwho_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rsync port.
+## UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75048,14 +78149,14 @@ interface(`corenet_udp_sendrecv_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
- corenet_dontaudit_udp_send_rsync_port($1)
- corenet_dontaudit_udp_receive_rsync_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
+ corenet_dontaudit_udp_send_rwho_port($1)
+ corenet_dontaudit_udp_receive_rwho_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rsync port.
+## Bind TCP sockets to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75064,18 +78165,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rsync_port',`
+interface(`corenet_tcp_bind_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:tcp_socket name_bind;
+ allow $1 rwho_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rsync port.
+## Bind UDP sockets to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75084,18 +78185,18 @@ interface(`corenet_tcp_bind_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rsync_port',`
+interface(`corenet_udp_bind_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:udp_socket name_bind;
+ allow $1 rwho_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rsync port.
+## Make a TCP connection to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -75103,18 +78204,18 @@ interface(`corenet_udp_bind_rsync_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rsync_port',`
+interface(`corenet_tcp_connect_rwho_port',`
gen_require(`
- type rsync_port_t;
+ type rwho_port_t;
')
- allow $1 rsync_port_t:tcp_socket name_connect;
+ allow $1 rwho_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rsync_client packets.
+## Send rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75123,17 +78224,17 @@ interface(`corenet_tcp_connect_rsync_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsync_client_packets',`
+interface(`corenet_send_rwho_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet send;
+ allow $1 rwho_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsync_client packets.
+## Do not audit attempts to send rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75142,17 +78243,17 @@ interface(`corenet_send_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsync_client_packets',`
+interface(`corenet_dontaudit_send_rwho_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type rwho_client_packet_t;
')
- dontaudit $1 rsync_client_packet_t:packet send;
+ dontaudit $1 rwho_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsync_client packets.
+## Receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75161,17 +78262,17 @@ interface(`corenet_dontaudit_send_rsync_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsync_client_packets',`
+interface(`corenet_receive_rwho_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet recv;
+ allow $1 rwho_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsync_client packets.
+## Do not audit attempts to receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75180,17 +78281,17 @@ interface(`corenet_receive_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsync_client_packets',`
+interface(`corenet_dontaudit_receive_rwho_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type rwho_client_packet_t;
')
- dontaudit $1 rsync_client_packet_t:packet recv;
+ dontaudit $1 rwho_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsync_client packets.
+## Send and receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75199,14 +78300,14 @@ interface(`corenet_dontaudit_receive_rsync_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsync_client_packets',`
- corenet_send_rsync_client_packets($1)
- corenet_receive_rsync_client_packets($1)
+interface(`corenet_sendrecv_rwho_client_packets',`
+ corenet_send_rwho_client_packets($1)
+ corenet_receive_rwho_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsync_client packets.
+## Do not audit attempts to send and receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75215,14 +78316,14 @@ interface(`corenet_sendrecv_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
- corenet_dontaudit_send_rsync_client_packets($1)
- corenet_dontaudit_receive_rsync_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
+ corenet_dontaudit_send_rwho_client_packets($1)
+ corenet_dontaudit_receive_rwho_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsync_client the packet type.
+## Relabel packets to rwho_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -75230,18 +78331,18 @@ interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsync_client_packets',`
+interface(`corenet_relabelto_rwho_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet relabelto;
+ allow $1 rwho_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rsync_server packets.
+## Send rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75250,17 +78351,17 @@ interface(`corenet_relabelto_rsync_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsync_server_packets',`
+interface(`corenet_send_rwho_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet send;
+ allow $1 rwho_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsync_server packets.
+## Do not audit attempts to send rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75269,17 +78370,17 @@ interface(`corenet_send_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsync_server_packets',`
+interface(`corenet_dontaudit_send_rwho_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type rwho_server_packet_t;
')
- dontaudit $1 rsync_server_packet_t:packet send;
+ dontaudit $1 rwho_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsync_server packets.
+## Receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75288,17 +78389,17 @@ interface(`corenet_dontaudit_send_rsync_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsync_server_packets',`
+interface(`corenet_receive_rwho_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet recv;
+ allow $1 rwho_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsync_server packets.
+## Do not audit attempts to receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75307,17 +78408,17 @@ interface(`corenet_receive_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsync_server_packets',`
+interface(`corenet_dontaudit_receive_rwho_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type rwho_server_packet_t;
')
- dontaudit $1 rsync_server_packet_t:packet recv;
+ dontaudit $1 rwho_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsync_server packets.
+## Send and receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75326,14 +78427,14 @@ interface(`corenet_dontaudit_receive_rsync_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsync_server_packets',`
- corenet_send_rsync_server_packets($1)
- corenet_receive_rsync_server_packets($1)
+interface(`corenet_sendrecv_rwho_server_packets',`
+ corenet_send_rwho_server_packets($1)
+ corenet_receive_rwho_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsync_server packets.
+## Do not audit attempts to send and receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75342,14 +78443,14 @@ interface(`corenet_sendrecv_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
- corenet_dontaudit_send_rsync_server_packets($1)
- corenet_dontaudit_receive_rsync_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
+ corenet_dontaudit_send_rwho_server_packets($1)
+ corenet_dontaudit_receive_rwho_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsync_server the packet type.
+## Relabel packets to rwho_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -75357,12 +78458,12 @@ interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsync_server_packets',`
+interface(`corenet_relabelto_rwho_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet relabelto;
+ allow $1 rwho_server_packet_t:packet relabelto;
')
@@ -75370,7 +78471,7 @@ interface(`corenet_relabelto_rsync_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rtorrent port.
+## Send and receive TCP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75379,17 +78480,17 @@ interface(`corenet_relabelto_rsync_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rtorrent_port',`
+interface(`corenet_tcp_sendrecv_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 salt_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rtorrent port.
+## Send UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75398,17 +78499,17 @@ interface(`corenet_tcp_sendrecv_rtorrent_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rtorrent_port',`
+interface(`corenet_udp_send_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:udp_socket send_msg;
+ allow $1 salt_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rtorrent port.
+## Do not audit attempts to send UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75417,17 +78518,17 @@ interface(`corenet_udp_send_rtorrent_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rtorrent_port',`
+interface(`corenet_dontaudit_udp_send_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- dontaudit $1 rtorrent_port_t:udp_socket send_msg;
+ dontaudit $1 salt_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rtorrent port.
+## Receive UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75436,17 +78537,17 @@ interface(`corenet_dontaudit_udp_send_rtorrent_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rtorrent_port',`
+interface(`corenet_udp_receive_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:udp_socket recv_msg;
+ allow $1 salt_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rtorrent port.
+## Do not audit attempts to receive UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75455,17 +78556,17 @@ interface(`corenet_udp_receive_rtorrent_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rtorrent_port',`
+interface(`corenet_dontaudit_udp_receive_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- dontaudit $1 rtorrent_port_t:udp_socket recv_msg;
+ dontaudit $1 salt_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rtorrent port.
+## Send and receive UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75474,15 +78575,15 @@ interface(`corenet_dontaudit_udp_receive_rtorrent_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rtorrent_port',`
- corenet_udp_send_rtorrent_port($1)
- corenet_udp_receive_rtorrent_port($1)
+interface(`corenet_udp_sendrecv_salt_port',`
+ corenet_udp_send_salt_port($1)
+ corenet_udp_receive_salt_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rtorrent port.
+## UDP traffic on the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75491,14 +78592,14 @@ interface(`corenet_udp_sendrecv_rtorrent_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rtorrent_port',`
- corenet_dontaudit_udp_send_rtorrent_port($1)
- corenet_dontaudit_udp_receive_rtorrent_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_salt_port',`
+ corenet_dontaudit_udp_send_salt_port($1)
+ corenet_dontaudit_udp_receive_salt_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rtorrent port.
+## Bind TCP sockets to the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75507,18 +78608,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rtorrent_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rtorrent_port',`
+interface(`corenet_tcp_bind_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:tcp_socket name_bind;
+ allow $1 salt_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the rtorrent port.
+## Bind UDP sockets to the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75527,18 +78628,18 @@ interface(`corenet_tcp_bind_rtorrent_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rtorrent_port',`
+interface(`corenet_udp_bind_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:udp_socket name_bind;
+ allow $1 salt_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the rtorrent port.
+## Make a TCP connection to the salt port.
## </summary>
## <param name="domain">
## <summary>
@@ -75546,18 +78647,18 @@ interface(`corenet_udp_bind_rtorrent_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rtorrent_port',`
+interface(`corenet_tcp_connect_salt_port',`
gen_require(`
- type rtorrent_port_t;
+ type salt_port_t;
')
- allow $1 rtorrent_port_t:tcp_socket name_connect;
+ allow $1 salt_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rtorrent_client packets.
+## Send salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75566,17 +78667,17 @@ interface(`corenet_tcp_connect_rtorrent_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rtorrent_client_packets',`
+interface(`corenet_send_salt_client_packets',`
gen_require(`
- type rtorrent_client_packet_t;
+ type salt_client_packet_t;
')
- allow $1 rtorrent_client_packet_t:packet send;
+ allow $1 salt_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rtorrent_client packets.
+## Do not audit attempts to send salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75585,17 +78686,17 @@ interface(`corenet_send_rtorrent_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rtorrent_client_packets',`
+interface(`corenet_dontaudit_send_salt_client_packets',`
gen_require(`
- type rtorrent_client_packet_t;
+ type salt_client_packet_t;
')
- dontaudit $1 rtorrent_client_packet_t:packet send;
+ dontaudit $1 salt_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rtorrent_client packets.
+## Receive salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75604,17 +78705,17 @@ interface(`corenet_dontaudit_send_rtorrent_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rtorrent_client_packets',`
+interface(`corenet_receive_salt_client_packets',`
gen_require(`
- type rtorrent_client_packet_t;
+ type salt_client_packet_t;
')
- allow $1 rtorrent_client_packet_t:packet recv;
+ allow $1 salt_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rtorrent_client packets.
+## Do not audit attempts to receive salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75623,17 +78724,17 @@ interface(`corenet_receive_rtorrent_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rtorrent_client_packets',`
+interface(`corenet_dontaudit_receive_salt_client_packets',`
gen_require(`
- type rtorrent_client_packet_t;
+ type salt_client_packet_t;
')
- dontaudit $1 rtorrent_client_packet_t:packet recv;
+ dontaudit $1 salt_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rtorrent_client packets.
+## Send and receive salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75642,14 +78743,14 @@ interface(`corenet_dontaudit_receive_rtorrent_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rtorrent_client_packets',`
- corenet_send_rtorrent_client_packets($1)
- corenet_receive_rtorrent_client_packets($1)
+interface(`corenet_sendrecv_salt_client_packets',`
+ corenet_send_salt_client_packets($1)
+ corenet_receive_salt_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rtorrent_client packets.
+## Do not audit attempts to send and receive salt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75658,14 +78759,14 @@ interface(`corenet_sendrecv_rtorrent_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rtorrent_client_packets',`
- corenet_dontaudit_send_rtorrent_client_packets($1)
- corenet_dontaudit_receive_rtorrent_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_salt_client_packets',`
+ corenet_dontaudit_send_salt_client_packets($1)
+ corenet_dontaudit_receive_salt_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rtorrent_client the packet type.
+## Relabel packets to salt_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -75673,18 +78774,18 @@ interface(`corenet_dontaudit_sendrecv_rtorrent_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rtorrent_client_packets',`
+interface(`corenet_relabelto_salt_client_packets',`
gen_require(`
- type rtorrent_client_packet_t;
+ type salt_client_packet_t;
')
- allow $1 rtorrent_client_packet_t:packet relabelto;
+ allow $1 salt_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rtorrent_server packets.
+## Send salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75693,17 +78794,17 @@ interface(`corenet_relabelto_rtorrent_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rtorrent_server_packets',`
+interface(`corenet_send_salt_server_packets',`
gen_require(`
- type rtorrent_server_packet_t;
+ type salt_server_packet_t;
')
- allow $1 rtorrent_server_packet_t:packet send;
+ allow $1 salt_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rtorrent_server packets.
+## Do not audit attempts to send salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75712,17 +78813,17 @@ interface(`corenet_send_rtorrent_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rtorrent_server_packets',`
+interface(`corenet_dontaudit_send_salt_server_packets',`
gen_require(`
- type rtorrent_server_packet_t;
+ type salt_server_packet_t;
')
- dontaudit $1 rtorrent_server_packet_t:packet send;
+ dontaudit $1 salt_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rtorrent_server packets.
+## Receive salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75731,17 +78832,17 @@ interface(`corenet_dontaudit_send_rtorrent_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rtorrent_server_packets',`
+interface(`corenet_receive_salt_server_packets',`
gen_require(`
- type rtorrent_server_packet_t;
+ type salt_server_packet_t;
')
- allow $1 rtorrent_server_packet_t:packet recv;
+ allow $1 salt_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rtorrent_server packets.
+## Do not audit attempts to receive salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75750,17 +78851,17 @@ interface(`corenet_receive_rtorrent_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rtorrent_server_packets',`
+interface(`corenet_dontaudit_receive_salt_server_packets',`
gen_require(`
- type rtorrent_server_packet_t;
+ type salt_server_packet_t;
')
- dontaudit $1 rtorrent_server_packet_t:packet recv;
+ dontaudit $1 salt_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rtorrent_server packets.
+## Send and receive salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75769,14 +78870,14 @@ interface(`corenet_dontaudit_receive_rtorrent_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rtorrent_server_packets',`
- corenet_send_rtorrent_server_packets($1)
- corenet_receive_rtorrent_server_packets($1)
+interface(`corenet_sendrecv_salt_server_packets',`
+ corenet_send_salt_server_packets($1)
+ corenet_receive_salt_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rtorrent_server packets.
+## Do not audit attempts to send and receive salt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -75785,14 +78886,14 @@ interface(`corenet_sendrecv_rtorrent_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rtorrent_server_packets',`
- corenet_dontaudit_send_rtorrent_server_packets($1)
- corenet_dontaudit_receive_rtorrent_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_salt_server_packets',`
+ corenet_dontaudit_send_salt_server_packets($1)
+ corenet_dontaudit_receive_salt_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rtorrent_server the packet type.
+## Relabel packets to salt_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -75800,12 +78901,12 @@ interface(`corenet_dontaudit_sendrecv_rtorrent_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rtorrent_server_packets',`
+interface(`corenet_relabelto_salt_server_packets',`
gen_require(`
- type rtorrent_server_packet_t;
+ type salt_server_packet_t;
')
- allow $1 rtorrent_server_packet_t:packet relabelto;
+ allow $1 salt_server_packet_t:packet relabelto;
')
@@ -75813,7 +78914,7 @@ interface(`corenet_relabelto_rtorrent_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rtsp port.
+## Send and receive TCP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75822,17 +78923,17 @@ interface(`corenet_relabelto_rtorrent_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rtsp_port',`
+interface(`corenet_tcp_sendrecv_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rtsp port.
+## Send UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75841,17 +78942,17 @@ interface(`corenet_tcp_sendrecv_rtsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rtsp_port',`
+interface(`corenet_udp_send_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:udp_socket send_msg;
+ allow $1 sap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rtsp port.
+## Do not audit attempts to send UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75860,17 +78961,17 @@ interface(`corenet_udp_send_rtsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rtsp_port',`
+interface(`corenet_dontaudit_udp_send_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- dontaudit $1 rtsp_port_t:udp_socket send_msg;
+ dontaudit $1 sap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rtsp port.
+## Receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75879,17 +78980,17 @@ interface(`corenet_dontaudit_udp_send_rtsp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rtsp_port',`
+interface(`corenet_udp_receive_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:udp_socket recv_msg;
+ allow $1 sap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rtsp port.
+## Do not audit attempts to receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75898,17 +78999,17 @@ interface(`corenet_udp_receive_rtsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rtsp_port',`
+interface(`corenet_dontaudit_udp_receive_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- dontaudit $1 rtsp_port_t:udp_socket recv_msg;
+ dontaudit $1 sap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rtsp port.
+## Send and receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75917,15 +79018,15 @@ interface(`corenet_dontaudit_udp_receive_rtsp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rtsp_port',`
- corenet_udp_send_rtsp_port($1)
- corenet_udp_receive_rtsp_port($1)
+interface(`corenet_udp_sendrecv_sap_port',`
+ corenet_udp_send_sap_port($1)
+ corenet_udp_receive_sap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rtsp port.
+## UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75934,14 +79035,14 @@ interface(`corenet_udp_sendrecv_rtsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rtsp_port',`
- corenet_dontaudit_udp_send_rtsp_port($1)
- corenet_dontaudit_udp_receive_rtsp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
+ corenet_dontaudit_udp_send_sap_port($1)
+ corenet_dontaudit_udp_receive_sap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rtsp port.
+## Bind TCP sockets to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75950,18 +79051,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rtsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rtsp_port',`
+interface(`corenet_tcp_bind_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 sap_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the rtsp port.
+## Bind UDP sockets to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75970,18 +79071,18 @@ interface(`corenet_tcp_bind_rtsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rtsp_port',`
+interface(`corenet_udp_bind_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 sap_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the rtsp port.
+## Make a TCP connection to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -75989,18 +79090,18 @@ interface(`corenet_udp_bind_rtsp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rtsp_port',`
+interface(`corenet_tcp_connect_sap_port',`
gen_require(`
- type rtsp_port_t;
+ type sap_port_t;
')
- allow $1 rtsp_port_t:tcp_socket name_connect;
+ allow $1 sap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rtsp_client packets.
+## Send sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76009,17 +79110,17 @@ interface(`corenet_tcp_connect_rtsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rtsp_client_packets',`
+interface(`corenet_send_sap_client_packets',`
gen_require(`
- type rtsp_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 rtsp_client_packet_t:packet send;
+ allow $1 sap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rtsp_client packets.
+## Do not audit attempts to send sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76028,17 +79129,17 @@ interface(`corenet_send_rtsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rtsp_client_packets',`
+interface(`corenet_dontaudit_send_sap_client_packets',`
gen_require(`
- type rtsp_client_packet_t;
+ type sap_client_packet_t;
')
- dontaudit $1 rtsp_client_packet_t:packet send;
+ dontaudit $1 sap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rtsp_client packets.
+## Receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76047,17 +79148,17 @@ interface(`corenet_dontaudit_send_rtsp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rtsp_client_packets',`
+interface(`corenet_receive_sap_client_packets',`
gen_require(`
- type rtsp_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 rtsp_client_packet_t:packet recv;
+ allow $1 sap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rtsp_client packets.
+## Do not audit attempts to receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76066,17 +79167,17 @@ interface(`corenet_receive_rtsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rtsp_client_packets',`
+interface(`corenet_dontaudit_receive_sap_client_packets',`
gen_require(`
- type rtsp_client_packet_t;
+ type sap_client_packet_t;
')
- dontaudit $1 rtsp_client_packet_t:packet recv;
+ dontaudit $1 sap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rtsp_client packets.
+## Send and receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76085,14 +79186,14 @@ interface(`corenet_dontaudit_receive_rtsp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rtsp_client_packets',`
- corenet_send_rtsp_client_packets($1)
- corenet_receive_rtsp_client_packets($1)
+interface(`corenet_sendrecv_sap_client_packets',`
+ corenet_send_sap_client_packets($1)
+ corenet_receive_sap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rtsp_client packets.
+## Do not audit attempts to send and receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76101,14 +79202,14 @@ interface(`corenet_sendrecv_rtsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rtsp_client_packets',`
- corenet_dontaudit_send_rtsp_client_packets($1)
- corenet_dontaudit_receive_rtsp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
+ corenet_dontaudit_send_sap_client_packets($1)
+ corenet_dontaudit_receive_sap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rtsp_client the packet type.
+## Relabel packets to sap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -76116,18 +79217,18 @@ interface(`corenet_dontaudit_sendrecv_rtsp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rtsp_client_packets',`
+interface(`corenet_relabelto_sap_client_packets',`
gen_require(`
- type rtsp_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 rtsp_client_packet_t:packet relabelto;
+ allow $1 sap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rtsp_server packets.
+## Send sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76136,17 +79237,17 @@ interface(`corenet_relabelto_rtsp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rtsp_server_packets',`
+interface(`corenet_send_sap_server_packets',`
gen_require(`
- type rtsp_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 rtsp_server_packet_t:packet send;
+ allow $1 sap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rtsp_server packets.
+## Do not audit attempts to send sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76155,17 +79256,17 @@ interface(`corenet_send_rtsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rtsp_server_packets',`
+interface(`corenet_dontaudit_send_sap_server_packets',`
gen_require(`
- type rtsp_server_packet_t;
+ type sap_server_packet_t;
')
- dontaudit $1 rtsp_server_packet_t:packet send;
+ dontaudit $1 sap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rtsp_server packets.
+## Receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76174,17 +79275,17 @@ interface(`corenet_dontaudit_send_rtsp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rtsp_server_packets',`
+interface(`corenet_receive_sap_server_packets',`
gen_require(`
- type rtsp_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 rtsp_server_packet_t:packet recv;
+ allow $1 sap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rtsp_server packets.
+## Do not audit attempts to receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76193,17 +79294,17 @@ interface(`corenet_receive_rtsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rtsp_server_packets',`
+interface(`corenet_dontaudit_receive_sap_server_packets',`
gen_require(`
- type rtsp_server_packet_t;
+ type sap_server_packet_t;
')
- dontaudit $1 rtsp_server_packet_t:packet recv;
+ dontaudit $1 sap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rtsp_server packets.
+## Send and receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76212,14 +79313,14 @@ interface(`corenet_dontaudit_receive_rtsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rtsp_server_packets',`
- corenet_send_rtsp_server_packets($1)
- corenet_receive_rtsp_server_packets($1)
+interface(`corenet_sendrecv_sap_server_packets',`
+ corenet_send_sap_server_packets($1)
+ corenet_receive_sap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rtsp_server packets.
+## Do not audit attempts to send and receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76228,14 +79329,14 @@ interface(`corenet_sendrecv_rtsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rtsp_server_packets',`
- corenet_dontaudit_send_rtsp_server_packets($1)
- corenet_dontaudit_receive_rtsp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
+ corenet_dontaudit_send_sap_server_packets($1)
+ corenet_dontaudit_receive_sap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rtsp_server the packet type.
+## Relabel packets to sap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -76243,12 +79344,12 @@ interface(`corenet_dontaudit_sendrecv_rtsp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rtsp_server_packets',`
+interface(`corenet_relabelto_sap_server_packets',`
gen_require(`
- type rtsp_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 rtsp_server_packet_t:packet relabelto;
+ allow $1 sap_server_packet_t:packet relabelto;
')
@@ -76256,7 +79357,7 @@ interface(`corenet_relabelto_rtsp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rwho port.
+## Send and receive TCP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76265,17 +79366,17 @@ interface(`corenet_relabelto_rtsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rwho_port',`
+interface(`corenet_tcp_sendrecv_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 servistaitsm_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rwho port.
+## Send UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76284,17 +79385,17 @@ interface(`corenet_tcp_sendrecv_rwho_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rwho_port',`
+interface(`corenet_udp_send_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:udp_socket send_msg;
+ allow $1 servistaitsm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rwho port.
+## Do not audit attempts to send UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76303,17 +79404,17 @@ interface(`corenet_udp_send_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rwho_port',`
+interface(`corenet_dontaudit_udp_send_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- dontaudit $1 rwho_port_t:udp_socket send_msg;
+ dontaudit $1 servistaitsm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rwho port.
+## Receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76322,17 +79423,17 @@ interface(`corenet_dontaudit_udp_send_rwho_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rwho_port',`
+interface(`corenet_udp_receive_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:udp_socket recv_msg;
+ allow $1 servistaitsm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rwho port.
+## Do not audit attempts to receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76341,17 +79442,17 @@ interface(`corenet_udp_receive_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rwho_port',`
+interface(`corenet_dontaudit_udp_receive_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- dontaudit $1 rwho_port_t:udp_socket recv_msg;
+ dontaudit $1 servistaitsm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rwho port.
+## Send and receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76360,15 +79461,15 @@ interface(`corenet_dontaudit_udp_receive_rwho_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rwho_port',`
- corenet_udp_send_rwho_port($1)
- corenet_udp_receive_rwho_port($1)
+interface(`corenet_udp_sendrecv_servistaitsm_port',`
+ corenet_udp_send_servistaitsm_port($1)
+ corenet_udp_receive_servistaitsm_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rwho port.
+## UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76377,14 +79478,14 @@ interface(`corenet_udp_sendrecv_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
- corenet_dontaudit_udp_send_rwho_port($1)
- corenet_dontaudit_udp_receive_rwho_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_servistaitsm_port',`
+ corenet_dontaudit_udp_send_servistaitsm_port($1)
+ corenet_dontaudit_udp_receive_servistaitsm_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rwho port.
+## Bind TCP sockets to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76393,18 +79494,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rwho_port',`
+interface(`corenet_tcp_bind_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 servistaitsm_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the rwho port.
+## Bind UDP sockets to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76413,18 +79514,18 @@ interface(`corenet_tcp_bind_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rwho_port',`
+interface(`corenet_udp_bind_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 servistaitsm_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the rwho port.
+## Make a TCP connection to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -76432,18 +79533,18 @@ interface(`corenet_udp_bind_rwho_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rwho_port',`
+interface(`corenet_tcp_connect_servistaitsm_port',`
gen_require(`
- type rwho_port_t;
+ type servistaitsm_port_t;
')
- allow $1 rwho_port_t:tcp_socket name_connect;
+ allow $1 servistaitsm_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rwho_client packets.
+## Send servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76452,17 +79553,17 @@ interface(`corenet_tcp_connect_rwho_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rwho_client_packets',`
+interface(`corenet_send_servistaitsm_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet send;
+ allow $1 servistaitsm_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rwho_client packets.
+## Do not audit attempts to send servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76471,17 +79572,17 @@ interface(`corenet_send_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rwho_client_packets',`
+interface(`corenet_dontaudit_send_servistaitsm_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- dontaudit $1 rwho_client_packet_t:packet send;
+ dontaudit $1 servistaitsm_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rwho_client packets.
+## Receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76490,17 +79591,17 @@ interface(`corenet_dontaudit_send_rwho_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rwho_client_packets',`
+interface(`corenet_receive_servistaitsm_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet recv;
+ allow $1 servistaitsm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rwho_client packets.
+## Do not audit attempts to receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76509,17 +79610,17 @@ interface(`corenet_receive_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rwho_client_packets',`
+interface(`corenet_dontaudit_receive_servistaitsm_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- dontaudit $1 rwho_client_packet_t:packet recv;
+ dontaudit $1 servistaitsm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rwho_client packets.
+## Send and receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76528,14 +79629,14 @@ interface(`corenet_dontaudit_receive_rwho_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rwho_client_packets',`
- corenet_send_rwho_client_packets($1)
- corenet_receive_rwho_client_packets($1)
+interface(`corenet_sendrecv_servistaitsm_client_packets',`
+ corenet_send_servistaitsm_client_packets($1)
+ corenet_receive_servistaitsm_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rwho_client packets.
+## Do not audit attempts to send and receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76544,14 +79645,14 @@ interface(`corenet_sendrecv_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
- corenet_dontaudit_send_rwho_client_packets($1)
- corenet_dontaudit_receive_rwho_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_servistaitsm_client_packets',`
+ corenet_dontaudit_send_servistaitsm_client_packets($1)
+ corenet_dontaudit_receive_servistaitsm_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rwho_client the packet type.
+## Relabel packets to servistaitsm_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -76559,18 +79660,18 @@ interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rwho_client_packets',`
+interface(`corenet_relabelto_servistaitsm_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet relabelto;
+ allow $1 servistaitsm_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rwho_server packets.
+## Send servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76579,17 +79680,17 @@ interface(`corenet_relabelto_rwho_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rwho_server_packets',`
+interface(`corenet_send_servistaitsm_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet send;
+ allow $1 servistaitsm_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rwho_server packets.
+## Do not audit attempts to send servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76598,17 +79699,17 @@ interface(`corenet_send_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rwho_server_packets',`
+interface(`corenet_dontaudit_send_servistaitsm_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- dontaudit $1 rwho_server_packet_t:packet send;
+ dontaudit $1 servistaitsm_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rwho_server packets.
+## Receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76617,17 +79718,17 @@ interface(`corenet_dontaudit_send_rwho_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rwho_server_packets',`
+interface(`corenet_receive_servistaitsm_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet recv;
+ allow $1 servistaitsm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rwho_server packets.
+## Do not audit attempts to receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76636,17 +79737,17 @@ interface(`corenet_receive_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rwho_server_packets',`
+interface(`corenet_dontaudit_receive_servistaitsm_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- dontaudit $1 rwho_server_packet_t:packet recv;
+ dontaudit $1 servistaitsm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rwho_server packets.
+## Send and receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76655,14 +79756,14 @@ interface(`corenet_dontaudit_receive_rwho_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rwho_server_packets',`
- corenet_send_rwho_server_packets($1)
- corenet_receive_rwho_server_packets($1)
+interface(`corenet_sendrecv_servistaitsm_server_packets',`
+ corenet_send_servistaitsm_server_packets($1)
+ corenet_receive_servistaitsm_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rwho_server packets.
+## Do not audit attempts to send and receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76671,14 +79772,14 @@ interface(`corenet_sendrecv_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
- corenet_dontaudit_send_rwho_server_packets($1)
- corenet_dontaudit_receive_rwho_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_servistaitsm_server_packets',`
+ corenet_dontaudit_send_servistaitsm_server_packets($1)
+ corenet_dontaudit_receive_servistaitsm_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rwho_server the packet type.
+## Relabel packets to servistaitsm_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -76686,12 +79787,12 @@ interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rwho_server_packets',`
+interface(`corenet_relabelto_servistaitsm_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet relabelto;
+ allow $1 servistaitsm_server_packet_t:packet relabelto;
')
@@ -76699,7 +79800,7 @@ interface(`corenet_relabelto_rwho_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the salt port.
+## Send and receive TCP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76708,17 +79809,17 @@ interface(`corenet_relabelto_rwho_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_salt_port',`
+interface(`corenet_tcp_sendrecv_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sieve_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the salt port.
+## Send UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76727,17 +79828,17 @@ interface(`corenet_tcp_sendrecv_salt_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_salt_port',`
+interface(`corenet_udp_send_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:udp_socket send_msg;
+ allow $1 sieve_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the salt port.
+## Do not audit attempts to send UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76746,17 +79847,17 @@ interface(`corenet_udp_send_salt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_salt_port',`
+interface(`corenet_dontaudit_udp_send_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- dontaudit $1 salt_port_t:udp_socket send_msg;
+ dontaudit $1 sieve_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the salt port.
+## Receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76765,17 +79866,17 @@ interface(`corenet_dontaudit_udp_send_salt_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_salt_port',`
+interface(`corenet_udp_receive_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:udp_socket recv_msg;
+ allow $1 sieve_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the salt port.
+## Do not audit attempts to receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76784,17 +79885,17 @@ interface(`corenet_udp_receive_salt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_salt_port',`
+interface(`corenet_dontaudit_udp_receive_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- dontaudit $1 salt_port_t:udp_socket recv_msg;
+ dontaudit $1 sieve_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the salt port.
+## Send and receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76803,15 +79904,15 @@ interface(`corenet_dontaudit_udp_receive_salt_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_salt_port',`
- corenet_udp_send_salt_port($1)
- corenet_udp_receive_salt_port($1)
+interface(`corenet_udp_sendrecv_sieve_port',`
+ corenet_udp_send_sieve_port($1)
+ corenet_udp_receive_sieve_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the salt port.
+## UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76820,14 +79921,14 @@ interface(`corenet_udp_sendrecv_salt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_salt_port',`
- corenet_dontaudit_udp_send_salt_port($1)
- corenet_dontaudit_udp_receive_salt_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
+ corenet_dontaudit_udp_send_sieve_port($1)
+ corenet_dontaudit_udp_receive_sieve_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the salt port.
+## Bind TCP sockets to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76836,18 +79937,18 @@ interface(`corenet_dontaudit_udp_sendrecv_salt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_salt_port',`
+interface(`corenet_tcp_bind_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:tcp_socket name_bind;
+ allow $1 sieve_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the salt port.
+## Bind UDP sockets to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76856,18 +79957,18 @@ interface(`corenet_tcp_bind_salt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_salt_port',`
+interface(`corenet_udp_bind_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:udp_socket name_bind;
+ allow $1 sieve_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the salt port.
+## Make a TCP connection to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -76875,18 +79976,18 @@ interface(`corenet_udp_bind_salt_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_salt_port',`
+interface(`corenet_tcp_connect_sieve_port',`
gen_require(`
- type salt_port_t;
+ type sieve_port_t;
')
- allow $1 salt_port_t:tcp_socket name_connect;
+ allow $1 sieve_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send salt_client packets.
+## Send sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76895,17 +79996,17 @@ interface(`corenet_tcp_connect_salt_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_salt_client_packets',`
+interface(`corenet_send_sieve_client_packets',`
gen_require(`
- type salt_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 salt_client_packet_t:packet send;
+ allow $1 sieve_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send salt_client packets.
+## Do not audit attempts to send sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76914,17 +80015,17 @@ interface(`corenet_send_salt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_salt_client_packets',`
+interface(`corenet_dontaudit_send_sieve_client_packets',`
gen_require(`
- type salt_client_packet_t;
+ type sieve_client_packet_t;
')
- dontaudit $1 salt_client_packet_t:packet send;
+ dontaudit $1 sieve_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive salt_client packets.
+## Receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76933,17 +80034,17 @@ interface(`corenet_dontaudit_send_salt_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_salt_client_packets',`
+interface(`corenet_receive_sieve_client_packets',`
gen_require(`
- type salt_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 salt_client_packet_t:packet recv;
+ allow $1 sieve_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive salt_client packets.
+## Do not audit attempts to receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76952,17 +80053,17 @@ interface(`corenet_receive_salt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_salt_client_packets',`
+interface(`corenet_dontaudit_receive_sieve_client_packets',`
gen_require(`
- type salt_client_packet_t;
+ type sieve_client_packet_t;
')
- dontaudit $1 salt_client_packet_t:packet recv;
+ dontaudit $1 sieve_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive salt_client packets.
+## Send and receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76971,14 +80072,14 @@ interface(`corenet_dontaudit_receive_salt_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_salt_client_packets',`
- corenet_send_salt_client_packets($1)
- corenet_receive_salt_client_packets($1)
+interface(`corenet_sendrecv_sieve_client_packets',`
+ corenet_send_sieve_client_packets($1)
+ corenet_receive_sieve_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive salt_client packets.
+## Do not audit attempts to send and receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -76987,14 +80088,14 @@ interface(`corenet_sendrecv_salt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_salt_client_packets',`
- corenet_dontaudit_send_salt_client_packets($1)
- corenet_dontaudit_receive_salt_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
+ corenet_dontaudit_send_sieve_client_packets($1)
+ corenet_dontaudit_receive_sieve_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to salt_client the packet type.
+## Relabel packets to sieve_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -77002,18 +80103,18 @@ interface(`corenet_dontaudit_sendrecv_salt_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_salt_client_packets',`
+interface(`corenet_relabelto_sieve_client_packets',`
gen_require(`
- type salt_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 salt_client_packet_t:packet relabelto;
+ allow $1 sieve_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send salt_server packets.
+## Send sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77022,17 +80123,17 @@ interface(`corenet_relabelto_salt_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_salt_server_packets',`
+interface(`corenet_send_sieve_server_packets',`
gen_require(`
- type salt_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 salt_server_packet_t:packet send;
+ allow $1 sieve_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send salt_server packets.
+## Do not audit attempts to send sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77041,17 +80142,17 @@ interface(`corenet_send_salt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_salt_server_packets',`
+interface(`corenet_dontaudit_send_sieve_server_packets',`
gen_require(`
- type salt_server_packet_t;
+ type sieve_server_packet_t;
')
- dontaudit $1 salt_server_packet_t:packet send;
+ dontaudit $1 sieve_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive salt_server packets.
+## Receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77060,17 +80161,17 @@ interface(`corenet_dontaudit_send_salt_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_salt_server_packets',`
+interface(`corenet_receive_sieve_server_packets',`
gen_require(`
- type salt_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 salt_server_packet_t:packet recv;
+ allow $1 sieve_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive salt_server packets.
+## Do not audit attempts to receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77079,17 +80180,17 @@ interface(`corenet_receive_salt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_salt_server_packets',`
+interface(`corenet_dontaudit_receive_sieve_server_packets',`
gen_require(`
- type salt_server_packet_t;
+ type sieve_server_packet_t;
')
- dontaudit $1 salt_server_packet_t:packet recv;
+ dontaudit $1 sieve_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive salt_server packets.
+## Send and receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77098,14 +80199,14 @@ interface(`corenet_dontaudit_receive_salt_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_salt_server_packets',`
- corenet_send_salt_server_packets($1)
- corenet_receive_salt_server_packets($1)
+interface(`corenet_sendrecv_sieve_server_packets',`
+ corenet_send_sieve_server_packets($1)
+ corenet_receive_sieve_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive salt_server packets.
+## Do not audit attempts to send and receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77114,14 +80215,14 @@ interface(`corenet_sendrecv_salt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_salt_server_packets',`
- corenet_dontaudit_send_salt_server_packets($1)
- corenet_dontaudit_receive_salt_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
+ corenet_dontaudit_send_sieve_server_packets($1)
+ corenet_dontaudit_receive_sieve_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to salt_server the packet type.
+## Relabel packets to sieve_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -77129,12 +80230,12 @@ interface(`corenet_dontaudit_sendrecv_salt_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_salt_server_packets',`
+interface(`corenet_relabelto_sieve_server_packets',`
gen_require(`
- type salt_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 salt_server_packet_t:packet relabelto;
+ allow $1 sieve_server_packet_t:packet relabelto;
')
@@ -77142,7 +80243,7 @@ interface(`corenet_relabelto_salt_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sap port.
+## Send and receive TCP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77151,17 +80252,17 @@ interface(`corenet_relabelto_salt_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sap_port',`
+interface(`corenet_tcp_sendrecv_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sip_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sap port.
+## Send UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77170,17 +80271,17 @@ interface(`corenet_tcp_sendrecv_sap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sap_port',`
+interface(`corenet_udp_send_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:udp_socket send_msg;
+ allow $1 sip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sap port.
+## Do not audit attempts to send UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77189,17 +80290,17 @@ interface(`corenet_udp_send_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sap_port',`
+interface(`corenet_dontaudit_udp_send_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- dontaudit $1 sap_port_t:udp_socket send_msg;
+ dontaudit $1 sip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sap port.
+## Receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77208,17 +80309,17 @@ interface(`corenet_dontaudit_udp_send_sap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sap_port',`
+interface(`corenet_udp_receive_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:udp_socket recv_msg;
+ allow $1 sip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sap port.
+## Do not audit attempts to receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77227,17 +80328,17 @@ interface(`corenet_udp_receive_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sap_port',`
+interface(`corenet_dontaudit_udp_receive_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- dontaudit $1 sap_port_t:udp_socket recv_msg;
+ dontaudit $1 sip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sap port.
+## Send and receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77246,15 +80347,15 @@ interface(`corenet_dontaudit_udp_receive_sap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sap_port',`
- corenet_udp_send_sap_port($1)
- corenet_udp_receive_sap_port($1)
+interface(`corenet_udp_sendrecv_sip_port',`
+ corenet_udp_send_sip_port($1)
+ corenet_udp_receive_sip_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sap port.
+## UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77263,14 +80364,14 @@ interface(`corenet_udp_sendrecv_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
- corenet_dontaudit_udp_send_sap_port($1)
- corenet_dontaudit_udp_receive_sap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
+ corenet_dontaudit_udp_send_sip_port($1)
+ corenet_dontaudit_udp_receive_sip_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sap port.
+## Bind TCP sockets to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77279,18 +80380,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sap_port',`
+interface(`corenet_tcp_bind_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:tcp_socket name_bind;
+ allow $1 sip_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the sap port.
+## Bind UDP sockets to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77299,18 +80400,18 @@ interface(`corenet_tcp_bind_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sap_port',`
+interface(`corenet_udp_bind_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:udp_socket name_bind;
+ allow $1 sip_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the sap port.
+## Make a TCP connection to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -77318,18 +80419,18 @@ interface(`corenet_udp_bind_sap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sap_port',`
+interface(`corenet_tcp_connect_sip_port',`
gen_require(`
- type sap_port_t;
+ type sip_port_t;
')
- allow $1 sap_port_t:tcp_socket name_connect;
+ allow $1 sip_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sap_client packets.
+## Send sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77338,17 +80439,17 @@ interface(`corenet_tcp_connect_sap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sap_client_packets',`
+interface(`corenet_send_sip_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 sap_client_packet_t:packet send;
+ allow $1 sip_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sap_client packets.
+## Do not audit attempts to send sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77357,17 +80458,17 @@ interface(`corenet_send_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sap_client_packets',`
+interface(`corenet_dontaudit_send_sip_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type sip_client_packet_t;
')
- dontaudit $1 sap_client_packet_t:packet send;
+ dontaudit $1 sip_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sap_client packets.
+## Receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77376,17 +80477,17 @@ interface(`corenet_dontaudit_send_sap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sap_client_packets',`
+interface(`corenet_receive_sip_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 sap_client_packet_t:packet recv;
+ allow $1 sip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sap_client packets.
+## Do not audit attempts to receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77395,17 +80496,17 @@ interface(`corenet_receive_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sap_client_packets',`
+interface(`corenet_dontaudit_receive_sip_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type sip_client_packet_t;
')
- dontaudit $1 sap_client_packet_t:packet recv;
+ dontaudit $1 sip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sap_client packets.
+## Send and receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77414,14 +80515,14 @@ interface(`corenet_dontaudit_receive_sap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sap_client_packets',`
- corenet_send_sap_client_packets($1)
- corenet_receive_sap_client_packets($1)
+interface(`corenet_sendrecv_sip_client_packets',`
+ corenet_send_sip_client_packets($1)
+ corenet_receive_sip_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sap_client packets.
+## Do not audit attempts to send and receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77430,14 +80531,14 @@ interface(`corenet_sendrecv_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
- corenet_dontaudit_send_sap_client_packets($1)
- corenet_dontaudit_receive_sap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
+ corenet_dontaudit_send_sip_client_packets($1)
+ corenet_dontaudit_receive_sip_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sap_client the packet type.
+## Relabel packets to sip_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -77445,18 +80546,18 @@ interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sap_client_packets',`
+interface(`corenet_relabelto_sip_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 sap_client_packet_t:packet relabelto;
+ allow $1 sip_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sap_server packets.
+## Send sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77465,17 +80566,17 @@ interface(`corenet_relabelto_sap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sap_server_packets',`
+interface(`corenet_send_sip_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 sap_server_packet_t:packet send;
+ allow $1 sip_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sap_server packets.
+## Do not audit attempts to send sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77484,17 +80585,17 @@ interface(`corenet_send_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sap_server_packets',`
+interface(`corenet_dontaudit_send_sip_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type sip_server_packet_t;
')
- dontaudit $1 sap_server_packet_t:packet send;
+ dontaudit $1 sip_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sap_server packets.
+## Receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77503,17 +80604,17 @@ interface(`corenet_dontaudit_send_sap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sap_server_packets',`
+interface(`corenet_receive_sip_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 sap_server_packet_t:packet recv;
+ allow $1 sip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sap_server packets.
+## Do not audit attempts to receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77522,17 +80623,17 @@ interface(`corenet_receive_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sap_server_packets',`
+interface(`corenet_dontaudit_receive_sip_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type sip_server_packet_t;
')
- dontaudit $1 sap_server_packet_t:packet recv;
+ dontaudit $1 sip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sap_server packets.
+## Send and receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77541,14 +80642,14 @@ interface(`corenet_dontaudit_receive_sap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sap_server_packets',`
- corenet_send_sap_server_packets($1)
- corenet_receive_sap_server_packets($1)
+interface(`corenet_sendrecv_sip_server_packets',`
+ corenet_send_sip_server_packets($1)
+ corenet_receive_sip_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sap_server packets.
+## Do not audit attempts to send and receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77557,14 +80658,14 @@ interface(`corenet_sendrecv_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
- corenet_dontaudit_send_sap_server_packets($1)
- corenet_dontaudit_receive_sap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
+ corenet_dontaudit_send_sip_server_packets($1)
+ corenet_dontaudit_receive_sip_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sap_server the packet type.
+## Relabel packets to sip_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -77572,12 +80673,12 @@ interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sap_server_packets',`
+interface(`corenet_relabelto_sip_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 sap_server_packet_t:packet relabelto;
+ allow $1 sip_server_packet_t:packet relabelto;
')
@@ -77585,7 +80686,7 @@ interface(`corenet_relabelto_sap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the servistaitsm port.
+## Send and receive TCP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77594,17 +80695,17 @@ interface(`corenet_relabelto_sap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_servistaitsm_port',`
+interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sixxsconfig_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the servistaitsm port.
+## Send UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77613,17 +80714,17 @@ interface(`corenet_tcp_sendrecv_servistaitsm_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_servistaitsm_port',`
+interface(`corenet_udp_send_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:udp_socket send_msg;
+ allow $1 sixxsconfig_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the servistaitsm port.
+## Do not audit attempts to send UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77632,17 +80733,17 @@ interface(`corenet_udp_send_servistaitsm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_servistaitsm_port',`
+interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- dontaudit $1 servistaitsm_port_t:udp_socket send_msg;
+ dontaudit $1 sixxsconfig_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the servistaitsm port.
+## Receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77651,17 +80752,17 @@ interface(`corenet_dontaudit_udp_send_servistaitsm_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_servistaitsm_port',`
+interface(`corenet_udp_receive_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:udp_socket recv_msg;
+ allow $1 sixxsconfig_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the servistaitsm port.
+## Do not audit attempts to receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77670,17 +80771,17 @@ interface(`corenet_udp_receive_servistaitsm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_servistaitsm_port',`
+interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- dontaudit $1 servistaitsm_port_t:udp_socket recv_msg;
+ dontaudit $1 sixxsconfig_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the servistaitsm port.
+## Send and receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77689,15 +80790,15 @@ interface(`corenet_dontaudit_udp_receive_servistaitsm_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_servistaitsm_port',`
- corenet_udp_send_servistaitsm_port($1)
- corenet_udp_receive_servistaitsm_port($1)
+interface(`corenet_udp_sendrecv_sixxsconfig_port',`
+ corenet_udp_send_sixxsconfig_port($1)
+ corenet_udp_receive_sixxsconfig_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the servistaitsm port.
+## UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77706,14 +80807,14 @@ interface(`corenet_udp_sendrecv_servistaitsm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_servistaitsm_port',`
- corenet_dontaudit_udp_send_servistaitsm_port($1)
- corenet_dontaudit_udp_receive_servistaitsm_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
+ corenet_dontaudit_udp_send_sixxsconfig_port($1)
+ corenet_dontaudit_udp_receive_sixxsconfig_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the servistaitsm port.
+## Bind TCP sockets to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77722,18 +80823,18 @@ interface(`corenet_dontaudit_udp_sendrecv_servistaitsm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_servistaitsm_port',`
+interface(`corenet_tcp_bind_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:tcp_socket name_bind;
+ allow $1 sixxsconfig_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the servistaitsm port.
+## Bind UDP sockets to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77742,18 +80843,18 @@ interface(`corenet_tcp_bind_servistaitsm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_servistaitsm_port',`
+interface(`corenet_udp_bind_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:udp_socket name_bind;
+ allow $1 sixxsconfig_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the servistaitsm port.
+## Make a TCP connection to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -77761,18 +80862,18 @@ interface(`corenet_udp_bind_servistaitsm_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_servistaitsm_port',`
+interface(`corenet_tcp_connect_sixxsconfig_port',`
gen_require(`
- type servistaitsm_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 servistaitsm_port_t:tcp_socket name_connect;
+ allow $1 sixxsconfig_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send servistaitsm_client packets.
+## Send sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77781,17 +80882,17 @@ interface(`corenet_tcp_connect_servistaitsm_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_servistaitsm_client_packets',`
+interface(`corenet_send_sixxsconfig_client_packets',`
gen_require(`
- type servistaitsm_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 servistaitsm_client_packet_t:packet send;
+ allow $1 sixxsconfig_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send servistaitsm_client packets.
+## Do not audit attempts to send sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77800,17 +80901,17 @@ interface(`corenet_send_servistaitsm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_servistaitsm_client_packets',`
+interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
gen_require(`
- type servistaitsm_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- dontaudit $1 servistaitsm_client_packet_t:packet send;
+ dontaudit $1 sixxsconfig_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive servistaitsm_client packets.
+## Receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77819,17 +80920,17 @@ interface(`corenet_dontaudit_send_servistaitsm_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_servistaitsm_client_packets',`
+interface(`corenet_receive_sixxsconfig_client_packets',`
gen_require(`
- type servistaitsm_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 servistaitsm_client_packet_t:packet recv;
+ allow $1 sixxsconfig_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive servistaitsm_client packets.
+## Do not audit attempts to receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77838,17 +80939,17 @@ interface(`corenet_receive_servistaitsm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_servistaitsm_client_packets',`
+interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
gen_require(`
- type servistaitsm_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- dontaudit $1 servistaitsm_client_packet_t:packet recv;
+ dontaudit $1 sixxsconfig_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive servistaitsm_client packets.
+## Send and receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77857,14 +80958,14 @@ interface(`corenet_dontaudit_receive_servistaitsm_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_servistaitsm_client_packets',`
- corenet_send_servistaitsm_client_packets($1)
- corenet_receive_servistaitsm_client_packets($1)
+interface(`corenet_sendrecv_sixxsconfig_client_packets',`
+ corenet_send_sixxsconfig_client_packets($1)
+ corenet_receive_sixxsconfig_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive servistaitsm_client packets.
+## Do not audit attempts to send and receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77873,14 +80974,14 @@ interface(`corenet_sendrecv_servistaitsm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_servistaitsm_client_packets',`
- corenet_dontaudit_send_servistaitsm_client_packets($1)
- corenet_dontaudit_receive_servistaitsm_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
+ corenet_dontaudit_send_sixxsconfig_client_packets($1)
+ corenet_dontaudit_receive_sixxsconfig_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to servistaitsm_client the packet type.
+## Relabel packets to sixxsconfig_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -77888,18 +80989,18 @@ interface(`corenet_dontaudit_sendrecv_servistaitsm_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_servistaitsm_client_packets',`
+interface(`corenet_relabelto_sixxsconfig_client_packets',`
gen_require(`
- type servistaitsm_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 servistaitsm_client_packet_t:packet relabelto;
+ allow $1 sixxsconfig_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send servistaitsm_server packets.
+## Send sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77908,17 +81009,17 @@ interface(`corenet_relabelto_servistaitsm_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_servistaitsm_server_packets',`
+interface(`corenet_send_sixxsconfig_server_packets',`
gen_require(`
- type servistaitsm_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 servistaitsm_server_packet_t:packet send;
+ allow $1 sixxsconfig_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send servistaitsm_server packets.
+## Do not audit attempts to send sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77927,17 +81028,17 @@ interface(`corenet_send_servistaitsm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_servistaitsm_server_packets',`
+interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
gen_require(`
- type servistaitsm_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- dontaudit $1 servistaitsm_server_packet_t:packet send;
+ dontaudit $1 sixxsconfig_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive servistaitsm_server packets.
+## Receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77946,17 +81047,17 @@ interface(`corenet_dontaudit_send_servistaitsm_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_servistaitsm_server_packets',`
+interface(`corenet_receive_sixxsconfig_server_packets',`
gen_require(`
- type servistaitsm_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 servistaitsm_server_packet_t:packet recv;
+ allow $1 sixxsconfig_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive servistaitsm_server packets.
+## Do not audit attempts to receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77965,17 +81066,17 @@ interface(`corenet_receive_servistaitsm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_servistaitsm_server_packets',`
+interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
gen_require(`
- type servistaitsm_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- dontaudit $1 servistaitsm_server_packet_t:packet recv;
+ dontaudit $1 sixxsconfig_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive servistaitsm_server packets.
+## Send and receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -77984,14 +81085,14 @@ interface(`corenet_dontaudit_receive_servistaitsm_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_servistaitsm_server_packets',`
- corenet_send_servistaitsm_server_packets($1)
- corenet_receive_servistaitsm_server_packets($1)
+interface(`corenet_sendrecv_sixxsconfig_server_packets',`
+ corenet_send_sixxsconfig_server_packets($1)
+ corenet_receive_sixxsconfig_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive servistaitsm_server packets.
+## Do not audit attempts to send and receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78000,14 +81101,14 @@ interface(`corenet_sendrecv_servistaitsm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_servistaitsm_server_packets',`
- corenet_dontaudit_send_servistaitsm_server_packets($1)
- corenet_dontaudit_receive_servistaitsm_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
+ corenet_dontaudit_send_sixxsconfig_server_packets($1)
+ corenet_dontaudit_receive_sixxsconfig_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to servistaitsm_server the packet type.
+## Relabel packets to sixxsconfig_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -78015,12 +81116,12 @@ interface(`corenet_dontaudit_sendrecv_servistaitsm_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_servistaitsm_server_packets',`
+interface(`corenet_relabelto_sixxsconfig_server_packets',`
gen_require(`
- type servistaitsm_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 servistaitsm_server_packet_t:packet relabelto;
+ allow $1 sixxsconfig_server_packet_t:packet relabelto;
')
@@ -78028,7 +81129,7 @@ interface(`corenet_relabelto_servistaitsm_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sieve port.
+## Send and receive TCP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78037,17 +81138,17 @@ interface(`corenet_relabelto_servistaitsm_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sieve_port',`
+interface(`corenet_tcp_sendrecv_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 smbd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sieve port.
+## Send UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78056,17 +81157,17 @@ interface(`corenet_tcp_sendrecv_sieve_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sieve_port',`
+interface(`corenet_udp_send_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:udp_socket send_msg;
+ allow $1 smbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sieve port.
+## Do not audit attempts to send UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78075,17 +81176,17 @@ interface(`corenet_udp_send_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sieve_port',`
+interface(`corenet_dontaudit_udp_send_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- dontaudit $1 sieve_port_t:udp_socket send_msg;
+ dontaudit $1 smbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sieve port.
+## Receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78094,17 +81195,17 @@ interface(`corenet_dontaudit_udp_send_sieve_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sieve_port',`
+interface(`corenet_udp_receive_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:udp_socket recv_msg;
+ allow $1 smbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sieve port.
+## Do not audit attempts to receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78113,17 +81214,17 @@ interface(`corenet_udp_receive_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sieve_port',`
+interface(`corenet_dontaudit_udp_receive_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- dontaudit $1 sieve_port_t:udp_socket recv_msg;
+ dontaudit $1 smbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sieve port.
+## Send and receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78132,15 +81233,15 @@ interface(`corenet_dontaudit_udp_receive_sieve_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sieve_port',`
- corenet_udp_send_sieve_port($1)
- corenet_udp_receive_sieve_port($1)
+interface(`corenet_udp_sendrecv_smbd_port',`
+ corenet_udp_send_smbd_port($1)
+ corenet_udp_receive_smbd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sieve port.
+## UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78149,14 +81250,14 @@ interface(`corenet_udp_sendrecv_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
- corenet_dontaudit_udp_send_sieve_port($1)
- corenet_dontaudit_udp_receive_sieve_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
+ corenet_dontaudit_udp_send_smbd_port($1)
+ corenet_dontaudit_udp_receive_smbd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sieve port.
+## Bind TCP sockets to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78165,18 +81266,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sieve_port',`
+interface(`corenet_tcp_bind_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:tcp_socket name_bind;
-
+ allow $1 smbd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the sieve port.
+## Bind UDP sockets to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78185,18 +81286,18 @@ interface(`corenet_tcp_bind_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sieve_port',`
+interface(`corenet_udp_bind_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:udp_socket name_bind;
-
+ allow $1 smbd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the sieve port.
+## Make a TCP connection to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -78204,18 +81305,18 @@ interface(`corenet_udp_bind_sieve_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sieve_port',`
+interface(`corenet_tcp_connect_smbd_port',`
gen_require(`
- type sieve_port_t;
+ type smbd_port_t;
')
- allow $1 sieve_port_t:tcp_socket name_connect;
+ allow $1 smbd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sieve_client packets.
+## Send smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78224,17 +81325,17 @@ interface(`corenet_tcp_connect_sieve_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sieve_client_packets',`
+interface(`corenet_send_smbd_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet send;
+ allow $1 smbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sieve_client packets.
+## Do not audit attempts to send smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78243,17 +81344,17 @@ interface(`corenet_send_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sieve_client_packets',`
+interface(`corenet_dontaudit_send_smbd_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type smbd_client_packet_t;
')
- dontaudit $1 sieve_client_packet_t:packet send;
+ dontaudit $1 smbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sieve_client packets.
+## Receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78262,17 +81363,17 @@ interface(`corenet_dontaudit_send_sieve_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sieve_client_packets',`
+interface(`corenet_receive_smbd_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet recv;
+ allow $1 smbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sieve_client packets.
+## Do not audit attempts to receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78281,17 +81382,17 @@ interface(`corenet_receive_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sieve_client_packets',`
+interface(`corenet_dontaudit_receive_smbd_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type smbd_client_packet_t;
')
- dontaudit $1 sieve_client_packet_t:packet recv;
+ dontaudit $1 smbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sieve_client packets.
+## Send and receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78300,14 +81401,14 @@ interface(`corenet_dontaudit_receive_sieve_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sieve_client_packets',`
- corenet_send_sieve_client_packets($1)
- corenet_receive_sieve_client_packets($1)
+interface(`corenet_sendrecv_smbd_client_packets',`
+ corenet_send_smbd_client_packets($1)
+ corenet_receive_smbd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sieve_client packets.
+## Do not audit attempts to send and receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78316,14 +81417,14 @@ interface(`corenet_sendrecv_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
- corenet_dontaudit_send_sieve_client_packets($1)
- corenet_dontaudit_receive_sieve_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
+ corenet_dontaudit_send_smbd_client_packets($1)
+ corenet_dontaudit_receive_smbd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sieve_client the packet type.
+## Relabel packets to smbd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -78331,18 +81432,18 @@ interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sieve_client_packets',`
+interface(`corenet_relabelto_smbd_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet relabelto;
+ allow $1 smbd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sieve_server packets.
+## Send smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78351,17 +81452,17 @@ interface(`corenet_relabelto_sieve_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sieve_server_packets',`
+interface(`corenet_send_smbd_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet send;
+ allow $1 smbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sieve_server packets.
+## Do not audit attempts to send smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78370,17 +81471,17 @@ interface(`corenet_send_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sieve_server_packets',`
+interface(`corenet_dontaudit_send_smbd_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type smbd_server_packet_t;
')
- dontaudit $1 sieve_server_packet_t:packet send;
+ dontaudit $1 smbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sieve_server packets.
+## Receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78389,17 +81490,17 @@ interface(`corenet_dontaudit_send_sieve_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sieve_server_packets',`
+interface(`corenet_receive_smbd_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet recv;
+ allow $1 smbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sieve_server packets.
+## Do not audit attempts to receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78408,17 +81509,17 @@ interface(`corenet_receive_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sieve_server_packets',`
+interface(`corenet_dontaudit_receive_smbd_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type smbd_server_packet_t;
')
- dontaudit $1 sieve_server_packet_t:packet recv;
+ dontaudit $1 smbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sieve_server packets.
+## Send and receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78427,14 +81528,14 @@ interface(`corenet_dontaudit_receive_sieve_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sieve_server_packets',`
- corenet_send_sieve_server_packets($1)
- corenet_receive_sieve_server_packets($1)
+interface(`corenet_sendrecv_smbd_server_packets',`
+ corenet_send_smbd_server_packets($1)
+ corenet_receive_smbd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sieve_server packets.
+## Do not audit attempts to send and receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78443,14 +81544,14 @@ interface(`corenet_sendrecv_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
- corenet_dontaudit_send_sieve_server_packets($1)
- corenet_dontaudit_receive_sieve_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
+ corenet_dontaudit_send_smbd_server_packets($1)
+ corenet_dontaudit_receive_smbd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sieve_server the packet type.
+## Relabel packets to smbd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -78458,12 +81559,12 @@ interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sieve_server_packets',`
+interface(`corenet_relabelto_smbd_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet relabelto;
+ allow $1 smbd_server_packet_t:packet relabelto;
')
@@ -78471,7 +81572,7 @@ interface(`corenet_relabelto_sieve_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sip port.
+## Send and receive TCP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78480,17 +81581,17 @@ interface(`corenet_relabelto_sieve_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sip_port',`
+interface(`corenet_tcp_sendrecv_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 smtp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sip port.
+## Send UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78499,17 +81600,17 @@ interface(`corenet_tcp_sendrecv_sip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sip_port',`
+interface(`corenet_udp_send_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:udp_socket send_msg;
+ allow $1 smtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sip port.
+## Do not audit attempts to send UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78518,17 +81619,17 @@ interface(`corenet_udp_send_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sip_port',`
+interface(`corenet_dontaudit_udp_send_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- dontaudit $1 sip_port_t:udp_socket send_msg;
+ dontaudit $1 smtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sip port.
+## Receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78537,17 +81638,17 @@ interface(`corenet_dontaudit_udp_send_sip_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sip_port',`
+interface(`corenet_udp_receive_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:udp_socket recv_msg;
+ allow $1 smtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sip port.
+## Do not audit attempts to receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78556,17 +81657,17 @@ interface(`corenet_udp_receive_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sip_port',`
+interface(`corenet_dontaudit_udp_receive_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- dontaudit $1 sip_port_t:udp_socket recv_msg;
+ dontaudit $1 smtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sip port.
+## Send and receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78575,15 +81676,15 @@ interface(`corenet_dontaudit_udp_receive_sip_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sip_port',`
- corenet_udp_send_sip_port($1)
- corenet_udp_receive_sip_port($1)
+interface(`corenet_udp_sendrecv_smtp_port',`
+ corenet_udp_send_smtp_port($1)
+ corenet_udp_receive_smtp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sip port.
+## UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78592,14 +81693,14 @@ interface(`corenet_udp_sendrecv_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
- corenet_dontaudit_udp_send_sip_port($1)
- corenet_dontaudit_udp_receive_sip_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
+ corenet_dontaudit_udp_send_smtp_port($1)
+ corenet_dontaudit_udp_receive_smtp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sip port.
+## Bind TCP sockets to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78608,18 +81709,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sip_port',`
+interface(`corenet_tcp_bind_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:tcp_socket name_bind;
-
+ allow $1 smtp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the sip port.
+## Bind UDP sockets to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78628,18 +81729,18 @@ interface(`corenet_tcp_bind_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sip_port',`
+interface(`corenet_udp_bind_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:udp_socket name_bind;
-
+ allow $1 smtp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the sip port.
+## Make a TCP connection to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78647,18 +81748,18 @@ interface(`corenet_udp_bind_sip_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sip_port',`
+interface(`corenet_tcp_connect_smtp_port',`
gen_require(`
- type sip_port_t;
+ type smtp_port_t;
')
- allow $1 sip_port_t:tcp_socket name_connect;
+ allow $1 smtp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sip_client packets.
+## Send smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78667,17 +81768,17 @@ interface(`corenet_tcp_connect_sip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sip_client_packets',`
+interface(`corenet_send_smtp_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 sip_client_packet_t:packet send;
+ allow $1 smtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sip_client packets.
+## Do not audit attempts to send smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78686,17 +81787,17 @@ interface(`corenet_send_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sip_client_packets',`
+interface(`corenet_dontaudit_send_smtp_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type smtp_client_packet_t;
')
- dontaudit $1 sip_client_packet_t:packet send;
+ dontaudit $1 smtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sip_client packets.
+## Receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78705,17 +81806,17 @@ interface(`corenet_dontaudit_send_sip_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sip_client_packets',`
+interface(`corenet_receive_smtp_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 sip_client_packet_t:packet recv;
+ allow $1 smtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sip_client packets.
+## Do not audit attempts to receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78724,17 +81825,17 @@ interface(`corenet_receive_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sip_client_packets',`
+interface(`corenet_dontaudit_receive_smtp_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type smtp_client_packet_t;
')
- dontaudit $1 sip_client_packet_t:packet recv;
+ dontaudit $1 smtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sip_client packets.
+## Send and receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78743,14 +81844,14 @@ interface(`corenet_dontaudit_receive_sip_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sip_client_packets',`
- corenet_send_sip_client_packets($1)
- corenet_receive_sip_client_packets($1)
+interface(`corenet_sendrecv_smtp_client_packets',`
+ corenet_send_smtp_client_packets($1)
+ corenet_receive_smtp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sip_client packets.
+## Do not audit attempts to send and receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78759,14 +81860,14 @@ interface(`corenet_sendrecv_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
- corenet_dontaudit_send_sip_client_packets($1)
- corenet_dontaudit_receive_sip_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
+ corenet_dontaudit_send_smtp_client_packets($1)
+ corenet_dontaudit_receive_smtp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sip_client the packet type.
+## Relabel packets to smtp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -78774,18 +81875,18 @@ interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sip_client_packets',`
+interface(`corenet_relabelto_smtp_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 sip_client_packet_t:packet relabelto;
+ allow $1 smtp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sip_server packets.
+## Send smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78794,17 +81895,17 @@ interface(`corenet_relabelto_sip_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sip_server_packets',`
+interface(`corenet_send_smtp_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 sip_server_packet_t:packet send;
+ allow $1 smtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sip_server packets.
+## Do not audit attempts to send smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78813,17 +81914,17 @@ interface(`corenet_send_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sip_server_packets',`
+interface(`corenet_dontaudit_send_smtp_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type smtp_server_packet_t;
')
- dontaudit $1 sip_server_packet_t:packet send;
+ dontaudit $1 smtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sip_server packets.
+## Receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78832,17 +81933,17 @@ interface(`corenet_dontaudit_send_sip_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sip_server_packets',`
+interface(`corenet_receive_smtp_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 sip_server_packet_t:packet recv;
+ allow $1 smtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sip_server packets.
+## Do not audit attempts to receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78851,17 +81952,17 @@ interface(`corenet_receive_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sip_server_packets',`
+interface(`corenet_dontaudit_receive_smtp_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type smtp_server_packet_t;
')
- dontaudit $1 sip_server_packet_t:packet recv;
+ dontaudit $1 smtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sip_server packets.
+## Send and receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78870,14 +81971,14 @@ interface(`corenet_dontaudit_receive_sip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sip_server_packets',`
- corenet_send_sip_server_packets($1)
- corenet_receive_sip_server_packets($1)
+interface(`corenet_sendrecv_smtp_server_packets',`
+ corenet_send_smtp_server_packets($1)
+ corenet_receive_smtp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sip_server packets.
+## Do not audit attempts to send and receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -78886,14 +81987,14 @@ interface(`corenet_sendrecv_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
- corenet_dontaudit_send_sip_server_packets($1)
- corenet_dontaudit_receive_sip_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
+ corenet_dontaudit_send_smtp_server_packets($1)
+ corenet_dontaudit_receive_smtp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sip_server the packet type.
+## Relabel packets to smtp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -78901,12 +82002,12 @@ interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sip_server_packets',`
+interface(`corenet_relabelto_smtp_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 sip_server_packet_t:packet relabelto;
+ allow $1 smtp_server_packet_t:packet relabelto;
')
@@ -78914,7 +82015,7 @@ interface(`corenet_relabelto_sip_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sixxsconfig port.
+## Send and receive TCP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78923,17 +82024,17 @@ interface(`corenet_relabelto_sip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
+interface(`corenet_tcp_sendrecv_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 snmp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sixxsconfig port.
+## Send UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78942,17 +82043,17 @@ interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sixxsconfig_port',`
+interface(`corenet_udp_send_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket send_msg;
+ allow $1 snmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sixxsconfig port.
+## Do not audit attempts to send UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78961,17 +82062,17 @@ interface(`corenet_udp_send_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
+interface(`corenet_dontaudit_udp_send_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- dontaudit $1 sixxsconfig_port_t:udp_socket send_msg;
+ dontaudit $1 snmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sixxsconfig port.
+## Receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78980,17 +82081,17 @@ interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sixxsconfig_port',`
+interface(`corenet_udp_receive_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket recv_msg;
+ allow $1 snmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sixxsconfig port.
+## Do not audit attempts to receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -78999,17 +82100,17 @@ interface(`corenet_udp_receive_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
+interface(`corenet_dontaudit_udp_receive_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- dontaudit $1 sixxsconfig_port_t:udp_socket recv_msg;
+ dontaudit $1 snmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sixxsconfig port.
+## Send and receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -79018,15 +82119,15 @@ interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sixxsconfig_port',`
- corenet_udp_send_sixxsconfig_port($1)
- corenet_udp_receive_sixxsconfig_port($1)
+interface(`corenet_udp_sendrecv_snmp_port',`
+ corenet_udp_send_snmp_port($1)
+ corenet_udp_receive_snmp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sixxsconfig port.
+## UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -79035,14 +82136,14 @@ interface(`corenet_udp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
- corenet_dontaudit_udp_send_sixxsconfig_port($1)
- corenet_dontaudit_udp_receive_sixxsconfig_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
+ corenet_dontaudit_udp_send_snmp_port($1)
+ corenet_dontaudit_udp_receive_snmp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sixxsconfig port.
+## Bind TCP sockets to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -79051,18 +82152,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sixxsconfig_port',`
+interface(`corenet_tcp_bind_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket name_bind;
-
+ allow $1 snmp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the sixxsconfig port.
+## Bind UDP sockets to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -79071,18 +82172,18 @@ interface(`corenet_tcp_bind_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sixxsconfig_port',`
+interface(`corenet_udp_bind_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket name_bind;
-
+ allow $1 snmp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the sixxsconfig port.
+## Make a TCP connection to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -79090,18 +82191,18 @@ interface(`corenet_udp_bind_sixxsconfig_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sixxsconfig_port',`
+interface(`corenet_tcp_connect_snmp_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type snmp_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket name_connect;
+ allow $1 snmp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sixxsconfig_client packets.
+## Send snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79110,17 +82211,17 @@ interface(`corenet_tcp_connect_sixxsconfig_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sixxsconfig_client_packets',`
+interface(`corenet_send_snmp_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet send;
+ allow $1 snmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sixxsconfig_client packets.
+## Do not audit attempts to send snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79129,17 +82230,17 @@ interface(`corenet_send_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
+interface(`corenet_dontaudit_send_snmp_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type snmp_client_packet_t;
')
- dontaudit $1 sixxsconfig_client_packet_t:packet send;
+ dontaudit $1 snmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sixxsconfig_client packets.
+## Receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79148,17 +82249,17 @@ interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sixxsconfig_client_packets',`
+interface(`corenet_receive_snmp_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet recv;
+ allow $1 snmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sixxsconfig_client packets.
+## Do not audit attempts to receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79167,17 +82268,17 @@ interface(`corenet_receive_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
+interface(`corenet_dontaudit_receive_snmp_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type snmp_client_packet_t;
')
- dontaudit $1 sixxsconfig_client_packet_t:packet recv;
+ dontaudit $1 snmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sixxsconfig_client packets.
+## Send and receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79186,14 +82287,14 @@ interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sixxsconfig_client_packets',`
- corenet_send_sixxsconfig_client_packets($1)
- corenet_receive_sixxsconfig_client_packets($1)
+interface(`corenet_sendrecv_snmp_client_packets',`
+ corenet_send_snmp_client_packets($1)
+ corenet_receive_snmp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sixxsconfig_client packets.
+## Do not audit attempts to send and receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79202,14 +82303,14 @@ interface(`corenet_sendrecv_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
- corenet_dontaudit_send_sixxsconfig_client_packets($1)
- corenet_dontaudit_receive_sixxsconfig_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
+ corenet_dontaudit_send_snmp_client_packets($1)
+ corenet_dontaudit_receive_snmp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sixxsconfig_client the packet type.
+## Relabel packets to snmp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -79217,18 +82318,18 @@ interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sixxsconfig_client_packets',`
+interface(`corenet_relabelto_snmp_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet relabelto;
+ allow $1 snmp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sixxsconfig_server packets.
+## Send snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79237,17 +82338,17 @@ interface(`corenet_relabelto_sixxsconfig_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sixxsconfig_server_packets',`
+interface(`corenet_send_snmp_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet send;
+ allow $1 snmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sixxsconfig_server packets.
+## Do not audit attempts to send snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79256,17 +82357,17 @@ interface(`corenet_send_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
+interface(`corenet_dontaudit_send_snmp_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type snmp_server_packet_t;
')
- dontaudit $1 sixxsconfig_server_packet_t:packet send;
+ dontaudit $1 snmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sixxsconfig_server packets.
+## Receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79275,17 +82376,17 @@ interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sixxsconfig_server_packets',`
+interface(`corenet_receive_snmp_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet recv;
+ allow $1 snmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sixxsconfig_server packets.
+## Do not audit attempts to receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79294,17 +82395,17 @@ interface(`corenet_receive_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
+interface(`corenet_dontaudit_receive_snmp_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type snmp_server_packet_t;
')
- dontaudit $1 sixxsconfig_server_packet_t:packet recv;
+ dontaudit $1 snmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sixxsconfig_server packets.
+## Send and receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79313,14 +82414,14 @@ interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sixxsconfig_server_packets',`
- corenet_send_sixxsconfig_server_packets($1)
- corenet_receive_sixxsconfig_server_packets($1)
+interface(`corenet_sendrecv_snmp_server_packets',`
+ corenet_send_snmp_server_packets($1)
+ corenet_receive_snmp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sixxsconfig_server packets.
+## Do not audit attempts to send and receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79329,14 +82430,14 @@ interface(`corenet_sendrecv_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
- corenet_dontaudit_send_sixxsconfig_server_packets($1)
- corenet_dontaudit_receive_sixxsconfig_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
+ corenet_dontaudit_send_snmp_server_packets($1)
+ corenet_dontaudit_receive_snmp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sixxsconfig_server the packet type.
+## Relabel packets to snmp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -79344,12 +82445,12 @@ interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sixxsconfig_server_packets',`
+interface(`corenet_relabelto_snmp_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet relabelto;
+ allow $1 snmp_server_packet_t:packet relabelto;
')
@@ -79357,7 +82458,7 @@ interface(`corenet_relabelto_sixxsconfig_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the smbd port.
+## Send and receive TCP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79366,17 +82467,17 @@ interface(`corenet_relabelto_sixxsconfig_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_smbd_port',`
+interface(`corenet_tcp_sendrecv_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 socks_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the smbd port.
+## Send UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79385,17 +82486,17 @@ interface(`corenet_tcp_sendrecv_smbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_smbd_port',`
+interface(`corenet_udp_send_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:udp_socket send_msg;
+ allow $1 socks_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the smbd port.
+## Do not audit attempts to send UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79404,17 +82505,17 @@ interface(`corenet_udp_send_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_smbd_port',`
+interface(`corenet_dontaudit_udp_send_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- dontaudit $1 smbd_port_t:udp_socket send_msg;
+ dontaudit $1 socks_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the smbd port.
+## Receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79423,17 +82524,17 @@ interface(`corenet_dontaudit_udp_send_smbd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_smbd_port',`
+interface(`corenet_udp_receive_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:udp_socket recv_msg;
+ allow $1 socks_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the smbd port.
+## Do not audit attempts to receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79442,17 +82543,17 @@ interface(`corenet_udp_receive_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_smbd_port',`
+interface(`corenet_dontaudit_udp_receive_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- dontaudit $1 smbd_port_t:udp_socket recv_msg;
+ dontaudit $1 socks_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the smbd port.
+## Send and receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79461,15 +82562,15 @@ interface(`corenet_dontaudit_udp_receive_smbd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_smbd_port',`
- corenet_udp_send_smbd_port($1)
- corenet_udp_receive_smbd_port($1)
+interface(`corenet_udp_sendrecv_socks_port',`
+ corenet_udp_send_socks_port($1)
+ corenet_udp_receive_socks_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the smbd port.
+## UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79478,14 +82579,14 @@ interface(`corenet_udp_sendrecv_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
- corenet_dontaudit_udp_send_smbd_port($1)
- corenet_dontaudit_udp_receive_smbd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
+ corenet_dontaudit_udp_send_socks_port($1)
+ corenet_dontaudit_udp_receive_socks_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the smbd port.
+## Bind TCP sockets to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79494,18 +82595,18 @@ interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_smbd_port',`
+interface(`corenet_tcp_bind_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 socks_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the smbd port.
+## Bind UDP sockets to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79514,18 +82615,18 @@ interface(`corenet_tcp_bind_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_smbd_port',`
+interface(`corenet_udp_bind_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 socks_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the smbd port.
+## Make a TCP connection to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -79533,18 +82634,18 @@ interface(`corenet_udp_bind_smbd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_smbd_port',`
+interface(`corenet_tcp_connect_socks_port',`
gen_require(`
- type smbd_port_t;
+ type socks_port_t;
')
- allow $1 smbd_port_t:tcp_socket name_connect;
+ allow $1 socks_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send smbd_client packets.
+## Send socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79553,17 +82654,17 @@ interface(`corenet_tcp_connect_smbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smbd_client_packets',`
+interface(`corenet_send_socks_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet send;
+ allow $1 socks_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smbd_client packets.
+## Do not audit attempts to send socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79572,17 +82673,17 @@ interface(`corenet_send_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smbd_client_packets',`
+interface(`corenet_dontaudit_send_socks_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type socks_client_packet_t;
')
- dontaudit $1 smbd_client_packet_t:packet send;
+ dontaudit $1 socks_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive smbd_client packets.
+## Receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79591,17 +82692,17 @@ interface(`corenet_dontaudit_send_smbd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smbd_client_packets',`
+interface(`corenet_receive_socks_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet recv;
+ allow $1 socks_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smbd_client packets.
+## Do not audit attempts to receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79610,17 +82711,17 @@ interface(`corenet_receive_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smbd_client_packets',`
+interface(`corenet_dontaudit_receive_socks_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type socks_client_packet_t;
')
- dontaudit $1 smbd_client_packet_t:packet recv;
+ dontaudit $1 socks_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smbd_client packets.
+## Send and receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79629,14 +82730,14 @@ interface(`corenet_dontaudit_receive_smbd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smbd_client_packets',`
- corenet_send_smbd_client_packets($1)
- corenet_receive_smbd_client_packets($1)
+interface(`corenet_sendrecv_socks_client_packets',`
+ corenet_send_socks_client_packets($1)
+ corenet_receive_socks_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smbd_client packets.
+## Do not audit attempts to send and receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79645,14 +82746,14 @@ interface(`corenet_sendrecv_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
- corenet_dontaudit_send_smbd_client_packets($1)
- corenet_dontaudit_receive_smbd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
+ corenet_dontaudit_send_socks_client_packets($1)
+ corenet_dontaudit_receive_socks_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to smbd_client the packet type.
+## Relabel packets to socks_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -79660,18 +82761,18 @@ interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smbd_client_packets',`
+interface(`corenet_relabelto_socks_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet relabelto;
+ allow $1 socks_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send smbd_server packets.
+## Send socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79680,17 +82781,17 @@ interface(`corenet_relabelto_smbd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smbd_server_packets',`
+interface(`corenet_send_socks_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet send;
+ allow $1 socks_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smbd_server packets.
+## Do not audit attempts to send socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79699,17 +82800,17 @@ interface(`corenet_send_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smbd_server_packets',`
+interface(`corenet_dontaudit_send_socks_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type socks_server_packet_t;
')
- dontaudit $1 smbd_server_packet_t:packet send;
+ dontaudit $1 socks_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive smbd_server packets.
+## Receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79718,17 +82819,17 @@ interface(`corenet_dontaudit_send_smbd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smbd_server_packets',`
+interface(`corenet_receive_socks_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet recv;
+ allow $1 socks_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smbd_server packets.
+## Do not audit attempts to receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79737,17 +82838,17 @@ interface(`corenet_receive_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smbd_server_packets',`
+interface(`corenet_dontaudit_receive_socks_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type socks_server_packet_t;
')
- dontaudit $1 smbd_server_packet_t:packet recv;
+ dontaudit $1 socks_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smbd_server packets.
+## Send and receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79756,14 +82857,14 @@ interface(`corenet_dontaudit_receive_smbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smbd_server_packets',`
- corenet_send_smbd_server_packets($1)
- corenet_receive_smbd_server_packets($1)
+interface(`corenet_sendrecv_socks_server_packets',`
+ corenet_send_socks_server_packets($1)
+ corenet_receive_socks_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smbd_server packets.
+## Do not audit attempts to send and receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79772,14 +82873,14 @@ interface(`corenet_sendrecv_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
- corenet_dontaudit_send_smbd_server_packets($1)
- corenet_dontaudit_receive_smbd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
+ corenet_dontaudit_send_socks_server_packets($1)
+ corenet_dontaudit_receive_socks_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to smbd_server the packet type.
+## Relabel packets to socks_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -79787,20 +82888,20 @@ interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smbd_server_packets',`
+interface(`corenet_relabelto_socks_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet relabelto;
+ allow $1 socks_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the smtp port.
+## Send and receive TCP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79809,17 +82910,17 @@ interface(`corenet_relabelto_smbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_smtp_port',`
+interface(`corenet_tcp_sendrecv_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 soundd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the smtp port.
+## Send UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79828,17 +82929,17 @@ interface(`corenet_tcp_sendrecv_smtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_smtp_port',`
+interface(`corenet_udp_send_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:udp_socket send_msg;
+ allow $1 soundd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the smtp port.
+## Do not audit attempts to send UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79847,17 +82948,17 @@ interface(`corenet_udp_send_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_smtp_port',`
+interface(`corenet_dontaudit_udp_send_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- dontaudit $1 smtp_port_t:udp_socket send_msg;
+ dontaudit $1 soundd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the smtp port.
+## Receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79866,17 +82967,17 @@ interface(`corenet_dontaudit_udp_send_smtp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_smtp_port',`
+interface(`corenet_udp_receive_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:udp_socket recv_msg;
+ allow $1 soundd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the smtp port.
+## Do not audit attempts to receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79885,17 +82986,17 @@ interface(`corenet_udp_receive_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_smtp_port',`
+interface(`corenet_dontaudit_udp_receive_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- dontaudit $1 smtp_port_t:udp_socket recv_msg;
+ dontaudit $1 soundd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the smtp port.
+## Send and receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79904,15 +83005,15 @@ interface(`corenet_dontaudit_udp_receive_smtp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_smtp_port',`
- corenet_udp_send_smtp_port($1)
- corenet_udp_receive_smtp_port($1)
+interface(`corenet_udp_sendrecv_soundd_port',`
+ corenet_udp_send_soundd_port($1)
+ corenet_udp_receive_soundd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the smtp port.
+## UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79921,14 +83022,14 @@ interface(`corenet_udp_sendrecv_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
- corenet_dontaudit_udp_send_smtp_port($1)
- corenet_dontaudit_udp_receive_smtp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
+ corenet_dontaudit_udp_send_soundd_port($1)
+ corenet_dontaudit_udp_receive_soundd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the smtp port.
+## Bind TCP sockets to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79937,18 +83038,18 @@ interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_smtp_port',`
+interface(`corenet_tcp_bind_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 soundd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the smtp port.
+## Bind UDP sockets to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79957,18 +83058,18 @@ interface(`corenet_tcp_bind_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_smtp_port',`
+interface(`corenet_udp_bind_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 soundd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the smtp port.
+## Make a TCP connection to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -79976,18 +83077,18 @@ interface(`corenet_udp_bind_smtp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_smtp_port',`
+interface(`corenet_tcp_connect_soundd_port',`
gen_require(`
- type smtp_port_t;
+ type soundd_port_t;
')
- allow $1 smtp_port_t:tcp_socket name_connect;
+ allow $1 soundd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send smtp_client packets.
+## Send soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -79996,17 +83097,17 @@ interface(`corenet_tcp_connect_smtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smtp_client_packets',`
+interface(`corenet_send_soundd_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet send;
+ allow $1 soundd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smtp_client packets.
+## Do not audit attempts to send soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80015,17 +83116,17 @@ interface(`corenet_send_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smtp_client_packets',`
+interface(`corenet_dontaudit_send_soundd_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type soundd_client_packet_t;
')
- dontaudit $1 smtp_client_packet_t:packet send;
+ dontaudit $1 soundd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive smtp_client packets.
+## Receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80034,17 +83135,17 @@ interface(`corenet_dontaudit_send_smtp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smtp_client_packets',`
+interface(`corenet_receive_soundd_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet recv;
+ allow $1 soundd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smtp_client packets.
+## Do not audit attempts to receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80053,17 +83154,17 @@ interface(`corenet_receive_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smtp_client_packets',`
+interface(`corenet_dontaudit_receive_soundd_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type soundd_client_packet_t;
')
- dontaudit $1 smtp_client_packet_t:packet recv;
+ dontaudit $1 soundd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smtp_client packets.
+## Send and receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80072,14 +83173,14 @@ interface(`corenet_dontaudit_receive_smtp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smtp_client_packets',`
- corenet_send_smtp_client_packets($1)
- corenet_receive_smtp_client_packets($1)
+interface(`corenet_sendrecv_soundd_client_packets',`
+ corenet_send_soundd_client_packets($1)
+ corenet_receive_soundd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smtp_client packets.
+## Do not audit attempts to send and receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80088,14 +83189,14 @@ interface(`corenet_sendrecv_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
- corenet_dontaudit_send_smtp_client_packets($1)
- corenet_dontaudit_receive_smtp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
+ corenet_dontaudit_send_soundd_client_packets($1)
+ corenet_dontaudit_receive_soundd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to smtp_client the packet type.
+## Relabel packets to soundd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -80103,18 +83204,18 @@ interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smtp_client_packets',`
+interface(`corenet_relabelto_soundd_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet relabelto;
+ allow $1 soundd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send smtp_server packets.
+## Send soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80123,17 +83224,17 @@ interface(`corenet_relabelto_smtp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smtp_server_packets',`
+interface(`corenet_send_soundd_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet send;
+ allow $1 soundd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smtp_server packets.
+## Do not audit attempts to send soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80142,17 +83243,17 @@ interface(`corenet_send_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smtp_server_packets',`
+interface(`corenet_dontaudit_send_soundd_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type soundd_server_packet_t;
')
- dontaudit $1 smtp_server_packet_t:packet send;
+ dontaudit $1 soundd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive smtp_server packets.
+## Receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80161,17 +83262,17 @@ interface(`corenet_dontaudit_send_smtp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smtp_server_packets',`
+interface(`corenet_receive_soundd_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet recv;
+ allow $1 soundd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smtp_server packets.
+## Do not audit attempts to receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80180,17 +83281,17 @@ interface(`corenet_receive_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smtp_server_packets',`
+interface(`corenet_dontaudit_receive_soundd_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type soundd_server_packet_t;
')
- dontaudit $1 smtp_server_packet_t:packet recv;
+ dontaudit $1 soundd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smtp_server packets.
+## Send and receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80199,14 +83300,14 @@ interface(`corenet_dontaudit_receive_smtp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smtp_server_packets',`
- corenet_send_smtp_server_packets($1)
- corenet_receive_smtp_server_packets($1)
+interface(`corenet_sendrecv_soundd_server_packets',`
+ corenet_send_soundd_server_packets($1)
+ corenet_receive_soundd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smtp_server packets.
+## Do not audit attempts to send and receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80215,14 +83316,14 @@ interface(`corenet_sendrecv_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
- corenet_dontaudit_send_smtp_server_packets($1)
- corenet_dontaudit_receive_smtp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
+ corenet_dontaudit_send_soundd_server_packets($1)
+ corenet_dontaudit_receive_soundd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to smtp_server the packet type.
+## Relabel packets to soundd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -80230,12 +83331,12 @@ interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smtp_server_packets',`
+interface(`corenet_relabelto_soundd_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet relabelto;
+ allow $1 soundd_server_packet_t:packet relabelto;
')
@@ -80243,7 +83344,7 @@ interface(`corenet_relabelto_smtp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the snmp port.
+## Send and receive TCP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80252,17 +83353,17 @@ interface(`corenet_relabelto_smtp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_snmp_port',`
+interface(`corenet_tcp_sendrecv_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 spamd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the snmp port.
+## Send UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80271,17 +83372,17 @@ interface(`corenet_tcp_sendrecv_snmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_snmp_port',`
+interface(`corenet_udp_send_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:udp_socket send_msg;
+ allow $1 spamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the snmp port.
+## Do not audit attempts to send UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80290,17 +83391,17 @@ interface(`corenet_udp_send_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_snmp_port',`
+interface(`corenet_dontaudit_udp_send_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- dontaudit $1 snmp_port_t:udp_socket send_msg;
+ dontaudit $1 spamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the snmp port.
+## Receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80309,17 +83410,17 @@ interface(`corenet_dontaudit_udp_send_snmp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_snmp_port',`
+interface(`corenet_udp_receive_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:udp_socket recv_msg;
+ allow $1 spamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the snmp port.
+## Do not audit attempts to receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80328,17 +83429,17 @@ interface(`corenet_udp_receive_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_snmp_port',`
+interface(`corenet_dontaudit_udp_receive_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- dontaudit $1 snmp_port_t:udp_socket recv_msg;
+ dontaudit $1 spamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the snmp port.
+## Send and receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80347,15 +83448,15 @@ interface(`corenet_dontaudit_udp_receive_snmp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_snmp_port',`
- corenet_udp_send_snmp_port($1)
- corenet_udp_receive_snmp_port($1)
+interface(`corenet_udp_sendrecv_spamd_port',`
+ corenet_udp_send_spamd_port($1)
+ corenet_udp_receive_spamd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the snmp port.
+## UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80364,14 +83465,14 @@ interface(`corenet_udp_sendrecv_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
- corenet_dontaudit_udp_send_snmp_port($1)
- corenet_dontaudit_udp_receive_snmp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
+ corenet_dontaudit_udp_send_spamd_port($1)
+ corenet_dontaudit_udp_receive_spamd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the snmp port.
+## Bind TCP sockets to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80380,18 +83481,18 @@ interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_snmp_port',`
+interface(`corenet_tcp_bind_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:tcp_socket name_bind;
+ allow $1 spamd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the snmp port.
+## Bind UDP sockets to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80400,18 +83501,18 @@ interface(`corenet_tcp_bind_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_snmp_port',`
+interface(`corenet_udp_bind_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:udp_socket name_bind;
+ allow $1 spamd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the snmp port.
+## Make a TCP connection to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -80419,18 +83520,18 @@ interface(`corenet_udp_bind_snmp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_snmp_port',`
+interface(`corenet_tcp_connect_spamd_port',`
gen_require(`
- type snmp_port_t;
+ type spamd_port_t;
')
- allow $1 snmp_port_t:tcp_socket name_connect;
+ allow $1 spamd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send snmp_client packets.
+## Send spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80439,17 +83540,17 @@ interface(`corenet_tcp_connect_snmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_snmp_client_packets',`
+interface(`corenet_send_spamd_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet send;
+ allow $1 spamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send snmp_client packets.
+## Do not audit attempts to send spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80458,17 +83559,17 @@ interface(`corenet_send_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_snmp_client_packets',`
+interface(`corenet_dontaudit_send_spamd_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type spamd_client_packet_t;
')
- dontaudit $1 snmp_client_packet_t:packet send;
+ dontaudit $1 spamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive snmp_client packets.
+## Receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80477,17 +83578,17 @@ interface(`corenet_dontaudit_send_snmp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_snmp_client_packets',`
+interface(`corenet_receive_spamd_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet recv;
+ allow $1 spamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive snmp_client packets.
+## Do not audit attempts to receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80496,17 +83597,17 @@ interface(`corenet_receive_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_snmp_client_packets',`
+interface(`corenet_dontaudit_receive_spamd_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type spamd_client_packet_t;
')
- dontaudit $1 snmp_client_packet_t:packet recv;
+ dontaudit $1 spamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive snmp_client packets.
+## Send and receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80515,14 +83616,14 @@ interface(`corenet_dontaudit_receive_snmp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_snmp_client_packets',`
- corenet_send_snmp_client_packets($1)
- corenet_receive_snmp_client_packets($1)
+interface(`corenet_sendrecv_spamd_client_packets',`
+ corenet_send_spamd_client_packets($1)
+ corenet_receive_spamd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive snmp_client packets.
+## Do not audit attempts to send and receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80531,14 +83632,14 @@ interface(`corenet_sendrecv_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
- corenet_dontaudit_send_snmp_client_packets($1)
- corenet_dontaudit_receive_snmp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
+ corenet_dontaudit_send_spamd_client_packets($1)
+ corenet_dontaudit_receive_spamd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to snmp_client the packet type.
+## Relabel packets to spamd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -80546,18 +83647,18 @@ interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_snmp_client_packets',`
+interface(`corenet_relabelto_spamd_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet relabelto;
+ allow $1 spamd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send snmp_server packets.
+## Send spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80566,17 +83667,17 @@ interface(`corenet_relabelto_snmp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_snmp_server_packets',`
+interface(`corenet_send_spamd_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet send;
+ allow $1 spamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send snmp_server packets.
+## Do not audit attempts to send spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80585,17 +83686,17 @@ interface(`corenet_send_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_snmp_server_packets',`
+interface(`corenet_dontaudit_send_spamd_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type spamd_server_packet_t;
')
- dontaudit $1 snmp_server_packet_t:packet send;
+ dontaudit $1 spamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive snmp_server packets.
+## Receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80604,17 +83705,17 @@ interface(`corenet_dontaudit_send_snmp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_snmp_server_packets',`
+interface(`corenet_receive_spamd_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet recv;
+ allow $1 spamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive snmp_server packets.
+## Do not audit attempts to receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80623,17 +83724,17 @@ interface(`corenet_receive_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_snmp_server_packets',`
+interface(`corenet_dontaudit_receive_spamd_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type spamd_server_packet_t;
')
- dontaudit $1 snmp_server_packet_t:packet recv;
+ dontaudit $1 spamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive snmp_server packets.
+## Send and receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80642,14 +83743,14 @@ interface(`corenet_dontaudit_receive_snmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_snmp_server_packets',`
- corenet_send_snmp_server_packets($1)
- corenet_receive_snmp_server_packets($1)
+interface(`corenet_sendrecv_spamd_server_packets',`
+ corenet_send_spamd_server_packets($1)
+ corenet_receive_spamd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive snmp_server packets.
+## Do not audit attempts to send and receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80658,14 +83759,14 @@ interface(`corenet_sendrecv_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
- corenet_dontaudit_send_snmp_server_packets($1)
- corenet_dontaudit_receive_snmp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
+ corenet_dontaudit_send_spamd_server_packets($1)
+ corenet_dontaudit_receive_spamd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to snmp_server the packet type.
+## Relabel packets to spamd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -80673,12 +83774,12 @@ interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_snmp_server_packets',`
+interface(`corenet_relabelto_spamd_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet relabelto;
+ allow $1 spamd_server_packet_t:packet relabelto;
')
@@ -80686,7 +83787,7 @@ interface(`corenet_relabelto_snmp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the socks port.
+## Send and receive TCP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80695,17 +83796,17 @@ interface(`corenet_relabelto_snmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_socks_port',`
+interface(`corenet_tcp_sendrecv_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 speech_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the socks port.
+## Send UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80714,17 +83815,17 @@ interface(`corenet_tcp_sendrecv_socks_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_socks_port',`
+interface(`corenet_udp_send_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:udp_socket send_msg;
+ allow $1 speech_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the socks port.
+## Do not audit attempts to send UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80733,17 +83834,17 @@ interface(`corenet_udp_send_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_socks_port',`
+interface(`corenet_dontaudit_udp_send_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- dontaudit $1 socks_port_t:udp_socket send_msg;
+ dontaudit $1 speech_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the socks port.
+## Receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80752,17 +83853,17 @@ interface(`corenet_dontaudit_udp_send_socks_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_socks_port',`
+interface(`corenet_udp_receive_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:udp_socket recv_msg;
+ allow $1 speech_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the socks port.
+## Do not audit attempts to receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80771,17 +83872,17 @@ interface(`corenet_udp_receive_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_socks_port',`
+interface(`corenet_dontaudit_udp_receive_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- dontaudit $1 socks_port_t:udp_socket recv_msg;
+ dontaudit $1 speech_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the socks port.
+## Send and receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80790,15 +83891,15 @@ interface(`corenet_dontaudit_udp_receive_socks_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_socks_port',`
- corenet_udp_send_socks_port($1)
- corenet_udp_receive_socks_port($1)
+interface(`corenet_udp_sendrecv_speech_port',`
+ corenet_udp_send_speech_port($1)
+ corenet_udp_receive_speech_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the socks port.
+## UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80807,14 +83908,14 @@ interface(`corenet_udp_sendrecv_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
- corenet_dontaudit_udp_send_socks_port($1)
- corenet_dontaudit_udp_receive_socks_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
+ corenet_dontaudit_udp_send_speech_port($1)
+ corenet_dontaudit_udp_receive_speech_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the socks port.
+## Bind TCP sockets to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80823,18 +83924,18 @@ interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_socks_port',`
+interface(`corenet_tcp_bind_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:tcp_socket name_bind;
+ allow $1 speech_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the socks port.
+## Bind UDP sockets to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80843,18 +83944,18 @@ interface(`corenet_tcp_bind_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_socks_port',`
+interface(`corenet_udp_bind_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:udp_socket name_bind;
+ allow $1 speech_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the socks port.
+## Make a TCP connection to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -80862,18 +83963,18 @@ interface(`corenet_udp_bind_socks_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_socks_port',`
+interface(`corenet_tcp_connect_speech_port',`
gen_require(`
- type socks_port_t;
+ type speech_port_t;
')
- allow $1 socks_port_t:tcp_socket name_connect;
+ allow $1 speech_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send socks_client packets.
+## Send speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80882,17 +83983,17 @@ interface(`corenet_tcp_connect_socks_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_socks_client_packets',`
+interface(`corenet_send_speech_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 socks_client_packet_t:packet send;
+ allow $1 speech_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send socks_client packets.
+## Do not audit attempts to send speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80901,17 +84002,17 @@ interface(`corenet_send_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_socks_client_packets',`
+interface(`corenet_dontaudit_send_speech_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type speech_client_packet_t;
')
- dontaudit $1 socks_client_packet_t:packet send;
+ dontaudit $1 speech_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive socks_client packets.
+## Receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80920,17 +84021,17 @@ interface(`corenet_dontaudit_send_socks_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_socks_client_packets',`
+interface(`corenet_receive_speech_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 socks_client_packet_t:packet recv;
+ allow $1 speech_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive socks_client packets.
+## Do not audit attempts to receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80939,17 +84040,17 @@ interface(`corenet_receive_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_socks_client_packets',`
+interface(`corenet_dontaudit_receive_speech_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type speech_client_packet_t;
')
- dontaudit $1 socks_client_packet_t:packet recv;
+ dontaudit $1 speech_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive socks_client packets.
+## Send and receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80958,14 +84059,14 @@ interface(`corenet_dontaudit_receive_socks_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_socks_client_packets',`
- corenet_send_socks_client_packets($1)
- corenet_receive_socks_client_packets($1)
+interface(`corenet_sendrecv_speech_client_packets',`
+ corenet_send_speech_client_packets($1)
+ corenet_receive_speech_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive socks_client packets.
+## Do not audit attempts to send and receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -80974,14 +84075,14 @@ interface(`corenet_sendrecv_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
- corenet_dontaudit_send_socks_client_packets($1)
- corenet_dontaudit_receive_socks_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
+ corenet_dontaudit_send_speech_client_packets($1)
+ corenet_dontaudit_receive_speech_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to socks_client the packet type.
+## Relabel packets to speech_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -80989,18 +84090,18 @@ interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_socks_client_packets',`
+interface(`corenet_relabelto_speech_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 socks_client_packet_t:packet relabelto;
+ allow $1 speech_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send socks_server packets.
+## Send speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81009,17 +84110,17 @@ interface(`corenet_relabelto_socks_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_socks_server_packets',`
+interface(`corenet_send_speech_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 socks_server_packet_t:packet send;
+ allow $1 speech_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send socks_server packets.
+## Do not audit attempts to send speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81028,17 +84129,17 @@ interface(`corenet_send_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_socks_server_packets',`
+interface(`corenet_dontaudit_send_speech_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type speech_server_packet_t;
')
- dontaudit $1 socks_server_packet_t:packet send;
+ dontaudit $1 speech_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive socks_server packets.
+## Receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81047,17 +84148,17 @@ interface(`corenet_dontaudit_send_socks_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_socks_server_packets',`
+interface(`corenet_receive_speech_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 socks_server_packet_t:packet recv;
+ allow $1 speech_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive socks_server packets.
+## Do not audit attempts to receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81066,17 +84167,17 @@ interface(`corenet_receive_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_socks_server_packets',`
+interface(`corenet_dontaudit_receive_speech_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type speech_server_packet_t;
')
- dontaudit $1 socks_server_packet_t:packet recv;
+ dontaudit $1 speech_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive socks_server packets.
+## Send and receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81085,14 +84186,14 @@ interface(`corenet_dontaudit_receive_socks_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_socks_server_packets',`
- corenet_send_socks_server_packets($1)
- corenet_receive_socks_server_packets($1)
+interface(`corenet_sendrecv_speech_server_packets',`
+ corenet_send_speech_server_packets($1)
+ corenet_receive_speech_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive socks_server packets.
+## Do not audit attempts to send and receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81101,14 +84202,14 @@ interface(`corenet_sendrecv_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
- corenet_dontaudit_send_socks_server_packets($1)
- corenet_dontaudit_receive_socks_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
+ corenet_dontaudit_send_speech_server_packets($1)
+ corenet_dontaudit_receive_speech_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to socks_server the packet type.
+## Relabel packets to speech_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -81116,20 +84217,20 @@ interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_socks_server_packets',`
+interface(`corenet_relabelto_speech_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 socks_server_packet_t:packet relabelto;
+ allow $1 speech_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the soundd port.
+## Send and receive TCP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81138,17 +84239,17 @@ interface(`corenet_relabelto_socks_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_soundd_port',`
+interface(`corenet_tcp_sendrecv_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 squid_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the soundd port.
+## Send UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81157,17 +84258,17 @@ interface(`corenet_tcp_sendrecv_soundd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_soundd_port',`
+interface(`corenet_udp_send_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:udp_socket send_msg;
+ allow $1 squid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the soundd port.
+## Do not audit attempts to send UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81176,17 +84277,17 @@ interface(`corenet_udp_send_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_soundd_port',`
+interface(`corenet_dontaudit_udp_send_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- dontaudit $1 soundd_port_t:udp_socket send_msg;
+ dontaudit $1 squid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the soundd port.
+## Receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81195,17 +84296,17 @@ interface(`corenet_dontaudit_udp_send_soundd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_soundd_port',`
+interface(`corenet_udp_receive_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:udp_socket recv_msg;
+ allow $1 squid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the soundd port.
+## Do not audit attempts to receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81214,17 +84315,17 @@ interface(`corenet_udp_receive_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_soundd_port',`
+interface(`corenet_dontaudit_udp_receive_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- dontaudit $1 soundd_port_t:udp_socket recv_msg;
+ dontaudit $1 squid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the soundd port.
+## Send and receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81233,15 +84334,15 @@ interface(`corenet_dontaudit_udp_receive_soundd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_soundd_port',`
- corenet_udp_send_soundd_port($1)
- corenet_udp_receive_soundd_port($1)
+interface(`corenet_udp_sendrecv_squid_port',`
+ corenet_udp_send_squid_port($1)
+ corenet_udp_receive_squid_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the soundd port.
+## UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81250,14 +84351,14 @@ interface(`corenet_udp_sendrecv_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
- corenet_dontaudit_udp_send_soundd_port($1)
- corenet_dontaudit_udp_receive_soundd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
+ corenet_dontaudit_udp_send_squid_port($1)
+ corenet_dontaudit_udp_receive_squid_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the soundd port.
+## Bind TCP sockets to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81266,18 +84367,18 @@ interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_soundd_port',`
+interface(`corenet_tcp_bind_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:tcp_socket name_bind;
+ allow $1 squid_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the soundd port.
+## Bind UDP sockets to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81286,18 +84387,18 @@ interface(`corenet_tcp_bind_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_soundd_port',`
+interface(`corenet_udp_bind_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:udp_socket name_bind;
+ allow $1 squid_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the soundd port.
+## Make a TCP connection to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -81305,18 +84406,18 @@ interface(`corenet_udp_bind_soundd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_soundd_port',`
+interface(`corenet_tcp_connect_squid_port',`
gen_require(`
- type soundd_port_t;
+ type squid_port_t;
')
- allow $1 soundd_port_t:tcp_socket name_connect;
+ allow $1 squid_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send soundd_client packets.
+## Send squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81325,17 +84426,17 @@ interface(`corenet_tcp_connect_soundd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_soundd_client_packets',`
+interface(`corenet_send_squid_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet send;
+ allow $1 squid_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send soundd_client packets.
+## Do not audit attempts to send squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81344,17 +84445,17 @@ interface(`corenet_send_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_soundd_client_packets',`
+interface(`corenet_dontaudit_send_squid_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type squid_client_packet_t;
')
- dontaudit $1 soundd_client_packet_t:packet send;
+ dontaudit $1 squid_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive soundd_client packets.
+## Receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81363,17 +84464,17 @@ interface(`corenet_dontaudit_send_soundd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_soundd_client_packets',`
+interface(`corenet_receive_squid_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet recv;
+ allow $1 squid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive soundd_client packets.
+## Do not audit attempts to receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81382,17 +84483,17 @@ interface(`corenet_receive_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_soundd_client_packets',`
+interface(`corenet_dontaudit_receive_squid_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type squid_client_packet_t;
')
- dontaudit $1 soundd_client_packet_t:packet recv;
+ dontaudit $1 squid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive soundd_client packets.
+## Send and receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81401,14 +84502,14 @@ interface(`corenet_dontaudit_receive_soundd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_soundd_client_packets',`
- corenet_send_soundd_client_packets($1)
- corenet_receive_soundd_client_packets($1)
+interface(`corenet_sendrecv_squid_client_packets',`
+ corenet_send_squid_client_packets($1)
+ corenet_receive_squid_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive soundd_client packets.
+## Do not audit attempts to send and receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81417,14 +84518,14 @@ interface(`corenet_sendrecv_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
- corenet_dontaudit_send_soundd_client_packets($1)
- corenet_dontaudit_receive_soundd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
+ corenet_dontaudit_send_squid_client_packets($1)
+ corenet_dontaudit_receive_squid_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to soundd_client the packet type.
+## Relabel packets to squid_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -81432,18 +84533,18 @@ interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_soundd_client_packets',`
+interface(`corenet_relabelto_squid_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet relabelto;
+ allow $1 squid_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send soundd_server packets.
+## Send squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81452,17 +84553,17 @@ interface(`corenet_relabelto_soundd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_soundd_server_packets',`
+interface(`corenet_send_squid_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet send;
+ allow $1 squid_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send soundd_server packets.
+## Do not audit attempts to send squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81471,17 +84572,17 @@ interface(`corenet_send_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_soundd_server_packets',`
+interface(`corenet_dontaudit_send_squid_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type squid_server_packet_t;
')
- dontaudit $1 soundd_server_packet_t:packet send;
+ dontaudit $1 squid_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive soundd_server packets.
+## Receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81490,17 +84591,17 @@ interface(`corenet_dontaudit_send_soundd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_soundd_server_packets',`
+interface(`corenet_receive_squid_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet recv;
+ allow $1 squid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive soundd_server packets.
+## Do not audit attempts to receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81509,17 +84610,17 @@ interface(`corenet_receive_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_soundd_server_packets',`
+interface(`corenet_dontaudit_receive_squid_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type squid_server_packet_t;
')
- dontaudit $1 soundd_server_packet_t:packet recv;
+ dontaudit $1 squid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive soundd_server packets.
+## Send and receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81528,14 +84629,14 @@ interface(`corenet_dontaudit_receive_soundd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_soundd_server_packets',`
- corenet_send_soundd_server_packets($1)
- corenet_receive_soundd_server_packets($1)
+interface(`corenet_sendrecv_squid_server_packets',`
+ corenet_send_squid_server_packets($1)
+ corenet_receive_squid_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive soundd_server packets.
+## Do not audit attempts to send and receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81544,14 +84645,14 @@ interface(`corenet_sendrecv_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
- corenet_dontaudit_send_soundd_server_packets($1)
- corenet_dontaudit_receive_soundd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
+ corenet_dontaudit_send_squid_server_packets($1)
+ corenet_dontaudit_receive_squid_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to soundd_server the packet type.
+## Relabel packets to squid_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -81559,20 +84660,20 @@ interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_soundd_server_packets',`
+interface(`corenet_relabelto_squid_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet relabelto;
+ allow $1 squid_server_packet_t:packet relabelto;
')
-
+ # snmp and htcp
########################################
## <summary>
-## Send and receive TCP traffic on the spamd port.
+## Send and receive TCP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81581,17 +84682,17 @@ interface(`corenet_relabelto_soundd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_spamd_port',`
+interface(`corenet_tcp_sendrecv_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ssdp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the spamd port.
+## Send UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81600,17 +84701,17 @@ interface(`corenet_tcp_sendrecv_spamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_spamd_port',`
+interface(`corenet_udp_send_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:udp_socket send_msg;
+ allow $1 ssdp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the spamd port.
+## Do not audit attempts to send UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81619,17 +84720,17 @@ interface(`corenet_udp_send_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_spamd_port',`
+interface(`corenet_dontaudit_udp_send_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- dontaudit $1 spamd_port_t:udp_socket send_msg;
+ dontaudit $1 ssdp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the spamd port.
+## Receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81638,17 +84739,17 @@ interface(`corenet_dontaudit_udp_send_spamd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_spamd_port',`
+interface(`corenet_udp_receive_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:udp_socket recv_msg;
+ allow $1 ssdp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the spamd port.
+## Do not audit attempts to receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81657,17 +84758,17 @@ interface(`corenet_udp_receive_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_spamd_port',`
+interface(`corenet_dontaudit_udp_receive_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- dontaudit $1 spamd_port_t:udp_socket recv_msg;
+ dontaudit $1 ssdp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the spamd port.
+## Send and receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81676,15 +84777,15 @@ interface(`corenet_dontaudit_udp_receive_spamd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_spamd_port',`
- corenet_udp_send_spamd_port($1)
- corenet_udp_receive_spamd_port($1)
+interface(`corenet_udp_sendrecv_ssdp_port',`
+ corenet_udp_send_ssdp_port($1)
+ corenet_udp_receive_ssdp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the spamd port.
+## UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81693,14 +84794,14 @@ interface(`corenet_udp_sendrecv_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
- corenet_dontaudit_udp_send_spamd_port($1)
- corenet_dontaudit_udp_receive_spamd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ssdp_port',`
+ corenet_dontaudit_udp_send_ssdp_port($1)
+ corenet_dontaudit_udp_receive_ssdp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the spamd port.
+## Bind TCP sockets to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81709,18 +84810,18 @@ interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_spamd_port',`
+interface(`corenet_tcp_bind_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ssdp_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the spamd port.
+## Bind UDP sockets to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81729,18 +84830,18 @@ interface(`corenet_tcp_bind_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_spamd_port',`
+interface(`corenet_udp_bind_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ssdp_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the spamd port.
+## Make a TCP connection to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -81748,18 +84849,18 @@ interface(`corenet_udp_bind_spamd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_spamd_port',`
+interface(`corenet_tcp_connect_ssdp_port',`
gen_require(`
- type spamd_port_t;
+ type ssdp_port_t;
')
- allow $1 spamd_port_t:tcp_socket name_connect;
+ allow $1 ssdp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send spamd_client packets.
+## Send ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81768,17 +84869,17 @@ interface(`corenet_tcp_connect_spamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_spamd_client_packets',`
+interface(`corenet_send_ssdp_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet send;
+ allow $1 ssdp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send spamd_client packets.
+## Do not audit attempts to send ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81787,17 +84888,17 @@ interface(`corenet_send_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_spamd_client_packets',`
+interface(`corenet_dontaudit_send_ssdp_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type ssdp_client_packet_t;
')
- dontaudit $1 spamd_client_packet_t:packet send;
+ dontaudit $1 ssdp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive spamd_client packets.
+## Receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81806,17 +84907,17 @@ interface(`corenet_dontaudit_send_spamd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_spamd_client_packets',`
+interface(`corenet_receive_ssdp_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet recv;
+ allow $1 ssdp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive spamd_client packets.
+## Do not audit attempts to receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81825,17 +84926,17 @@ interface(`corenet_receive_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_spamd_client_packets',`
+interface(`corenet_dontaudit_receive_ssdp_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type ssdp_client_packet_t;
')
- dontaudit $1 spamd_client_packet_t:packet recv;
+ dontaudit $1 ssdp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive spamd_client packets.
+## Send and receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81844,14 +84945,14 @@ interface(`corenet_dontaudit_receive_spamd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_spamd_client_packets',`
- corenet_send_spamd_client_packets($1)
- corenet_receive_spamd_client_packets($1)
+interface(`corenet_sendrecv_ssdp_client_packets',`
+ corenet_send_ssdp_client_packets($1)
+ corenet_receive_ssdp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive spamd_client packets.
+## Do not audit attempts to send and receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81860,14 +84961,14 @@ interface(`corenet_sendrecv_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
- corenet_dontaudit_send_spamd_client_packets($1)
- corenet_dontaudit_receive_spamd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssdp_client_packets',`
+ corenet_dontaudit_send_ssdp_client_packets($1)
+ corenet_dontaudit_receive_ssdp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to spamd_client the packet type.
+## Relabel packets to ssdp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -81875,18 +84976,18 @@ interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_spamd_client_packets',`
+interface(`corenet_relabelto_ssdp_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet relabelto;
+ allow $1 ssdp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send spamd_server packets.
+## Send ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81895,17 +84996,17 @@ interface(`corenet_relabelto_spamd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_spamd_server_packets',`
+interface(`corenet_send_ssdp_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet send;
+ allow $1 ssdp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send spamd_server packets.
+## Do not audit attempts to send ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81914,17 +85015,17 @@ interface(`corenet_send_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_spamd_server_packets',`
+interface(`corenet_dontaudit_send_ssdp_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type ssdp_server_packet_t;
')
- dontaudit $1 spamd_server_packet_t:packet send;
+ dontaudit $1 ssdp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive spamd_server packets.
+## Receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81933,17 +85034,17 @@ interface(`corenet_dontaudit_send_spamd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_spamd_server_packets',`
+interface(`corenet_receive_ssdp_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet recv;
+ allow $1 ssdp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive spamd_server packets.
+## Do not audit attempts to receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81952,17 +85053,17 @@ interface(`corenet_receive_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_spamd_server_packets',`
+interface(`corenet_dontaudit_receive_ssdp_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type ssdp_server_packet_t;
')
- dontaudit $1 spamd_server_packet_t:packet recv;
+ dontaudit $1 ssdp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive spamd_server packets.
+## Send and receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81971,14 +85072,14 @@ interface(`corenet_dontaudit_receive_spamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_spamd_server_packets',`
- corenet_send_spamd_server_packets($1)
- corenet_receive_spamd_server_packets($1)
+interface(`corenet_sendrecv_ssdp_server_packets',`
+ corenet_send_ssdp_server_packets($1)
+ corenet_receive_ssdp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive spamd_server packets.
+## Do not audit attempts to send and receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -81987,14 +85088,14 @@ interface(`corenet_sendrecv_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
- corenet_dontaudit_send_spamd_server_packets($1)
- corenet_dontaudit_receive_spamd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssdp_server_packets',`
+ corenet_dontaudit_send_ssdp_server_packets($1)
+ corenet_dontaudit_receive_ssdp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to spamd_server the packet type.
+## Relabel packets to ssdp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -82002,12 +85103,12 @@ interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_spamd_server_packets',`
+interface(`corenet_relabelto_ssdp_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet relabelto;
+ allow $1 ssdp_server_packet_t:packet relabelto;
')
@@ -82015,7 +85116,7 @@ interface(`corenet_relabelto_spamd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the speech port.
+## Send and receive TCP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82024,17 +85125,17 @@ interface(`corenet_relabelto_spamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_speech_port',`
+interface(`corenet_tcp_sendrecv_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ssh_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the speech port.
+## Send UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82043,17 +85144,17 @@ interface(`corenet_tcp_sendrecv_speech_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_speech_port',`
+interface(`corenet_udp_send_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:udp_socket send_msg;
+ allow $1 ssh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the speech port.
+## Do not audit attempts to send UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82062,17 +85163,17 @@ interface(`corenet_udp_send_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_speech_port',`
+interface(`corenet_dontaudit_udp_send_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- dontaudit $1 speech_port_t:udp_socket send_msg;
+ dontaudit $1 ssh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the speech port.
+## Receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82081,17 +85182,17 @@ interface(`corenet_dontaudit_udp_send_speech_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_speech_port',`
+interface(`corenet_udp_receive_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:udp_socket recv_msg;
+ allow $1 ssh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the speech port.
+## Do not audit attempts to receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82100,17 +85201,17 @@ interface(`corenet_udp_receive_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_speech_port',`
+interface(`corenet_dontaudit_udp_receive_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- dontaudit $1 speech_port_t:udp_socket recv_msg;
+ dontaudit $1 ssh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the speech port.
+## Send and receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82119,15 +85220,15 @@ interface(`corenet_dontaudit_udp_receive_speech_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_speech_port',`
- corenet_udp_send_speech_port($1)
- corenet_udp_receive_speech_port($1)
+interface(`corenet_udp_sendrecv_ssh_port',`
+ corenet_udp_send_ssh_port($1)
+ corenet_udp_receive_ssh_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the speech port.
+## UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82136,14 +85237,14 @@ interface(`corenet_udp_sendrecv_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
- corenet_dontaudit_udp_send_speech_port($1)
- corenet_dontaudit_udp_receive_speech_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
+ corenet_dontaudit_udp_send_ssh_port($1)
+ corenet_dontaudit_udp_receive_ssh_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the speech port.
+## Bind TCP sockets to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82152,18 +85253,18 @@ interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_speech_port',`
+interface(`corenet_tcp_bind_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:tcp_socket name_bind;
-
+ allow $1 ssh_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the speech port.
+## Bind UDP sockets to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82172,18 +85273,18 @@ interface(`corenet_tcp_bind_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_speech_port',`
+interface(`corenet_udp_bind_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:udp_socket name_bind;
-
+ allow $1 ssh_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the speech port.
+## Make a TCP connection to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -82191,18 +85292,18 @@ interface(`corenet_udp_bind_speech_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_speech_port',`
+interface(`corenet_tcp_connect_ssh_port',`
gen_require(`
- type speech_port_t;
+ type ssh_port_t;
')
- allow $1 speech_port_t:tcp_socket name_connect;
+ allow $1 ssh_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send speech_client packets.
+## Send ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82211,17 +85312,17 @@ interface(`corenet_tcp_connect_speech_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_speech_client_packets',`
+interface(`corenet_send_ssh_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 speech_client_packet_t:packet send;
+ allow $1 ssh_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send speech_client packets.
+## Do not audit attempts to send ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82230,17 +85331,17 @@ interface(`corenet_send_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_speech_client_packets',`
+interface(`corenet_dontaudit_send_ssh_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type ssh_client_packet_t;
')
- dontaudit $1 speech_client_packet_t:packet send;
+ dontaudit $1 ssh_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive speech_client packets.
+## Receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82249,17 +85350,17 @@ interface(`corenet_dontaudit_send_speech_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_speech_client_packets',`
+interface(`corenet_receive_ssh_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 speech_client_packet_t:packet recv;
+ allow $1 ssh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive speech_client packets.
+## Do not audit attempts to receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82268,17 +85369,17 @@ interface(`corenet_receive_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_speech_client_packets',`
+interface(`corenet_dontaudit_receive_ssh_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type ssh_client_packet_t;
')
- dontaudit $1 speech_client_packet_t:packet recv;
+ dontaudit $1 ssh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive speech_client packets.
+## Send and receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82287,14 +85388,14 @@ interface(`corenet_dontaudit_receive_speech_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_speech_client_packets',`
- corenet_send_speech_client_packets($1)
- corenet_receive_speech_client_packets($1)
+interface(`corenet_sendrecv_ssh_client_packets',`
+ corenet_send_ssh_client_packets($1)
+ corenet_receive_ssh_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive speech_client packets.
+## Do not audit attempts to send and receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82303,14 +85404,14 @@ interface(`corenet_sendrecv_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
- corenet_dontaudit_send_speech_client_packets($1)
- corenet_dontaudit_receive_speech_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
+ corenet_dontaudit_send_ssh_client_packets($1)
+ corenet_dontaudit_receive_ssh_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to speech_client the packet type.
+## Relabel packets to ssh_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -82318,18 +85419,18 @@ interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_speech_client_packets',`
+interface(`corenet_relabelto_ssh_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 speech_client_packet_t:packet relabelto;
+ allow $1 ssh_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send speech_server packets.
+## Send ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82338,17 +85439,17 @@ interface(`corenet_relabelto_speech_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_speech_server_packets',`
+interface(`corenet_send_ssh_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 speech_server_packet_t:packet send;
+ allow $1 ssh_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send speech_server packets.
+## Do not audit attempts to send ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82357,17 +85458,17 @@ interface(`corenet_send_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_speech_server_packets',`
+interface(`corenet_dontaudit_send_ssh_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type ssh_server_packet_t;
')
- dontaudit $1 speech_server_packet_t:packet send;
+ dontaudit $1 ssh_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive speech_server packets.
+## Receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82376,17 +85477,17 @@ interface(`corenet_dontaudit_send_speech_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_speech_server_packets',`
+interface(`corenet_receive_ssh_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 speech_server_packet_t:packet recv;
+ allow $1 ssh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive speech_server packets.
+## Do not audit attempts to receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82395,17 +85496,17 @@ interface(`corenet_receive_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_speech_server_packets',`
+interface(`corenet_dontaudit_receive_ssh_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type ssh_server_packet_t;
')
- dontaudit $1 speech_server_packet_t:packet recv;
+ dontaudit $1 ssh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive speech_server packets.
+## Send and receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82414,14 +85515,14 @@ interface(`corenet_dontaudit_receive_speech_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_speech_server_packets',`
- corenet_send_speech_server_packets($1)
- corenet_receive_speech_server_packets($1)
+interface(`corenet_sendrecv_ssh_server_packets',`
+ corenet_send_ssh_server_packets($1)
+ corenet_receive_ssh_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive speech_server packets.
+## Do not audit attempts to send and receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82430,14 +85531,14 @@ interface(`corenet_sendrecv_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
- corenet_dontaudit_send_speech_server_packets($1)
- corenet_dontaudit_receive_speech_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
+ corenet_dontaudit_send_ssh_server_packets($1)
+ corenet_dontaudit_receive_ssh_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to speech_server the packet type.
+## Relabel packets to ssh_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -82445,12 +85546,12 @@ interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_speech_server_packets',`
+interface(`corenet_relabelto_ssh_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 speech_server_packet_t:packet relabelto;
+ allow $1 ssh_server_packet_t:packet relabelto;
')
@@ -82458,7 +85559,7 @@ interface(`corenet_relabelto_speech_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the squid port.
+## Send and receive TCP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82467,17 +85568,17 @@ interface(`corenet_relabelto_speech_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_squid_port',`
+interface(`corenet_tcp_sendrecv_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 stunnel_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the squid port.
+## Send UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82486,17 +85587,17 @@ interface(`corenet_tcp_sendrecv_squid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_squid_port',`
+interface(`corenet_udp_send_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:udp_socket send_msg;
+ allow $1 stunnel_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the squid port.
+## Do not audit attempts to send UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82505,17 +85606,17 @@ interface(`corenet_udp_send_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_squid_port',`
+interface(`corenet_dontaudit_udp_send_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- dontaudit $1 squid_port_t:udp_socket send_msg;
+ dontaudit $1 stunnel_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the squid port.
+## Receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82524,17 +85625,17 @@ interface(`corenet_dontaudit_udp_send_squid_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_squid_port',`
+interface(`corenet_udp_receive_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:udp_socket recv_msg;
+ allow $1 stunnel_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the squid port.
+## Do not audit attempts to receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82543,17 +85644,17 @@ interface(`corenet_udp_receive_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_squid_port',`
+interface(`corenet_dontaudit_udp_receive_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- dontaudit $1 squid_port_t:udp_socket recv_msg;
+ dontaudit $1 stunnel_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the squid port.
+## Send and receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82562,15 +85663,15 @@ interface(`corenet_dontaudit_udp_receive_squid_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_squid_port',`
- corenet_udp_send_squid_port($1)
- corenet_udp_receive_squid_port($1)
+interface(`corenet_udp_sendrecv_stunnel_port',`
+ corenet_udp_send_stunnel_port($1)
+ corenet_udp_receive_stunnel_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the squid port.
+## UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82579,14 +85680,14 @@ interface(`corenet_udp_sendrecv_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
- corenet_dontaudit_udp_send_squid_port($1)
- corenet_dontaudit_udp_receive_squid_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
+ corenet_dontaudit_udp_send_stunnel_port($1)
+ corenet_dontaudit_udp_receive_stunnel_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the squid port.
+## Bind TCP sockets to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82595,18 +85696,18 @@ interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_squid_port',`
+interface(`corenet_tcp_bind_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:tcp_socket name_bind;
+ allow $1 stunnel_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the squid port.
+## Bind UDP sockets to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82615,18 +85716,18 @@ interface(`corenet_tcp_bind_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_squid_port',`
+interface(`corenet_udp_bind_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:udp_socket name_bind;
+ allow $1 stunnel_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the squid port.
+## Make a TCP connection to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -82634,18 +85735,18 @@ interface(`corenet_udp_bind_squid_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_squid_port',`
+interface(`corenet_tcp_connect_stunnel_port',`
gen_require(`
- type squid_port_t;
+ type stunnel_port_t;
')
- allow $1 squid_port_t:tcp_socket name_connect;
+ allow $1 stunnel_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send squid_client packets.
+## Send stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82654,17 +85755,17 @@ interface(`corenet_tcp_connect_squid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_squid_client_packets',`
+interface(`corenet_send_stunnel_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 squid_client_packet_t:packet send;
+ allow $1 stunnel_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send squid_client packets.
+## Do not audit attempts to send stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82673,17 +85774,17 @@ interface(`corenet_send_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_squid_client_packets',`
+interface(`corenet_dontaudit_send_stunnel_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type stunnel_client_packet_t;
')
- dontaudit $1 squid_client_packet_t:packet send;
+ dontaudit $1 stunnel_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive squid_client packets.
+## Receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82692,17 +85793,17 @@ interface(`corenet_dontaudit_send_squid_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_squid_client_packets',`
+interface(`corenet_receive_stunnel_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 squid_client_packet_t:packet recv;
+ allow $1 stunnel_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive squid_client packets.
+## Do not audit attempts to receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82711,17 +85812,17 @@ interface(`corenet_receive_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_squid_client_packets',`
+interface(`corenet_dontaudit_receive_stunnel_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type stunnel_client_packet_t;
')
- dontaudit $1 squid_client_packet_t:packet recv;
+ dontaudit $1 stunnel_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive squid_client packets.
+## Send and receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82730,14 +85831,14 @@ interface(`corenet_dontaudit_receive_squid_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_squid_client_packets',`
- corenet_send_squid_client_packets($1)
- corenet_receive_squid_client_packets($1)
+interface(`corenet_sendrecv_stunnel_client_packets',`
+ corenet_send_stunnel_client_packets($1)
+ corenet_receive_stunnel_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive squid_client packets.
+## Do not audit attempts to send and receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82746,14 +85847,14 @@ interface(`corenet_sendrecv_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
- corenet_dontaudit_send_squid_client_packets($1)
- corenet_dontaudit_receive_squid_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
+ corenet_dontaudit_send_stunnel_client_packets($1)
+ corenet_dontaudit_receive_stunnel_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to squid_client the packet type.
+## Relabel packets to stunnel_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -82761,18 +85862,18 @@ interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_squid_client_packets',`
+interface(`corenet_relabelto_stunnel_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 squid_client_packet_t:packet relabelto;
+ allow $1 stunnel_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send squid_server packets.
+## Send stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82781,17 +85882,17 @@ interface(`corenet_relabelto_squid_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_squid_server_packets',`
+interface(`corenet_send_stunnel_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 squid_server_packet_t:packet send;
+ allow $1 stunnel_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send squid_server packets.
+## Do not audit attempts to send stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82800,17 +85901,17 @@ interface(`corenet_send_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_squid_server_packets',`
+interface(`corenet_dontaudit_send_stunnel_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type stunnel_server_packet_t;
')
- dontaudit $1 squid_server_packet_t:packet send;
+ dontaudit $1 stunnel_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive squid_server packets.
+## Receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82819,17 +85920,17 @@ interface(`corenet_dontaudit_send_squid_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_squid_server_packets',`
+interface(`corenet_receive_stunnel_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 squid_server_packet_t:packet recv;
+ allow $1 stunnel_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive squid_server packets.
+## Do not audit attempts to receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82838,17 +85939,17 @@ interface(`corenet_receive_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_squid_server_packets',`
+interface(`corenet_dontaudit_receive_stunnel_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type stunnel_server_packet_t;
')
- dontaudit $1 squid_server_packet_t:packet recv;
+ dontaudit $1 stunnel_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive squid_server packets.
+## Send and receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82857,14 +85958,14 @@ interface(`corenet_dontaudit_receive_squid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_squid_server_packets',`
- corenet_send_squid_server_packets($1)
- corenet_receive_squid_server_packets($1)
+interface(`corenet_sendrecv_stunnel_server_packets',`
+ corenet_send_stunnel_server_packets($1)
+ corenet_receive_stunnel_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive squid_server packets.
+## Do not audit attempts to send and receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -82873,14 +85974,14 @@ interface(`corenet_sendrecv_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
- corenet_dontaudit_send_squid_server_packets($1)
- corenet_dontaudit_receive_squid_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
+ corenet_dontaudit_send_stunnel_server_packets($1)
+ corenet_dontaudit_receive_stunnel_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to squid_server the packet type.
+## Relabel packets to stunnel_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -82888,20 +85989,20 @@ interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_squid_server_packets',`
+interface(`corenet_relabelto_stunnel_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 squid_server_packet_t:packet relabelto;
+ allow $1 stunnel_server_packet_t:packet relabelto;
')
- # snmp and htcp
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the ssdp port.
+## Send and receive TCP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -82910,17 +86011,17 @@ interface(`corenet_relabelto_squid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ssdp_port',`
+interface(`corenet_tcp_sendrecv_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 svn_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ssdp port.
+## Send UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -82929,17 +86030,17 @@ interface(`corenet_tcp_sendrecv_ssdp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ssdp_port',`
+interface(`corenet_udp_send_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:udp_socket send_msg;
+ allow $1 svn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ssdp port.
+## Do not audit attempts to send UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -82948,17 +86049,17 @@ interface(`corenet_udp_send_ssdp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ssdp_port',`
+interface(`corenet_dontaudit_udp_send_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- dontaudit $1 ssdp_port_t:udp_socket send_msg;
+ dontaudit $1 svn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ssdp port.
+## Receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -82967,17 +86068,17 @@ interface(`corenet_dontaudit_udp_send_ssdp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ssdp_port',`
+interface(`corenet_udp_receive_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:udp_socket recv_msg;
+ allow $1 svn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ssdp port.
+## Do not audit attempts to receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -82986,17 +86087,17 @@ interface(`corenet_udp_receive_ssdp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ssdp_port',`
+interface(`corenet_dontaudit_udp_receive_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- dontaudit $1 ssdp_port_t:udp_socket recv_msg;
+ dontaudit $1 svn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ssdp port.
+## Send and receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -83005,15 +86106,15 @@ interface(`corenet_dontaudit_udp_receive_ssdp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ssdp_port',`
- corenet_udp_send_ssdp_port($1)
- corenet_udp_receive_ssdp_port($1)
+interface(`corenet_udp_sendrecv_svn_port',`
+ corenet_udp_send_svn_port($1)
+ corenet_udp_receive_svn_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ssdp port.
+## UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -83022,14 +86123,14 @@ interface(`corenet_udp_sendrecv_ssdp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ssdp_port',`
- corenet_dontaudit_udp_send_ssdp_port($1)
- corenet_dontaudit_udp_receive_ssdp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_svn_port',`
+ corenet_dontaudit_udp_send_svn_port($1)
+ corenet_dontaudit_udp_receive_svn_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ssdp port.
+## Bind TCP sockets to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -83038,18 +86139,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ssdp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ssdp_port',`
+interface(`corenet_tcp_bind_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:tcp_socket name_bind;
+ allow $1 svn_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ssdp port.
+## Bind UDP sockets to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -83058,18 +86159,18 @@ interface(`corenet_tcp_bind_ssdp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ssdp_port',`
+interface(`corenet_udp_bind_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:udp_socket name_bind;
+ allow $1 svn_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ssdp port.
+## Make a TCP connection to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -83077,18 +86178,18 @@ interface(`corenet_udp_bind_ssdp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ssdp_port',`
+interface(`corenet_tcp_connect_svn_port',`
gen_require(`
- type ssdp_port_t;
+ type svn_port_t;
')
- allow $1 ssdp_port_t:tcp_socket name_connect;
+ allow $1 svn_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ssdp_client packets.
+## Send svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83097,17 +86198,17 @@ interface(`corenet_tcp_connect_ssdp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssdp_client_packets',`
+interface(`corenet_send_svn_client_packets',`
gen_require(`
- type ssdp_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 ssdp_client_packet_t:packet send;
+ allow $1 svn_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssdp_client packets.
+## Do not audit attempts to send svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83116,17 +86217,17 @@ interface(`corenet_send_ssdp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssdp_client_packets',`
+interface(`corenet_dontaudit_send_svn_client_packets',`
gen_require(`
- type ssdp_client_packet_t;
+ type svn_client_packet_t;
')
- dontaudit $1 ssdp_client_packet_t:packet send;
+ dontaudit $1 svn_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssdp_client packets.
+## Receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83135,17 +86236,17 @@ interface(`corenet_dontaudit_send_ssdp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssdp_client_packets',`
+interface(`corenet_receive_svn_client_packets',`
gen_require(`
- type ssdp_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 ssdp_client_packet_t:packet recv;
+ allow $1 svn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssdp_client packets.
+## Do not audit attempts to receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83154,17 +86255,17 @@ interface(`corenet_receive_ssdp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssdp_client_packets',`
+interface(`corenet_dontaudit_receive_svn_client_packets',`
gen_require(`
- type ssdp_client_packet_t;
+ type svn_client_packet_t;
')
- dontaudit $1 ssdp_client_packet_t:packet recv;
+ dontaudit $1 svn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssdp_client packets.
+## Send and receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83173,14 +86274,14 @@ interface(`corenet_dontaudit_receive_ssdp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssdp_client_packets',`
- corenet_send_ssdp_client_packets($1)
- corenet_receive_ssdp_client_packets($1)
+interface(`corenet_sendrecv_svn_client_packets',`
+ corenet_send_svn_client_packets($1)
+ corenet_receive_svn_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssdp_client packets.
+## Do not audit attempts to send and receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83189,14 +86290,14 @@ interface(`corenet_sendrecv_ssdp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssdp_client_packets',`
- corenet_dontaudit_send_ssdp_client_packets($1)
- corenet_dontaudit_receive_ssdp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_svn_client_packets',`
+ corenet_dontaudit_send_svn_client_packets($1)
+ corenet_dontaudit_receive_svn_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssdp_client the packet type.
+## Relabel packets to svn_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -83204,18 +86305,18 @@ interface(`corenet_dontaudit_sendrecv_ssdp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssdp_client_packets',`
+interface(`corenet_relabelto_svn_client_packets',`
gen_require(`
- type ssdp_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 ssdp_client_packet_t:packet relabelto;
+ allow $1 svn_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ssdp_server packets.
+## Send svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83224,17 +86325,17 @@ interface(`corenet_relabelto_ssdp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssdp_server_packets',`
+interface(`corenet_send_svn_server_packets',`
gen_require(`
- type ssdp_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 ssdp_server_packet_t:packet send;
+ allow $1 svn_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssdp_server packets.
+## Do not audit attempts to send svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83243,17 +86344,17 @@ interface(`corenet_send_ssdp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssdp_server_packets',`
+interface(`corenet_dontaudit_send_svn_server_packets',`
gen_require(`
- type ssdp_server_packet_t;
+ type svn_server_packet_t;
')
- dontaudit $1 ssdp_server_packet_t:packet send;
+ dontaudit $1 svn_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssdp_server packets.
+## Receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83262,17 +86363,17 @@ interface(`corenet_dontaudit_send_ssdp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssdp_server_packets',`
+interface(`corenet_receive_svn_server_packets',`
gen_require(`
- type ssdp_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 ssdp_server_packet_t:packet recv;
+ allow $1 svn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssdp_server packets.
+## Do not audit attempts to receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83281,17 +86382,17 @@ interface(`corenet_receive_ssdp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssdp_server_packets',`
+interface(`corenet_dontaudit_receive_svn_server_packets',`
gen_require(`
- type ssdp_server_packet_t;
+ type svn_server_packet_t;
')
- dontaudit $1 ssdp_server_packet_t:packet recv;
+ dontaudit $1 svn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssdp_server packets.
+## Send and receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83300,14 +86401,14 @@ interface(`corenet_dontaudit_receive_ssdp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssdp_server_packets',`
- corenet_send_ssdp_server_packets($1)
- corenet_receive_ssdp_server_packets($1)
+interface(`corenet_sendrecv_svn_server_packets',`
+ corenet_send_svn_server_packets($1)
+ corenet_receive_svn_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssdp_server packets.
+## Do not audit attempts to send and receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83316,14 +86417,14 @@ interface(`corenet_sendrecv_ssdp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssdp_server_packets',`
- corenet_dontaudit_send_ssdp_server_packets($1)
- corenet_dontaudit_receive_ssdp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_svn_server_packets',`
+ corenet_dontaudit_send_svn_server_packets($1)
+ corenet_dontaudit_receive_svn_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssdp_server the packet type.
+## Relabel packets to svn_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -83331,12 +86432,12 @@ interface(`corenet_dontaudit_sendrecv_ssdp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssdp_server_packets',`
+interface(`corenet_relabelto_svn_server_packets',`
gen_require(`
- type ssdp_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 ssdp_server_packet_t:packet relabelto;
+ allow $1 svn_server_packet_t:packet relabelto;
')
@@ -83344,7 +86445,7 @@ interface(`corenet_relabelto_ssdp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ssh port.
+## Send and receive TCP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83353,17 +86454,17 @@ interface(`corenet_relabelto_ssdp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ssh_port',`
+interface(`corenet_tcp_sendrecv_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 svrloc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ssh port.
+## Send UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83372,17 +86473,17 @@ interface(`corenet_tcp_sendrecv_ssh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ssh_port',`
+interface(`corenet_udp_send_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:udp_socket send_msg;
+ allow $1 svrloc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ssh port.
+## Do not audit attempts to send UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83391,17 +86492,17 @@ interface(`corenet_udp_send_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ssh_port',`
+interface(`corenet_dontaudit_udp_send_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- dontaudit $1 ssh_port_t:udp_socket send_msg;
+ dontaudit $1 svrloc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ssh port.
+## Receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83410,17 +86511,17 @@ interface(`corenet_dontaudit_udp_send_ssh_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ssh_port',`
+interface(`corenet_udp_receive_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:udp_socket recv_msg;
+ allow $1 svrloc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ssh port.
+## Do not audit attempts to receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83429,17 +86530,17 @@ interface(`corenet_udp_receive_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ssh_port',`
+interface(`corenet_dontaudit_udp_receive_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- dontaudit $1 ssh_port_t:udp_socket recv_msg;
+ dontaudit $1 svrloc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ssh port.
+## Send and receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83448,15 +86549,15 @@ interface(`corenet_dontaudit_udp_receive_ssh_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ssh_port',`
- corenet_udp_send_ssh_port($1)
- corenet_udp_receive_ssh_port($1)
+interface(`corenet_udp_sendrecv_svrloc_port',`
+ corenet_udp_send_svrloc_port($1)
+ corenet_udp_receive_svrloc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ssh port.
+## UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83465,14 +86566,14 @@ interface(`corenet_udp_sendrecv_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
- corenet_dontaudit_udp_send_ssh_port($1)
- corenet_dontaudit_udp_receive_ssh_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_svrloc_port',`
+ corenet_dontaudit_udp_send_svrloc_port($1)
+ corenet_dontaudit_udp_receive_svrloc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ssh port.
+## Bind TCP sockets to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83481,18 +86582,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ssh_port',`
+interface(`corenet_tcp_bind_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:tcp_socket name_bind;
+ allow $1 svrloc_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ssh port.
+## Bind UDP sockets to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83501,18 +86602,18 @@ interface(`corenet_tcp_bind_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ssh_port',`
+interface(`corenet_udp_bind_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:udp_socket name_bind;
+ allow $1 svrloc_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ssh port.
+## Make a TCP connection to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -83520,18 +86621,18 @@ interface(`corenet_udp_bind_ssh_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ssh_port',`
+interface(`corenet_tcp_connect_svrloc_port',`
gen_require(`
- type ssh_port_t;
+ type svrloc_port_t;
')
- allow $1 ssh_port_t:tcp_socket name_connect;
+ allow $1 svrloc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ssh_client packets.
+## Send svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83540,17 +86641,17 @@ interface(`corenet_tcp_connect_ssh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssh_client_packets',`
+interface(`corenet_send_svrloc_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet send;
+ allow $1 svrloc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssh_client packets.
+## Do not audit attempts to send svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83559,17 +86660,17 @@ interface(`corenet_send_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssh_client_packets',`
+interface(`corenet_dontaudit_send_svrloc_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type svrloc_client_packet_t;
')
- dontaudit $1 ssh_client_packet_t:packet send;
+ dontaudit $1 svrloc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssh_client packets.
+## Receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83578,17 +86679,17 @@ interface(`corenet_dontaudit_send_ssh_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssh_client_packets',`
+interface(`corenet_receive_svrloc_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet recv;
+ allow $1 svrloc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssh_client packets.
+## Do not audit attempts to receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83597,17 +86698,17 @@ interface(`corenet_receive_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssh_client_packets',`
+interface(`corenet_dontaudit_receive_svrloc_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type svrloc_client_packet_t;
')
- dontaudit $1 ssh_client_packet_t:packet recv;
+ dontaudit $1 svrloc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssh_client packets.
+## Send and receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83616,14 +86717,14 @@ interface(`corenet_dontaudit_receive_ssh_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssh_client_packets',`
- corenet_send_ssh_client_packets($1)
- corenet_receive_ssh_client_packets($1)
+interface(`corenet_sendrecv_svrloc_client_packets',`
+ corenet_send_svrloc_client_packets($1)
+ corenet_receive_svrloc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssh_client packets.
+## Do not audit attempts to send and receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83632,14 +86733,14 @@ interface(`corenet_sendrecv_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
- corenet_dontaudit_send_ssh_client_packets($1)
- corenet_dontaudit_receive_ssh_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_svrloc_client_packets',`
+ corenet_dontaudit_send_svrloc_client_packets($1)
+ corenet_dontaudit_receive_svrloc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssh_client the packet type.
+## Relabel packets to svrloc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -83647,18 +86748,18 @@ interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssh_client_packets',`
+interface(`corenet_relabelto_svrloc_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet relabelto;
+ allow $1 svrloc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ssh_server packets.
+## Send svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83667,17 +86768,17 @@ interface(`corenet_relabelto_ssh_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssh_server_packets',`
+interface(`corenet_send_svrloc_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet send;
+ allow $1 svrloc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssh_server packets.
+## Do not audit attempts to send svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83686,17 +86787,17 @@ interface(`corenet_send_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssh_server_packets',`
+interface(`corenet_dontaudit_send_svrloc_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type svrloc_server_packet_t;
')
- dontaudit $1 ssh_server_packet_t:packet send;
+ dontaudit $1 svrloc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssh_server packets.
+## Receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83705,17 +86806,17 @@ interface(`corenet_dontaudit_send_ssh_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssh_server_packets',`
+interface(`corenet_receive_svrloc_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet recv;
+ allow $1 svrloc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssh_server packets.
+## Do not audit attempts to receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83724,17 +86825,17 @@ interface(`corenet_receive_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssh_server_packets',`
+interface(`corenet_dontaudit_receive_svrloc_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type svrloc_server_packet_t;
')
- dontaudit $1 ssh_server_packet_t:packet recv;
+ dontaudit $1 svrloc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssh_server packets.
+## Send and receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83743,14 +86844,14 @@ interface(`corenet_dontaudit_receive_ssh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssh_server_packets',`
- corenet_send_ssh_server_packets($1)
- corenet_receive_ssh_server_packets($1)
+interface(`corenet_sendrecv_svrloc_server_packets',`
+ corenet_send_svrloc_server_packets($1)
+ corenet_receive_svrloc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssh_server packets.
+## Do not audit attempts to send and receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83759,14 +86860,14 @@ interface(`corenet_sendrecv_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
- corenet_dontaudit_send_ssh_server_packets($1)
- corenet_dontaudit_receive_ssh_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_svrloc_server_packets',`
+ corenet_dontaudit_send_svrloc_server_packets($1)
+ corenet_dontaudit_receive_svrloc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssh_server the packet type.
+## Relabel packets to svrloc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -83774,12 +86875,12 @@ interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssh_server_packets',`
+interface(`corenet_relabelto_svrloc_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet relabelto;
+ allow $1 svrloc_server_packet_t:packet relabelto;
')
@@ -83787,7 +86888,7 @@ interface(`corenet_relabelto_ssh_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the stunnel port.
+## Send and receive TCP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83796,17 +86897,17 @@ interface(`corenet_relabelto_ssh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_stunnel_port',`
+interface(`corenet_tcp_sendrecv_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 swat_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the stunnel port.
+## Send UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83815,17 +86916,17 @@ interface(`corenet_tcp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_stunnel_port',`
+interface(`corenet_udp_send_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:udp_socket send_msg;
+ allow $1 swat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the stunnel port.
+## Do not audit attempts to send UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83834,17 +86935,17 @@ interface(`corenet_udp_send_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_stunnel_port',`
+interface(`corenet_dontaudit_udp_send_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- dontaudit $1 stunnel_port_t:udp_socket send_msg;
+ dontaudit $1 swat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the stunnel port.
+## Receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83853,17 +86954,17 @@ interface(`corenet_dontaudit_udp_send_stunnel_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_stunnel_port',`
+interface(`corenet_udp_receive_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:udp_socket recv_msg;
+ allow $1 swat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the stunnel port.
+## Do not audit attempts to receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83872,17 +86973,17 @@ interface(`corenet_udp_receive_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_stunnel_port',`
+interface(`corenet_dontaudit_udp_receive_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- dontaudit $1 stunnel_port_t:udp_socket recv_msg;
+ dontaudit $1 swat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the stunnel port.
+## Send and receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83891,15 +86992,15 @@ interface(`corenet_dontaudit_udp_receive_stunnel_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_stunnel_port',`
- corenet_udp_send_stunnel_port($1)
- corenet_udp_receive_stunnel_port($1)
+interface(`corenet_udp_sendrecv_swat_port',`
+ corenet_udp_send_swat_port($1)
+ corenet_udp_receive_swat_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the stunnel port.
+## UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83908,14 +87009,14 @@ interface(`corenet_udp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
- corenet_dontaudit_udp_send_stunnel_port($1)
- corenet_dontaudit_udp_receive_stunnel_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
+ corenet_dontaudit_udp_send_swat_port($1)
+ corenet_dontaudit_udp_receive_swat_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the stunnel port.
+## Bind TCP sockets to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83924,18 +87025,18 @@ interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_stunnel_port',`
+interface(`corenet_tcp_bind_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:tcp_socket name_bind;
-
+ allow $1 swat_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the stunnel port.
+## Bind UDP sockets to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83944,18 +87045,18 @@ interface(`corenet_tcp_bind_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_stunnel_port',`
+interface(`corenet_udp_bind_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:udp_socket name_bind;
-
+ allow $1 swat_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the stunnel port.
+## Make a TCP connection to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -83963,18 +87064,18 @@ interface(`corenet_udp_bind_stunnel_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_stunnel_port',`
+interface(`corenet_tcp_connect_swat_port',`
gen_require(`
- type stunnel_port_t;
+ type swat_port_t;
')
- allow $1 stunnel_port_t:tcp_socket name_connect;
+ allow $1 swat_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send stunnel_client packets.
+## Send swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -83983,17 +87084,17 @@ interface(`corenet_tcp_connect_stunnel_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_stunnel_client_packets',`
+interface(`corenet_send_swat_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet send;
+ allow $1 swat_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send stunnel_client packets.
+## Do not audit attempts to send swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84002,17 +87103,17 @@ interface(`corenet_send_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_stunnel_client_packets',`
+interface(`corenet_dontaudit_send_swat_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type swat_client_packet_t;
')
- dontaudit $1 stunnel_client_packet_t:packet send;
+ dontaudit $1 swat_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive stunnel_client packets.
+## Receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84021,17 +87122,17 @@ interface(`corenet_dontaudit_send_stunnel_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_stunnel_client_packets',`
+interface(`corenet_receive_swat_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet recv;
+ allow $1 swat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive stunnel_client packets.
+## Do not audit attempts to receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84040,17 +87141,17 @@ interface(`corenet_receive_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_stunnel_client_packets',`
+interface(`corenet_dontaudit_receive_swat_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type swat_client_packet_t;
')
- dontaudit $1 stunnel_client_packet_t:packet recv;
+ dontaudit $1 swat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive stunnel_client packets.
+## Send and receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84059,14 +87160,14 @@ interface(`corenet_dontaudit_receive_stunnel_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_stunnel_client_packets',`
- corenet_send_stunnel_client_packets($1)
- corenet_receive_stunnel_client_packets($1)
+interface(`corenet_sendrecv_swat_client_packets',`
+ corenet_send_swat_client_packets($1)
+ corenet_receive_swat_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive stunnel_client packets.
+## Do not audit attempts to send and receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84075,14 +87176,14 @@ interface(`corenet_sendrecv_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
- corenet_dontaudit_send_stunnel_client_packets($1)
- corenet_dontaudit_receive_stunnel_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
+ corenet_dontaudit_send_swat_client_packets($1)
+ corenet_dontaudit_receive_swat_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to stunnel_client the packet type.
+## Relabel packets to swat_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -84090,18 +87191,18 @@ interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_stunnel_client_packets',`
+interface(`corenet_relabelto_swat_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet relabelto;
+ allow $1 swat_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send stunnel_server packets.
+## Send swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84110,17 +87211,17 @@ interface(`corenet_relabelto_stunnel_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_stunnel_server_packets',`
+interface(`corenet_send_swat_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet send;
+ allow $1 swat_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send stunnel_server packets.
+## Do not audit attempts to send swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84129,17 +87230,17 @@ interface(`corenet_send_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_stunnel_server_packets',`
+interface(`corenet_dontaudit_send_swat_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type swat_server_packet_t;
')
- dontaudit $1 stunnel_server_packet_t:packet send;
+ dontaudit $1 swat_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive stunnel_server packets.
+## Receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84148,17 +87249,17 @@ interface(`corenet_dontaudit_send_stunnel_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_stunnel_server_packets',`
+interface(`corenet_receive_swat_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet recv;
+ allow $1 swat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive stunnel_server packets.
+## Do not audit attempts to receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84167,17 +87268,17 @@ interface(`corenet_receive_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_stunnel_server_packets',`
+interface(`corenet_dontaudit_receive_swat_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type swat_server_packet_t;
')
- dontaudit $1 stunnel_server_packet_t:packet recv;
+ dontaudit $1 swat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive stunnel_server packets.
+## Send and receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84186,14 +87287,14 @@ interface(`corenet_dontaudit_receive_stunnel_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_stunnel_server_packets',`
- corenet_send_stunnel_server_packets($1)
- corenet_receive_stunnel_server_packets($1)
+interface(`corenet_sendrecv_swat_server_packets',`
+ corenet_send_swat_server_packets($1)
+ corenet_receive_swat_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive stunnel_server packets.
+## Do not audit attempts to send and receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84202,14 +87303,14 @@ interface(`corenet_sendrecv_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
- corenet_dontaudit_send_stunnel_server_packets($1)
- corenet_dontaudit_receive_stunnel_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
+ corenet_dontaudit_send_swat_server_packets($1)
+ corenet_dontaudit_receive_swat_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to stunnel_server the packet type.
+## Relabel packets to swat_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -84217,20 +87318,20 @@ interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_stunnel_server_packets',`
+interface(`corenet_relabelto_swat_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet relabelto;
+ allow $1 swat_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the svn port.
+## Send and receive TCP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84239,17 +87340,17 @@ interface(`corenet_relabelto_stunnel_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_svn_port',`
+interface(`corenet_tcp_sendrecv_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 syncthing_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the svn port.
+## Send UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84258,17 +87359,17 @@ interface(`corenet_tcp_sendrecv_svn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_svn_port',`
+interface(`corenet_udp_send_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:udp_socket send_msg;
+ allow $1 syncthing_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the svn port.
+## Do not audit attempts to send UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84277,17 +87378,17 @@ interface(`corenet_udp_send_svn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_svn_port',`
+interface(`corenet_dontaudit_udp_send_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- dontaudit $1 svn_port_t:udp_socket send_msg;
+ dontaudit $1 syncthing_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the svn port.
+## Receive UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84296,17 +87397,17 @@ interface(`corenet_dontaudit_udp_send_svn_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_svn_port',`
+interface(`corenet_udp_receive_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:udp_socket recv_msg;
+ allow $1 syncthing_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the svn port.
+## Do not audit attempts to receive UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84315,17 +87416,17 @@ interface(`corenet_udp_receive_svn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_svn_port',`
+interface(`corenet_dontaudit_udp_receive_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- dontaudit $1 svn_port_t:udp_socket recv_msg;
+ dontaudit $1 syncthing_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the svn port.
+## Send and receive UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84334,15 +87435,15 @@ interface(`corenet_dontaudit_udp_receive_svn_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_svn_port',`
- corenet_udp_send_svn_port($1)
- corenet_udp_receive_svn_port($1)
+interface(`corenet_udp_sendrecv_syncthing_port',`
+ corenet_udp_send_syncthing_port($1)
+ corenet_udp_receive_syncthing_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the svn port.
+## UDP traffic on the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84351,14 +87452,14 @@ interface(`corenet_udp_sendrecv_svn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_svn_port',`
- corenet_dontaudit_udp_send_svn_port($1)
- corenet_dontaudit_udp_receive_svn_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_syncthing_port',`
+ corenet_dontaudit_udp_send_syncthing_port($1)
+ corenet_dontaudit_udp_receive_syncthing_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the svn port.
+## Bind TCP sockets to the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84367,18 +87468,18 @@ interface(`corenet_dontaudit_udp_sendrecv_svn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_svn_port',`
+interface(`corenet_tcp_bind_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:tcp_socket name_bind;
+ allow $1 syncthing_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the svn port.
+## Bind UDP sockets to the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84387,18 +87488,18 @@ interface(`corenet_tcp_bind_svn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_svn_port',`
+interface(`corenet_udp_bind_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:udp_socket name_bind;
+ allow $1 syncthing_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the svn port.
+## Make a TCP connection to the syncthing port.
## </summary>
## <param name="domain">
## <summary>
@@ -84406,18 +87507,18 @@ interface(`corenet_udp_bind_svn_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_svn_port',`
+interface(`corenet_tcp_connect_syncthing_port',`
gen_require(`
- type svn_port_t;
+ type syncthing_port_t;
')
- allow $1 svn_port_t:tcp_socket name_connect;
+ allow $1 syncthing_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send svn_client packets.
+## Send syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84426,17 +87527,17 @@ interface(`corenet_tcp_connect_svn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_svn_client_packets',`
+interface(`corenet_send_syncthing_client_packets',`
gen_require(`
- type svn_client_packet_t;
+ type syncthing_client_packet_t;
')
- allow $1 svn_client_packet_t:packet send;
+ allow $1 syncthing_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send svn_client packets.
+## Do not audit attempts to send syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84445,17 +87546,17 @@ interface(`corenet_send_svn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_svn_client_packets',`
+interface(`corenet_dontaudit_send_syncthing_client_packets',`
gen_require(`
- type svn_client_packet_t;
+ type syncthing_client_packet_t;
')
- dontaudit $1 svn_client_packet_t:packet send;
+ dontaudit $1 syncthing_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive svn_client packets.
+## Receive syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84464,17 +87565,17 @@ interface(`corenet_dontaudit_send_svn_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_svn_client_packets',`
+interface(`corenet_receive_syncthing_client_packets',`
gen_require(`
- type svn_client_packet_t;
+ type syncthing_client_packet_t;
')
- allow $1 svn_client_packet_t:packet recv;
+ allow $1 syncthing_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive svn_client packets.
+## Do not audit attempts to receive syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84483,17 +87584,17 @@ interface(`corenet_receive_svn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_svn_client_packets',`
+interface(`corenet_dontaudit_receive_syncthing_client_packets',`
gen_require(`
- type svn_client_packet_t;
+ type syncthing_client_packet_t;
')
- dontaudit $1 svn_client_packet_t:packet recv;
+ dontaudit $1 syncthing_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive svn_client packets.
+## Send and receive syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84502,14 +87603,14 @@ interface(`corenet_dontaudit_receive_svn_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_svn_client_packets',`
- corenet_send_svn_client_packets($1)
- corenet_receive_svn_client_packets($1)
+interface(`corenet_sendrecv_syncthing_client_packets',`
+ corenet_send_syncthing_client_packets($1)
+ corenet_receive_syncthing_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive svn_client packets.
+## Do not audit attempts to send and receive syncthing_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84518,14 +87619,14 @@ interface(`corenet_sendrecv_svn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_svn_client_packets',`
- corenet_dontaudit_send_svn_client_packets($1)
- corenet_dontaudit_receive_svn_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_client_packets',`
+ corenet_dontaudit_send_syncthing_client_packets($1)
+ corenet_dontaudit_receive_syncthing_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to svn_client the packet type.
+## Relabel packets to syncthing_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -84533,18 +87634,18 @@ interface(`corenet_dontaudit_sendrecv_svn_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_svn_client_packets',`
+interface(`corenet_relabelto_syncthing_client_packets',`
gen_require(`
- type svn_client_packet_t;
+ type syncthing_client_packet_t;
')
- allow $1 svn_client_packet_t:packet relabelto;
+ allow $1 syncthing_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send svn_server packets.
+## Send syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84553,17 +87654,17 @@ interface(`corenet_relabelto_svn_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_svn_server_packets',`
+interface(`corenet_send_syncthing_server_packets',`
gen_require(`
- type svn_server_packet_t;
+ type syncthing_server_packet_t;
')
- allow $1 svn_server_packet_t:packet send;
+ allow $1 syncthing_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send svn_server packets.
+## Do not audit attempts to send syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84572,17 +87673,17 @@ interface(`corenet_send_svn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_svn_server_packets',`
+interface(`corenet_dontaudit_send_syncthing_server_packets',`
gen_require(`
- type svn_server_packet_t;
+ type syncthing_server_packet_t;
')
- dontaudit $1 svn_server_packet_t:packet send;
+ dontaudit $1 syncthing_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive svn_server packets.
+## Receive syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84591,17 +87692,17 @@ interface(`corenet_dontaudit_send_svn_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_svn_server_packets',`
+interface(`corenet_receive_syncthing_server_packets',`
gen_require(`
- type svn_server_packet_t;
+ type syncthing_server_packet_t;
')
- allow $1 svn_server_packet_t:packet recv;
+ allow $1 syncthing_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive svn_server packets.
+## Do not audit attempts to receive syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84610,17 +87711,17 @@ interface(`corenet_receive_svn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_svn_server_packets',`
+interface(`corenet_dontaudit_receive_syncthing_server_packets',`
gen_require(`
- type svn_server_packet_t;
+ type syncthing_server_packet_t;
')
- dontaudit $1 svn_server_packet_t:packet recv;
+ dontaudit $1 syncthing_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive svn_server packets.
+## Send and receive syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84629,14 +87730,14 @@ interface(`corenet_dontaudit_receive_svn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_svn_server_packets',`
- corenet_send_svn_server_packets($1)
- corenet_receive_svn_server_packets($1)
+interface(`corenet_sendrecv_syncthing_server_packets',`
+ corenet_send_syncthing_server_packets($1)
+ corenet_receive_syncthing_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive svn_server packets.
+## Do not audit attempts to send and receive syncthing_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84645,14 +87746,14 @@ interface(`corenet_sendrecv_svn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_svn_server_packets',`
- corenet_dontaudit_send_svn_server_packets($1)
- corenet_dontaudit_receive_svn_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_server_packets',`
+ corenet_dontaudit_send_syncthing_server_packets($1)
+ corenet_dontaudit_receive_syncthing_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to svn_server the packet type.
+## Relabel packets to syncthing_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -84660,12 +87761,12 @@ interface(`corenet_dontaudit_sendrecv_svn_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_svn_server_packets',`
+interface(`corenet_relabelto_syncthing_server_packets',`
gen_require(`
- type svn_server_packet_t;
+ type syncthing_server_packet_t;
')
- allow $1 svn_server_packet_t:packet relabelto;
+ allow $1 syncthing_server_packet_t:packet relabelto;
')
@@ -84673,7 +87774,7 @@ interface(`corenet_relabelto_svn_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the svrloc port.
+## Send and receive TCP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84682,17 +87783,17 @@ interface(`corenet_relabelto_svn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_svrloc_port',`
+interface(`corenet_tcp_sendrecv_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 syncthing_admin_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the svrloc port.
+## Send UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84701,17 +87802,17 @@ interface(`corenet_tcp_sendrecv_svrloc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_svrloc_port',`
+interface(`corenet_udp_send_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:udp_socket send_msg;
+ allow $1 syncthing_admin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the svrloc port.
+## Do not audit attempts to send UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84720,17 +87821,17 @@ interface(`corenet_udp_send_svrloc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_svrloc_port',`
+interface(`corenet_dontaudit_udp_send_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- dontaudit $1 svrloc_port_t:udp_socket send_msg;
+ dontaudit $1 syncthing_admin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the svrloc port.
+## Receive UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84739,17 +87840,17 @@ interface(`corenet_dontaudit_udp_send_svrloc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_svrloc_port',`
+interface(`corenet_udp_receive_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:udp_socket recv_msg;
+ allow $1 syncthing_admin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the svrloc port.
+## Do not audit attempts to receive UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84758,17 +87859,17 @@ interface(`corenet_udp_receive_svrloc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_svrloc_port',`
+interface(`corenet_dontaudit_udp_receive_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- dontaudit $1 svrloc_port_t:udp_socket recv_msg;
+ dontaudit $1 syncthing_admin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the svrloc port.
+## Send and receive UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84777,15 +87878,15 @@ interface(`corenet_dontaudit_udp_receive_svrloc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_svrloc_port',`
- corenet_udp_send_svrloc_port($1)
- corenet_udp_receive_svrloc_port($1)
+interface(`corenet_udp_sendrecv_syncthing_admin_port',`
+ corenet_udp_send_syncthing_admin_port($1)
+ corenet_udp_receive_syncthing_admin_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the svrloc port.
+## UDP traffic on the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84794,14 +87895,14 @@ interface(`corenet_udp_sendrecv_svrloc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_svrloc_port',`
- corenet_dontaudit_udp_send_svrloc_port($1)
- corenet_dontaudit_udp_receive_svrloc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_syncthing_admin_port',`
+ corenet_dontaudit_udp_send_syncthing_admin_port($1)
+ corenet_dontaudit_udp_receive_syncthing_admin_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the svrloc port.
+## Bind TCP sockets to the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84810,18 +87911,18 @@ interface(`corenet_dontaudit_udp_sendrecv_svrloc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_svrloc_port',`
+interface(`corenet_tcp_bind_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syncthing_admin_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the svrloc port.
+## Bind UDP sockets to the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84830,18 +87931,18 @@ interface(`corenet_tcp_bind_svrloc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_svrloc_port',`
+interface(`corenet_udp_bind_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syncthing_admin_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the svrloc port.
+## Make a TCP connection to the syncthing_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -84849,18 +87950,18 @@ interface(`corenet_udp_bind_svrloc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_svrloc_port',`
+interface(`corenet_tcp_connect_syncthing_admin_port',`
gen_require(`
- type svrloc_port_t;
+ type syncthing_admin_port_t;
')
- allow $1 svrloc_port_t:tcp_socket name_connect;
+ allow $1 syncthing_admin_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send svrloc_client packets.
+## Send syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84869,17 +87970,17 @@ interface(`corenet_tcp_connect_svrloc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_svrloc_client_packets',`
+interface(`corenet_send_syncthing_admin_client_packets',`
gen_require(`
- type svrloc_client_packet_t;
+ type syncthing_admin_client_packet_t;
')
- allow $1 svrloc_client_packet_t:packet send;
+ allow $1 syncthing_admin_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send svrloc_client packets.
+## Do not audit attempts to send syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84888,17 +87989,17 @@ interface(`corenet_send_svrloc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_svrloc_client_packets',`
+interface(`corenet_dontaudit_send_syncthing_admin_client_packets',`
gen_require(`
- type svrloc_client_packet_t;
+ type syncthing_admin_client_packet_t;
')
- dontaudit $1 svrloc_client_packet_t:packet send;
+ dontaudit $1 syncthing_admin_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive svrloc_client packets.
+## Receive syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84907,17 +88008,17 @@ interface(`corenet_dontaudit_send_svrloc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_svrloc_client_packets',`
+interface(`corenet_receive_syncthing_admin_client_packets',`
gen_require(`
- type svrloc_client_packet_t;
+ type syncthing_admin_client_packet_t;
')
- allow $1 svrloc_client_packet_t:packet recv;
+ allow $1 syncthing_admin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive svrloc_client packets.
+## Do not audit attempts to receive syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84926,17 +88027,17 @@ interface(`corenet_receive_svrloc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_svrloc_client_packets',`
+interface(`corenet_dontaudit_receive_syncthing_admin_client_packets',`
gen_require(`
- type svrloc_client_packet_t;
+ type syncthing_admin_client_packet_t;
')
- dontaudit $1 svrloc_client_packet_t:packet recv;
+ dontaudit $1 syncthing_admin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive svrloc_client packets.
+## Send and receive syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84945,14 +88046,14 @@ interface(`corenet_dontaudit_receive_svrloc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_svrloc_client_packets',`
- corenet_send_svrloc_client_packets($1)
- corenet_receive_svrloc_client_packets($1)
+interface(`corenet_sendrecv_syncthing_admin_client_packets',`
+ corenet_send_syncthing_admin_client_packets($1)
+ corenet_receive_syncthing_admin_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive svrloc_client packets.
+## Do not audit attempts to send and receive syncthing_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84961,14 +88062,14 @@ interface(`corenet_sendrecv_svrloc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_svrloc_client_packets',`
- corenet_dontaudit_send_svrloc_client_packets($1)
- corenet_dontaudit_receive_svrloc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_admin_client_packets',`
+ corenet_dontaudit_send_syncthing_admin_client_packets($1)
+ corenet_dontaudit_receive_syncthing_admin_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to svrloc_client the packet type.
+## Relabel packets to syncthing_admin_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -84976,18 +88077,18 @@ interface(`corenet_dontaudit_sendrecv_svrloc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_svrloc_client_packets',`
+interface(`corenet_relabelto_syncthing_admin_client_packets',`
gen_require(`
- type svrloc_client_packet_t;
+ type syncthing_admin_client_packet_t;
')
- allow $1 svrloc_client_packet_t:packet relabelto;
+ allow $1 syncthing_admin_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send svrloc_server packets.
+## Send syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -84996,17 +88097,17 @@ interface(`corenet_relabelto_svrloc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_svrloc_server_packets',`
+interface(`corenet_send_syncthing_admin_server_packets',`
gen_require(`
- type svrloc_server_packet_t;
+ type syncthing_admin_server_packet_t;
')
- allow $1 svrloc_server_packet_t:packet send;
+ allow $1 syncthing_admin_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send svrloc_server packets.
+## Do not audit attempts to send syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85015,17 +88116,17 @@ interface(`corenet_send_svrloc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_svrloc_server_packets',`
+interface(`corenet_dontaudit_send_syncthing_admin_server_packets',`
gen_require(`
- type svrloc_server_packet_t;
+ type syncthing_admin_server_packet_t;
')
- dontaudit $1 svrloc_server_packet_t:packet send;
+ dontaudit $1 syncthing_admin_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive svrloc_server packets.
+## Receive syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85034,17 +88135,17 @@ interface(`corenet_dontaudit_send_svrloc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_svrloc_server_packets',`
+interface(`corenet_receive_syncthing_admin_server_packets',`
gen_require(`
- type svrloc_server_packet_t;
+ type syncthing_admin_server_packet_t;
')
- allow $1 svrloc_server_packet_t:packet recv;
+ allow $1 syncthing_admin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive svrloc_server packets.
+## Do not audit attempts to receive syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85053,17 +88154,17 @@ interface(`corenet_receive_svrloc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_svrloc_server_packets',`
+interface(`corenet_dontaudit_receive_syncthing_admin_server_packets',`
gen_require(`
- type svrloc_server_packet_t;
+ type syncthing_admin_server_packet_t;
')
- dontaudit $1 svrloc_server_packet_t:packet recv;
+ dontaudit $1 syncthing_admin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive svrloc_server packets.
+## Send and receive syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85072,14 +88173,14 @@ interface(`corenet_dontaudit_receive_svrloc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_svrloc_server_packets',`
- corenet_send_svrloc_server_packets($1)
- corenet_receive_svrloc_server_packets($1)
+interface(`corenet_sendrecv_syncthing_admin_server_packets',`
+ corenet_send_syncthing_admin_server_packets($1)
+ corenet_receive_syncthing_admin_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive svrloc_server packets.
+## Do not audit attempts to send and receive syncthing_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85088,14 +88189,14 @@ interface(`corenet_sendrecv_svrloc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_svrloc_server_packets',`
- corenet_dontaudit_send_svrloc_server_packets($1)
- corenet_dontaudit_receive_svrloc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_admin_server_packets',`
+ corenet_dontaudit_send_syncthing_admin_server_packets($1)
+ corenet_dontaudit_receive_syncthing_admin_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to svrloc_server the packet type.
+## Relabel packets to syncthing_admin_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -85103,12 +88204,12 @@ interface(`corenet_dontaudit_sendrecv_svrloc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_svrloc_server_packets',`
+interface(`corenet_relabelto_syncthing_admin_server_packets',`
gen_require(`
- type svrloc_server_packet_t;
+ type syncthing_admin_server_packet_t;
')
- allow $1 svrloc_server_packet_t:packet relabelto;
+ allow $1 syncthing_admin_server_packet_t:packet relabelto;
')
@@ -85116,7 +88217,7 @@ interface(`corenet_relabelto_svrloc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the swat port.
+## Send and receive TCP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85125,17 +88226,17 @@ interface(`corenet_relabelto_svrloc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_swat_port',`
+interface(`corenet_tcp_sendrecv_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 syncthing_discovery_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the swat port.
+## Send UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85144,17 +88245,17 @@ interface(`corenet_tcp_sendrecv_swat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_swat_port',`
+interface(`corenet_udp_send_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:udp_socket send_msg;
+ allow $1 syncthing_discovery_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the swat port.
+## Do not audit attempts to send UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85163,17 +88264,17 @@ interface(`corenet_udp_send_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_swat_port',`
+interface(`corenet_dontaudit_udp_send_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- dontaudit $1 swat_port_t:udp_socket send_msg;
+ dontaudit $1 syncthing_discovery_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the swat port.
+## Receive UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85182,17 +88283,17 @@ interface(`corenet_dontaudit_udp_send_swat_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_swat_port',`
+interface(`corenet_udp_receive_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:udp_socket recv_msg;
+ allow $1 syncthing_discovery_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the swat port.
+## Do not audit attempts to receive UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85201,17 +88302,17 @@ interface(`corenet_udp_receive_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_swat_port',`
+interface(`corenet_dontaudit_udp_receive_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- dontaudit $1 swat_port_t:udp_socket recv_msg;
+ dontaudit $1 syncthing_discovery_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the swat port.
+## Send and receive UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85220,15 +88321,15 @@ interface(`corenet_dontaudit_udp_receive_swat_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_swat_port',`
- corenet_udp_send_swat_port($1)
- corenet_udp_receive_swat_port($1)
+interface(`corenet_udp_sendrecv_syncthing_discovery_port',`
+ corenet_udp_send_syncthing_discovery_port($1)
+ corenet_udp_receive_syncthing_discovery_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the swat port.
+## UDP traffic on the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85237,14 +88338,14 @@ interface(`corenet_udp_sendrecv_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
- corenet_dontaudit_udp_send_swat_port($1)
- corenet_dontaudit_udp_receive_swat_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_syncthing_discovery_port',`
+ corenet_dontaudit_udp_send_syncthing_discovery_port($1)
+ corenet_dontaudit_udp_receive_syncthing_discovery_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the swat port.
+## Bind TCP sockets to the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85253,18 +88354,18 @@ interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_swat_port',`
+interface(`corenet_tcp_bind_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syncthing_discovery_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the swat port.
+## Bind UDP sockets to the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85273,18 +88374,18 @@ interface(`corenet_tcp_bind_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_swat_port',`
+interface(`corenet_udp_bind_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syncthing_discovery_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the swat port.
+## Make a TCP connection to the syncthing_discovery port.
## </summary>
## <param name="domain">
## <summary>
@@ -85292,18 +88393,18 @@ interface(`corenet_udp_bind_swat_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_swat_port',`
+interface(`corenet_tcp_connect_syncthing_discovery_port',`
gen_require(`
- type swat_port_t;
+ type syncthing_discovery_port_t;
')
- allow $1 swat_port_t:tcp_socket name_connect;
+ allow $1 syncthing_discovery_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send swat_client packets.
+## Send syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85312,17 +88413,17 @@ interface(`corenet_tcp_connect_swat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_swat_client_packets',`
+interface(`corenet_send_syncthing_discovery_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type syncthing_discovery_client_packet_t;
')
- allow $1 swat_client_packet_t:packet send;
+ allow $1 syncthing_discovery_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send swat_client packets.
+## Do not audit attempts to send syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85331,17 +88432,17 @@ interface(`corenet_send_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_swat_client_packets',`
+interface(`corenet_dontaudit_send_syncthing_discovery_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type syncthing_discovery_client_packet_t;
')
- dontaudit $1 swat_client_packet_t:packet send;
+ dontaudit $1 syncthing_discovery_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive swat_client packets.
+## Receive syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85350,17 +88451,17 @@ interface(`corenet_dontaudit_send_swat_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_swat_client_packets',`
+interface(`corenet_receive_syncthing_discovery_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type syncthing_discovery_client_packet_t;
')
- allow $1 swat_client_packet_t:packet recv;
+ allow $1 syncthing_discovery_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive swat_client packets.
+## Do not audit attempts to receive syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85369,17 +88470,17 @@ interface(`corenet_receive_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_swat_client_packets',`
+interface(`corenet_dontaudit_receive_syncthing_discovery_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type syncthing_discovery_client_packet_t;
')
- dontaudit $1 swat_client_packet_t:packet recv;
+ dontaudit $1 syncthing_discovery_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive swat_client packets.
+## Send and receive syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85388,14 +88489,14 @@ interface(`corenet_dontaudit_receive_swat_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_swat_client_packets',`
- corenet_send_swat_client_packets($1)
- corenet_receive_swat_client_packets($1)
+interface(`corenet_sendrecv_syncthing_discovery_client_packets',`
+ corenet_send_syncthing_discovery_client_packets($1)
+ corenet_receive_syncthing_discovery_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive swat_client packets.
+## Do not audit attempts to send and receive syncthing_discovery_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85404,14 +88505,14 @@ interface(`corenet_sendrecv_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
- corenet_dontaudit_send_swat_client_packets($1)
- corenet_dontaudit_receive_swat_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_discovery_client_packets',`
+ corenet_dontaudit_send_syncthing_discovery_client_packets($1)
+ corenet_dontaudit_receive_syncthing_discovery_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to swat_client the packet type.
+## Relabel packets to syncthing_discovery_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -85419,18 +88520,18 @@ interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_swat_client_packets',`
+interface(`corenet_relabelto_syncthing_discovery_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type syncthing_discovery_client_packet_t;
')
- allow $1 swat_client_packet_t:packet relabelto;
+ allow $1 syncthing_discovery_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send swat_server packets.
+## Send syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85439,17 +88540,17 @@ interface(`corenet_relabelto_swat_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_swat_server_packets',`
+interface(`corenet_send_syncthing_discovery_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type syncthing_discovery_server_packet_t;
')
- allow $1 swat_server_packet_t:packet send;
+ allow $1 syncthing_discovery_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send swat_server packets.
+## Do not audit attempts to send syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85458,17 +88559,17 @@ interface(`corenet_send_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_swat_server_packets',`
+interface(`corenet_dontaudit_send_syncthing_discovery_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type syncthing_discovery_server_packet_t;
')
- dontaudit $1 swat_server_packet_t:packet send;
+ dontaudit $1 syncthing_discovery_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive swat_server packets.
+## Receive syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85477,17 +88578,17 @@ interface(`corenet_dontaudit_send_swat_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_swat_server_packets',`
+interface(`corenet_receive_syncthing_discovery_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type syncthing_discovery_server_packet_t;
')
- allow $1 swat_server_packet_t:packet recv;
+ allow $1 syncthing_discovery_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive swat_server packets.
+## Do not audit attempts to receive syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85496,17 +88597,17 @@ interface(`corenet_receive_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_swat_server_packets',`
+interface(`corenet_dontaudit_receive_syncthing_discovery_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type syncthing_discovery_server_packet_t;
')
- dontaudit $1 swat_server_packet_t:packet recv;
+ dontaudit $1 syncthing_discovery_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive swat_server packets.
+## Send and receive syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85515,14 +88616,14 @@ interface(`corenet_dontaudit_receive_swat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_swat_server_packets',`
- corenet_send_swat_server_packets($1)
- corenet_receive_swat_server_packets($1)
+interface(`corenet_sendrecv_syncthing_discovery_server_packets',`
+ corenet_send_syncthing_discovery_server_packets($1)
+ corenet_receive_syncthing_discovery_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive swat_server packets.
+## Do not audit attempts to send and receive syncthing_discovery_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -85531,14 +88632,14 @@ interface(`corenet_sendrecv_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
- corenet_dontaudit_send_swat_server_packets($1)
- corenet_dontaudit_receive_swat_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_syncthing_discovery_server_packets',`
+ corenet_dontaudit_send_syncthing_discovery_server_packets($1)
+ corenet_dontaudit_receive_syncthing_discovery_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to swat_server the packet type.
+## Relabel packets to syncthing_discovery_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -85546,12 +88647,12 @@ interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_swat_server_packets',`
+interface(`corenet_relabelto_syncthing_discovery_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type syncthing_discovery_server_packet_t;
')
- allow $1 swat_server_packet_t:packet relabelto;
+ allow $1 syncthing_discovery_server_packet_t:packet relabelto;
')
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index af43a4e2..a7eb9045 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.21.0)
+policy_module(corenetwork, 1.23.3)
########################################
#
@@ -867,6 +867,14 @@ typeattribute kismet_port_t unreserved_port_type;
portcon tcp 2501 gen_context(system_u:object_r:kismet_port_t,s0)
+type kdeconnect_port_t, port_type, defined_port_type;
+type kdeconnect_client_packet_t, packet_type, client_packet_type;
+type kdeconnect_server_packet_t, packet_type, server_packet_type;
+typeattribute kdeconnect_port_t unreserved_port_type;
+portcon tcp 1714 gen_context(system_u:object_r:kdeconnect_port_t,s0)
+portcon udp 1714 gen_context(system_u:object_r:kdeconnect_port_t,s0)
+
+
type kprop_port_t, port_type, defined_port_type;
type kprop_client_packet_t, packet_type, client_packet_type;
type kprop_server_packet_t, packet_type, server_packet_type;
@@ -902,6 +910,7 @@ portcon udp 389 gen_context(system_u:object_r:ldap_port_t,s0)
portcon tcp 636 gen_context(system_u:object_r:ldap_port_t,s0)
portcon udp 636 gen_context(system_u:object_r:ldap_port_t,s0)
portcon tcp 3268 gen_context(system_u:object_r:ldap_port_t,s0)
+portcon tcp 3269 gen_context(system_u:object_r:ldap_port_t,s0)
type lirc_port_t, port_type, defined_port_type;
@@ -911,6 +920,14 @@ typeattribute lirc_port_t unreserved_port_type;
portcon tcp 8765 gen_context(system_u:object_r:lirc_port_t,s0)
+type llmnr_port_t, port_type, defined_port_type;
+type llmnr_client_packet_t, packet_type, client_packet_type;
+type llmnr_server_packet_t, packet_type, server_packet_type;
+typeattribute llmnr_port_t unreserved_port_type;
+portcon tcp 5355 gen_context(system_u:object_r:llmnr_port_t,s0)
+portcon udp 5355 gen_context(system_u:object_r:llmnr_port_t,s0)
+
+
type lmtp_port_t, port_type, defined_port_type;
type lmtp_client_packet_t, packet_type, client_packet_type;
type lmtp_server_packet_t, packet_type, server_packet_type;
@@ -961,6 +978,21 @@ portcon tcp 5050 gen_context(system_u:object_r:mmcc_port_t,s0)
portcon udp 5050 gen_context(system_u:object_r:mmcc_port_t,s0)
+type mon_port_t, port_type, defined_port_type;
+type mon_client_packet_t, packet_type, client_packet_type;
+type mon_server_packet_t, packet_type, server_packet_type;
+typeattribute mon_port_t unreserved_port_type;
+portcon tcp 2583 gen_context(system_u:object_r:mon_port_t,s0)
+portcon udp 2583 gen_context(system_u:object_r:mon_port_t,s0)
+
+
+type monit_port_t, port_type, defined_port_type;
+type monit_client_packet_t, packet_type, client_packet_type;
+type monit_server_packet_t, packet_type, server_packet_type;
+typeattribute monit_port_t unreserved_port_type;
+portcon tcp 2812 gen_context(system_u:object_r:monit_port_t,s0)
+
+
type monopd_port_t, port_type, defined_port_type;
type monopd_client_packet_t, packet_type, client_packet_type;
type monopd_server_packet_t, packet_type, server_packet_type;
@@ -1248,6 +1280,7 @@ type postgrey_port_t, port_type, defined_port_type;
type postgrey_client_packet_t, packet_type, client_packet_type;
type postgrey_server_packet_t, packet_type, server_packet_type;
typeattribute postgrey_port_t unreserved_port_type;
+portcon tcp 10023 gen_context(system_u:object_r:postgrey_port_t,s0)
portcon tcp 60000 gen_context(system_u:object_r:postgrey_port_t,s0)
@@ -1360,6 +1393,7 @@ type redis_client_packet_t, packet_type, client_packet_type;
type redis_server_packet_t, packet_type, server_packet_type;
typeattribute redis_port_t unreserved_port_type;
portcon tcp 6379 gen_context(system_u:object_r:redis_port_t,s0)
+portcon tcp 26379 gen_context(system_u:object_r:redis_port_t,s0)
type repository_port_t, port_type, defined_port_type;
@@ -1400,6 +1434,8 @@ typeattribute rndc_port_t reserved_port_type;
typeattribute rndc_port_t rpc_port_type;
portcon tcp 953 gen_context(system_u:object_r:rndc_port_t,s0)
portcon udp 953 gen_context(system_u:object_r:rndc_port_t,s0)
+portcon tcp 8953 gen_context(system_u:object_r:rndc_port_t,s0)
+portcon udp 8953 gen_context(system_u:object_r:rndc_port_t,s0)
type router_port_t, port_type, defined_port_type;
@@ -1433,7 +1469,9 @@ type rtorrent_port_t, port_type, defined_port_type;
type rtorrent_client_packet_t, packet_type, client_packet_type;
type rtorrent_server_packet_t, packet_type, server_packet_type;
typeattribute rtorrent_port_t unreserved_port_type;
+portcon tcp 6881 gen_context(system_u:object_r:rtorrent_port_t,s0)
portcon udp 6881 gen_context(system_u:object_r:rtorrent_port_t,s0)
+portcon tcp 6926 gen_context(system_u:object_r:rtorrent_port_t,s0)
type rtsp_port_t, port_type, defined_port_type;
@@ -1613,6 +1651,27 @@ typeattribute swat_port_t rpc_port_type;
portcon tcp 901 gen_context(system_u:object_r:swat_port_t,s0)
+type syncthing_port_t, port_type, defined_port_type;
+type syncthing_client_packet_t, packet_type, client_packet_type;
+type syncthing_server_packet_t, packet_type, server_packet_type;
+typeattribute syncthing_port_t unreserved_port_type;
+portcon tcp 22000 gen_context(system_u:object_r:syncthing_port_t,s0)
+
+
+type syncthing_admin_port_t, port_type, defined_port_type;
+type syncthing_admin_client_packet_t, packet_type, client_packet_type;
+type syncthing_admin_server_packet_t, packet_type, server_packet_type;
+typeattribute syncthing_admin_port_t unreserved_port_type;
+portcon tcp 8384 gen_context(system_u:object_r:syncthing_admin_port_t,s0)
+
+
+type syncthing_discovery_port_t, port_type, defined_port_type;
+type syncthing_discovery_client_packet_t, packet_type, client_packet_type;
+type syncthing_discovery_server_packet_t, packet_type, server_packet_type;
+typeattribute syncthing_discovery_port_t unreserved_port_type;
+portcon udp 21027 gen_context(system_u:object_r:syncthing_discovery_port_t,s0)
+
+
type sype_transport_port_t, port_type, defined_port_type;
type sype_transport_client_packet_t, packet_type, client_packet_type;
type sype_transport_server_packet_t, packet_type, server_packet_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-03-02 10:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-03-02 10:17 UTC (permalink / raw
To: gentoo-commits
commit: 2ea4214ce55c1f5dfa9a23bd74e6b8bc01db9611
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Mon Feb 20 13:20:00 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Mar 2 10:16:40 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2ea4214c
add corecmd_check_exec_bin_files()
useful for monit
policy/modules/kernel/corecommands.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
index 60c1feb7..d7ccec3a 100644
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@@ -218,6 +218,25 @@ interface(`corecmd_dontaudit_getattr_bin_files',`
########################################
## <summary>
+## Check if files in bin directories are executable (DAC-wise)
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corecmd_check_exec_bin_files',`
+ gen_require(`
+ type bin_t;
+ ')
+
+ allow $1 bin_t:dir search_dir_perms;
+ allow $1 bin_t:file { execute getattr };
+')
+
+########################################
+## <summary>
## Read files in bin directories.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-03-02 10:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-03-02 10:17 UTC (permalink / raw
To: gentoo-commits
commit: ee9f1937dfcafbac9c687ee2f79d33bd7b54bec2
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Mon Feb 27 21:24:02 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Mar 2 10:16:52 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ee9f1937
devices: fix Debian file contexts
When using setfiles to validate file contexts of Debian modular policy
(with DISTRO=debian and MONOLITHIC=n), it fails with:
tmp/all_mods.fc: line 527 is missing fields
tmp/all_mods.fc: line 527 is missing fields
tmp/all_mods.fc: Invalid argument
Here is the content of tmp/all_mods.fc around line 527:
# this is a static /dev dir "backup mount"
# if you want to disable udev, youll have to boot permissive and relabel!
/dev/\.static -d system_u:object_r:device_t
/dev/\.static/dev -d system_u:object_r:device_t
/dev/\.static/dev/(.*)? <<none>>
'
The quote of "you'll" has been eaten by m4 and there is a spurious quote
on the last line, which is reported by setfiles. Fix this by removing
the quote in the comment.
Here is an example of a failed build on Travis-CI:
https://travis-ci.org/fishilico/selinux-refpolicy-patched/jobs/205951446
policy/modules/kernel/devices.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 19cd9724..84219a87 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -185,7 +185,7 @@ ifdef(`distro_suse', `
ifdef(`distro_debian',`
# this is a static /dev dir "backup mount"
-# if you want to disable udev, you'll have to boot permissive and relabel!
+# if you want to disable udev, you will have to boot permissive and relabel!
/dev/\.static -d gen_context(system_u:object_r:device_t,s0)
/dev/\.static/dev -d gen_context(system_u:object_r:device_t,s0)
/dev/\.static/dev/(.*)? <<none>>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-03-02 10:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-03-02 10:17 UTC (permalink / raw
To: gentoo-commits
commit: b7cdb2042f2d50b860b53763af428a02126984a4
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Mon Feb 20 13:20:25 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Mar 2 10:16:43 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b7cdb204
add fs_getattr_dos_dirs()
useful
policy/modules/kernel/filesystem.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 9069b0c2..0affdae2 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -1800,6 +1800,24 @@ interface(`fs_relabelfrom_dos_fs',`
########################################
## <summary>
+## Get attributes of directories on a dosfs filesystem.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_getattr_dos_dirs',`
+ gen_require(`
+ type dosfs_t;
+ ')
+
+ allow $1 dosfs_t:dir getattr;
+')
+
+########################################
+## <summary>
## Search dosfs filesystem.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2017-02-27 11:40 Jason Zaman
2017-02-27 10:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2017-02-27 11:40 UTC (permalink / raw
To: gentoo-commits
commit: 805b7816928fa45ce56e4fdeb79fcd0ab4b3e2e4
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sat Feb 25 16:50:31 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Feb 27 10:38:00 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=805b7816
devices: Fix docs for dev_write_generic_sock_files().
policy/modules/kernel/devices.if | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 7e09e6f2..28984607 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -880,11 +880,11 @@ interface(`dev_relabel_generic_symlinks',`
########################################
## <summary>
-## write generic sock files in /dev.
+## Write generic sock files in /dev.
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit.
+## Domain allowed access.
## </summary>
## </param>
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-02-21 7:11 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-02-21 7:11 UTC (permalink / raw
To: gentoo-commits
commit: 71506bb1ae746af0aed371ff1b7fb2eb371fd33e
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Fri Jan 6 14:15:41 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Feb 21 06:40:52 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=71506bb1
corecommands: label some binaries as bin_t
policy/modules/kernel/corecommands.fc | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 5049a8a0..2b645e4d 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -278,6 +278,7 @@ ifdef(`distro_gentoo',`
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/denyhosts/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/denyhosts/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/share/dput/execute-dput -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/cluster/.*\.sh gen_context(system_u:object_r:bin_t,s0)
/usr/share/cluster/ocf-shellfuncs -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/cluster/svclib_nfslock -- gen_context(system_u:object_r:bin_t,s0)
@@ -304,6 +305,11 @@ ifdef(`distro_gentoo',`
/usr/share/smolt/client(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/spamassassin/sa-update\.cron gen_context(system_u:object_r:bin_t,s0)
/usr/share/system-config-printer/applet\.py -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texlive/texmf-dist/scripts/checkcites/checkcites\.lua -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texlive/texmf-dist/scripts/checklistings/checklistings\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texlive/texmf-dist/scripts/fontools/autoinst -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texlive/texmf-dist/scripts/match_parens/match_parens -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texlive/texmf-dist/scripts/yplan/yplan -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/texmf/web2c/mktexdir -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/texmf-dist/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-02-21 7:11 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-02-21 7:11 UTC (permalink / raw
To: gentoo-commits
commit: ca23f74eb96deca16ed2cd98f551436ff80093b9
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Thu Feb 16 15:08:47 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Feb 21 06:40:52 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ca23f74e
files: no default types for /run and /var/lock
encourage private types for /run and /var/lock by not providing default contexts anymore
policy/modules/kernel/files.fc | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 39491e9d..5d2c0c58 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -155,11 +155,7 @@ HOME_ROOT/lost\+found/.* <<none>>
#
/run -d gen_context(system_u:object_r:var_run_t,s0-mls_systemhigh)
/run -l gen_context(system_u:object_r:var_run_t,s0)
-/run/.* gen_context(system_u:object_r:var_run_t,s0)
-/run/.*\.*pid <<none>>
-
-/run/lock -d gen_context(system_u:object_r:var_lock_t,s0)
-/run/lock -l gen_context(system_u:object_r:var_lock_t,s0)
+/run/.* <<none>>
#
# /selinux
@@ -243,7 +239,10 @@ ifndef(`distro_redhat',`
/var/lib/nfs/rpc_pipefs(/.*)? <<none>>
-/var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0)
+/var/lock -d gen_context(system_u:object_r:var_lock_t,s0-mls_systemhigh)
+/var/lock -l gen_context(system_u:object_r:var_lock_t,s0)
+/var/lock/subsys -d gen_context(system_u:object_r:var_lock_t,s0-mls_systemhigh)
+/var/lock/.* <<none>>
/var/log/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/log/lost\+found/.* <<none>>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-02-17 8:44 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-02-17 8:44 UTC (permalink / raw
To: gentoo-commits
commit: 30daf39bdf0854b072c684e8d85a8967aa5bd02c
Author: Russell Coker <russell <AT> coker <DOT> com <DOT> au>
AuthorDate: Tue Feb 14 09:22:14 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 17 08:13:38 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=30daf39b
tiny mon patch
When you merged the mon patch you removed the ability for mon_t to execute
lib_t files.
The following patch re-enables the ability to execute alert scripts.
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 7c1ae574..5049a8a0 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -189,6 +189,7 @@ ifdef(`distro_gentoo',`
/usr/lib/mediawiki/math/texvc.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/misc/glibc/getconf/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/mon/alert.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nagios/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/netsaint/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/NetworkManager/nm-.* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-13 18:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-01-13 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 49047f621c6f9d5001be7d2ab6a1c33689d6b214
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Fri Jan 6 14:06:37 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:39:10 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=49047f62
update corenetwork module
* remove deprecated interfaces
* label tcp port 2812 for monit
policy/modules/kernel/corenetwork.fc | 17 ++++++++---------
policy/modules/kernel/corenetwork.te.in | 1 +
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.fc b/policy/modules/kernel/corenetwork.fc
index 9af1f7a..a717876 100644
--- a/policy/modules/kernel/corenetwork.fc
+++ b/policy/modules/kernel/corenetwork.fc
@@ -1,13 +1,12 @@
+/dev/ippp.* -c gen_context(system_u:object_r:ppp_device_t,s0)
+/dev/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
+/dev/pppox.* -c gen_context(system_u:object_r:ppp_device_t,s0)
+/dev/tap.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
-/dev/ippp.* -c gen_context(system_u:object_r:ppp_device_t,s0)
-/dev/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
-/dev/pppox.* -c gen_context(system_u:object_r:ppp_device_t,s0)
-/dev/tap.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
+/dev/net/.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
-/dev/net/.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
+/lib/udev/devices/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
+/lib/udev/devices/net/.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
-/lib/udev/devices/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
-/lib/udev/devices/net/.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
-
-/usr/lib/udev/devices/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
+/usr/lib/udev/devices/ppp -c gen_context(system_u:object_r:ppp_device_t,s0)
/usr/lib/udev/devices/net/.* -c gen_context(system_u:object_r:tun_tap_device_t,s0)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index bac6665..6e0ac9d 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -179,6 +179,7 @@ network_port(matahari, tcp,49000,s0, udp,49000,s0)
network_port(memcache, tcp,11211,s0, udp,11211,s0)
network_port(milter) # no defined portcon
network_port(mmcc, tcp,5050,s0, udp,5050,s0)
+network_port(monit, tcp,2812,s0)
network_port(monopd, tcp,1234,s0)
network_port(mountd, tcp,20048,s0, udp,20048,s0)
network_port(movaz_ssc, tcp,5252,s0, udp,5252,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-13 18:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-01-13 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 2523833e9b77e3ded7f9f884a0e2d9d9a0af620a
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Tue Jan 10 01:36:27 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:39:48 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2523833e
Module version bump for cpu_online genfscon from Laurent Bigonville.
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 67515ad..560bb1c 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.19.2)
+policy_module(devices, 1.19.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-13 18:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-01-13 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 1c1afe0de1dcbd230f92d856769bd9adb176e1d1
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Fri Jan 6 13:18:24 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:39:46 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1c1afe0d
Use genfscon to label /sys/devices/system/cpu/online as cpu_online_t
Since 8e01472078763ebc1eaea089a1adab75dd982ccd, it's possible to use
genfscon for sysfs.
This patch should help to deprecate distribution specific call to
restorecon or tmpfiles to restore /sys/devices/system/cpu/online during
boot.
Thanks to Dominick for the tip.
policy/modules/kernel/devices.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 9b1f207..67515ad 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -66,6 +66,7 @@ dev_node(cpu_device_t)
type cpu_online_t, sysfs_types;
files_type(cpu_online_t)
dev_associate_sysfs(cpu_online_t)
+genfscon sysfs /devices/system/cpu/online gen_context(system_u:object_r:cpu_online_t,s0)
#
# Type for /dev/crash
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-13 18:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-01-13 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 304394386e6c1a15f03ace7fef07ad055aa117b1
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Fri Jan 6 14:03:08 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:39:07 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=30439438
update terminal module
* label content of /dev/pts/ correctly
* remove deprecated interfaces
policy/modules/kernel/terminal.fc | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/terminal.fc b/policy/modules/kernel/terminal.fc
index 0ea25b6..256ad29 100644
--- a/policy/modules/kernel/terminal.fc
+++ b/policy/modules/kernel/terminal.fc
@@ -14,7 +14,6 @@
/dev/ip2[^/]* -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/isdn.* -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/ptmx -c gen_context(system_u:object_r:ptmx_t,s0)
-/dev/pts/ptmx -c gen_context(system_u:object_r:ptmx_t,s0)
/dev/rfcomm[0-9]+ -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/slamr[0-9]+ -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/tty -c gen_context(system_u:object_r:devtty_t,s0)
@@ -25,6 +24,8 @@
/dev/pty/.* -c gen_context(system_u:object_r:bsdpty_device_t,s0)
/dev/pts -d gen_context(system_u:object_r:devpts_t,s0-mls_systemhigh)
+/dev/pts/ptmx -c gen_context(system_u:object_r:devpts_t,s0)
+/dev/pts/[0-9]+ -c gen_context(system_u:object_r:user_devpts_t,s0)
/dev/tts/[^/]* -c gen_context(system_u:object_r:tty_device_t,s0)
@@ -37,7 +38,7 @@
/dev/xvc[0-9]* -c gen_context(system_u:object_r:tty_device_t,s0)
ifdef(`distro_gentoo',`
-/dev/tts/[0-9]* -c gen_context(system_u:object_r:tty_device_t,s0)
+/dev/tts/[0-9]+ -c gen_context(system_u:object_r:tty_device_t,s0)
# used by init scripts to initally populate udev /dev
/lib/udev/devices/console -c gen_context(system_u:object_r:console_device_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-13 18:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2017-01-13 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 0bb6636315aeb689646c5362ab11ae4101d1c30a
Author: cgzones <cgzones <AT> googlemail <DOT> com>
AuthorDate: Thu Jan 5 11:47:58 2017 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Jan 13 18:39:03 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0bb66363
add files_search_src()
required by loadkeys
policy/modules/kernel/files.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index b5eeaf8..f82c792 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -5216,6 +5216,24 @@ interface(`files_usr_filetrans',`
########################################
## <summary>
+## Search directories in /usr/src.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_search_src',`
+ gen_require(`
+ type src_t;
+ ')
+
+ allow $1 src_t:dir search_dir_perms;
+')
+
+########################################
+## <summary>
## Do not audit attempts to search /usr/src.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-01 16:44 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-01-01 16:44 UTC (permalink / raw
To: gentoo-commits
commit: cdcad1b4eb7e68b9f4f227f6bef5ee5abfc766d3
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Jan 1 16:40:56 2017 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 1 16:41:45 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=cdcad1b4
devices: dev_setattr_generic_chr_files added upstream, remove gentoo interface
policy/modules/kernel/devices.if | 19 -------------------
1 file changed, 19 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 7d99b29..428f5a0 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5127,25 +5127,6 @@ interface(`dev_dontaudit_read_sysfs',`
########################################
## <summary>
-## Setattr for generic character device files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`dev_setattr_generic_chr_files',`
- gen_require(`
- type device_t;
- ')
-
- allow $1 device_t:chr_file setattr;
-')
-
-
-########################################
-## <summary>
## Relabel cpu online hardware state information.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2017-01-01 16:37 Jason Zaman
2017-01-01 16:36 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2017-01-01 16:37 UTC (permalink / raw
To: gentoo-commits
commit: ebdb506866fb148014bea8f07a59deb6c15f0d58
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Thu Dec 29 22:13:04 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 1 16:31:26 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=ebdb5068
kernel: add missing plymouth interface
Add a previously missed optional plymouth interface to the kernel
module.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/kernel/kernel.te | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index c6531a2..c5da1c5 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -384,6 +384,8 @@ optional_policy(`
optional_policy(`
plymouthd_read_lib_files(kernel_t)
+ plymouthd_read_spool_files(kernel_t)
+
term_use_ptmx(kernel_t)
term_use_unallocated_ttys(kernel_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-01 16:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-01-01 16:36 UTC (permalink / raw
To: gentoo-commits
commit: 1a61c661fe20b6990ecb37c4a3c7ab2f9c9f5f3c
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Sun Dec 18 20:58:44 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 1 16:26:28 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1a61c661
kernel: missing permissions for confined execution
This patch adds missing permissions in the kernel module that prevent
to run it without the unconfined module.
This second version improves the comment section of new interfaces:
"Domain" is replaced by "Domain allowed access".
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/kernel/devices.if | 56 +++++++++++++++
policy/modules/kernel/files.if | 131 ++++++++++++++++++++++++++++++++++++
policy/modules/kernel/filesystem.if | 18 +++++
policy/modules/kernel/kernel.if | 18 +++++
policy/modules/kernel/kernel.te | 34 ++++++++++
policy/modules/kernel/terminal.if | 20 ++++++
6 files changed, 277 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 3f05417..7d99b29 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -480,6 +480,25 @@ interface(`dev_dontaudit_getattr_generic_blk_files',`
########################################
## <summary>
+## Set the attributes on generic
+## block devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_setattr_generic_blk_files',`
+ gen_require(`
+ type device_t;
+ ')
+
+ allow $1 device_t:blk_file setattr;
+')
+
+########################################
+## <summary>
## Dontaudit setattr on generic block devices.
## </summary>
## <param name="domain">
@@ -570,6 +589,25 @@ interface(`dev_dontaudit_getattr_generic_chr_files',`
########################################
## <summary>
+## Set the attributes for generic
+## character device files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_setattr_generic_chr_files',`
+ gen_require(`
+ type device_t;
+ ')
+
+ allow $1 device_t:chr_file setattr;
+')
+
+########################################
+## <summary>
## Dontaudit setattr for generic character device files.
## </summary>
## <param name="domain">
@@ -3897,6 +3935,24 @@ interface(`dev_manage_smartcard',`
########################################
## <summary>
+## Mount a filesystem on sysfs.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allow access.
+## </summary>
+## </param>
+#
+interface(`dev_mounton_sysfs',`
+ gen_require(`
+ type device_t;
+ ')
+
+ allow $1 sysfs_t:dir mounton;
+')
+
+########################################
+## <summary>
## Associate a file to a sysfs filesystem.
## </summary>
## <param name="file_type">
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 3fc0487..b5eeaf8 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1786,6 +1786,25 @@ interface(`files_list_root',`
########################################
## <summary>
+## Delete symbolic links in the
+## root directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_delete_root_symlinks',`
+ gen_require(`
+ type root_t;
+ ')
+
+ allow $1 root_t:lnk_file delete_lnk_file_perms;
+')
+
+########################################
+## <summary>
## Do not audit attempts to write to / dirs.
## </summary>
## <param name="domain">
@@ -1914,6 +1933,25 @@ interface(`files_dontaudit_rw_root_chr_files',`
########################################
## <summary>
+## Delete character device nodes in
+## the root directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_delete_root_chr_files',`
+ gen_require(`
+ type root_t;
+ ')
+
+ allow $1 root_t:chr_file delete_chr_file_perms;
+')
+
+########################################
+## <summary>
## Delete files in the root directory.
## </summary>
## <param name="domain">
@@ -1932,6 +1970,24 @@ interface(`files_delete_root_files',`
########################################
## <summary>
+## Execute files in the root directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_exec_root_files',`
+ gen_require(`
+ type root_t;
+ ')
+
+ allow $1 root_t:file exec_file_perms;
+')
+
+########################################
+## <summary>
## Remove entries from the root directory.
## </summary>
## <param name="domain">
@@ -1950,6 +2006,43 @@ interface(`files_delete_root_dir_entry',`
########################################
## <summary>
+## Manage the root directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_manage_root_dir',`
+ gen_require(`
+ type root_t;
+ ')
+
+ allow $1 root_t:dir manage_dir_perms;
+')
+
+########################################
+## <summary>
+## Get the attributes of a rootfs
+## file system.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_getattr_rootfs',`
+ gen_require(`
+ type root_t;
+ ')
+
+ allow $1 root_t:filesystem getattr;
+')
+
+########################################
+## <summary>
## Associate to root file system.
## </summary>
## <param name="file_type">
@@ -3057,6 +3150,44 @@ interface(`files_delete_boot_flag',`
########################################
## <summary>
+## Get the attributes of the
+## etc_runtime directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_getattr_etc_runtime_dirs',`
+ gen_require(`
+ type etc_runtime_t;
+ ')
+
+ allow $1 etc_runtime_t:dir getattr;
+')
+
+########################################
+## <summary>
+## Mount a filesystem on the
+## etc_runtime directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_mounton_etc_runtime_dirs',`
+ gen_require(`
+ type etc_runtime_t;
+ ')
+
+ allow $1 etc_runtime_t:dir mounton;
+')
+
+########################################
+## <summary>
## Do not audit attempts to set the attributes of the etc_runtime files
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index c85d805..23c7f08 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -4303,6 +4303,24 @@ interface(`fs_dontaudit_rw_tmpfs_files',`
########################################
## <summary>
+## Delete tmpfs symbolic links.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_delete_tmpfs_symlinks',`
+ gen_require(`
+ type tmpfs_t;
+ ')
+
+ allow $1 tmpfs_t:lnk_file delete_lnk_file_perms;
+')
+
+########################################
+## <summary>
## Create, read, write, and delete
## auto moutpoints.
## </summary>
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 2c7ad0c..6887b00 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -957,6 +957,24 @@ interface(`kernel_dontaudit_write_proc_dirs',`
########################################
## <summary>
+## Mount the directories in /proc.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_mounton_proc_dirs',`
+ gen_require(`
+ type proc_t;
+ ')
+
+ allow $1 proc_t:dir mounton;
+')
+
+########################################
+## <summary>
## Get the attributes of files in /proc.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 7334dc9..2a6ab8e 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -239,6 +239,7 @@ allow kernel_t unlabeled_t:dir mounton;
# connections with invalidated labels:
allow kernel_t unlabeled_t:packet send;
+kernel_mounton_proc_dirs(kernel_t)
kernel_request_load_module(kernel_t)
# Allow unlabeled network traffic
@@ -258,6 +259,7 @@ corenet_tcp_sendrecv_all_nodes(kernel_t)
corenet_raw_send_generic_node(kernel_t)
corenet_send_all_packets(kernel_t)
+dev_mounton_sysfs(kernel_t)
dev_read_sysfs(kernel_t)
dev_search_usbfs(kernel_t)
# devtmpfs handling:
@@ -268,15 +270,31 @@ dev_delete_generic_blk_files(kernel_t)
dev_create_generic_chr_files(kernel_t)
dev_delete_generic_chr_files(kernel_t)
dev_mounton(kernel_t)
+dev_delete_generic_symlinks(kernel_t)
+dev_rw_generic_chr_files(kernel_t)
+dev_setattr_generic_blk_files(kernel_t)
+dev_setattr_generic_chr_files(kernel_t)
+dev_getattr_fs(kernel_t)
+dev_getattr_sysfs(kernel_t)
# Mount root file system. Used when loading a policy
# from initrd, then mounting the root filesystem
fs_mount_all_fs(kernel_t)
fs_unmount_all_fs(kernel_t)
+fs_getattr_tmpfs(kernel_t)
+fs_getattr_tmpfs_dirs(kernel_t)
+fs_manage_tmpfs_dirs(kernel_t)
+fs_manage_tmpfs_files(kernel_t)
+fs_manage_tmpfs_sockets(kernel_t)
+fs_delete_tmpfs_symlinks(kernel_t)
+
+selinux_getattr_fs(kernel_t)
selinux_load_policy(kernel_t)
+term_getattr_pty_fs(kernel_t)
term_use_console(kernel_t)
+term_use_generic_ptys(kernel_t)
# for kdevtmpfs
term_setattr_unlink_unallocated_ttys(kernel_t)
@@ -289,8 +307,16 @@ corecmd_exec_bin(kernel_t)
domain_signal_all_domains(kernel_t)
domain_search_all_domains_state(kernel_t)
+files_getattr_rootfs(kernel_t)
+files_manage_root_dir(kernel_t)
+files_delete_root_files(kernel_t)
+files_exec_root_files(kernel_t)
+files_delete_root_symlinks(kernel_t)
+files_delete_root_chr_files(kernel_t)
files_list_root(kernel_t)
files_list_etc(kernel_t)
+files_getattr_etc_runtime_dirs(kernel_t)
+files_mounton_etc_runtime_dirs(kernel_t)
files_list_home(kernel_t)
files_read_usr_files(kernel_t)
@@ -343,6 +369,7 @@ optional_policy(`
')
optional_policy(`
+ logging_manage_generic_logs(kernel_t)
logging_send_syslog_msg(kernel_t)
')
@@ -356,6 +383,12 @@ optional_policy(`
')
optional_policy(`
+ plymouthd_read_lib_files(kernel_t)
+ term_use_ptmx(kernel_t)
+ term_use_unallocated_ttys(kernel_t)
+')
+
+optional_policy(`
# nfs kernel server needs kernel UDP access. It is less risky and painful
# to just give it everything.
allow kernel_t self:tcp_socket create_stream_socket_perms;
@@ -405,6 +438,7 @@ optional_policy(`
optional_policy(`
seutil_read_config(kernel_t)
seutil_read_bin_policy(kernel_t)
+ seutil_domtrans_setfiles(kernel_t)
')
optional_policy(`
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 86692b0..05be047 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -403,6 +403,25 @@ interface(`term_relabel_pty_fs',`
########################################
## <summary>
+## Get the attributes of the
+## /dev/pts directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`term_getattr_pty_dirs',`
+ gen_require(`
+ type devpts_t;
+ ')
+
+ allow $1 devpts_t:dir getattr;
+')
+
+########################################
+## <summary>
## Do not audit attempts to get the
## attributes of the /dev/pts directory.
## </summary>
@@ -553,6 +572,7 @@ interface(`term_getattr_generic_ptys',`
allow $1 devpts_t:chr_file getattr;
')
+
########################################
## <summary>
## Do not audit attempts to get the attributes
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2017-01-01 16:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2017-01-01 16:36 UTC (permalink / raw
To: gentoo-commits
commit: 2d3434d450e59823792bf8071e07cacf5c9e9fd4
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Tue Dec 27 13:56:26 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Jan 1 16:26:28 2017 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2d3434d4
Allow searching /proc/sys/fs when using /proc/sys/fs/binfmt_misc
Interface fs_register_binary_executable_type allow registering
interpreters using a filesystem monted on /proc/sys/fs/binfmt_misc. In
order to access this filesystem, the process needs to search every
parent directory of the mountpoint.
Signed-off-by: Nicolas Iooss <nicolas.iooss <AT> m4x.org>
policy/modules/kernel/filesystem.if | 2 ++
policy/modules/kernel/kernel.if | 19 +++++++++++++++++++
2 files changed, 21 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 9471dbe..c85d805 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -612,6 +612,8 @@ interface(`fs_register_binary_executable_type',`
type binfmt_misc_fs_t;
')
+ # binfmt_misc filesystem is usually mounted on /proc/sys/fs/binfmt_misc
+ kernel_search_fs_sysctls($1)
rw_files_pattern($1, binfmt_misc_fs_t, binfmt_misc_fs_t)
')
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 29709df..2c7ad0c 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2005,6 +2005,25 @@ interface(`kernel_rw_kernel_sysctl',`
########################################
## <summary>
+## Search filesystem sysctl directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`kernel_search_fs_sysctls',`
+ gen_require(`
+ type proc_t, sysctl_t, sysctl_fs_t;
+ ')
+
+ search_dirs_pattern($1, { proc_t sysctl_t sysctl_fs_t }, sysctl_fs_t)
+')
+
+########################################
+## <summary>
## Read filesystem sysctls.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-12-08 4:47 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-12-08 4:47 UTC (permalink / raw
To: gentoo-commits
commit: 09c1ebf0c9625c61f4e0c832a81c54bde9fc3bdd
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Wed Dec 7 01:26:43 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 8 04:45:02 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=09c1ebf0
Module version bump for kernel sysctl patch from Luis Ressel
policy/modules/kernel/kernel.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 20b922c..7334dc9 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.21.1)
+policy_module(kernel, 1.21.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-12-08 4:47 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-12-08 4:47 UTC (permalink / raw
To: gentoo-commits
commit: e52d67f09e996710fb8f6a8c9e37843788269b46
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Tue Dec 6 22:49:02 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 8 04:45:02 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e52d67f0
kernel.if: Allow listing /proc/sys/net/unix
The kernel_read_unix_sysctls() and kernel_rw_unix_sysctls() currenly
don't allow listing the /proc/sys/net/unix directory, contrary to the
other sysctl interfaces.
policy/modules/kernel/kernel.if | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 5af202c..29709df 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -1758,7 +1758,7 @@ interface(`kernel_read_unix_sysctls',`
read_files_pattern($1, { proc_t sysctl_t sysctl_net_t }, sysctl_net_unix_t)
- list_dirs_pattern($1, { proc_t sysctl_t }, sysctl_net_t)
+ list_dirs_pattern($1, { proc_t sysctl_t }, { sysctl_net_t sysctl_net_unix_t })
')
########################################
@@ -1780,7 +1780,7 @@ interface(`kernel_rw_unix_sysctls',`
rw_files_pattern($1, { proc_t sysctl_t sysctl_net_t }, sysctl_net_unix_t)
- list_dirs_pattern($1, { proc_t sysctl_t }, sysctl_net_t)
+ list_dirs_pattern($1, { proc_t sysctl_t }, { sysctl_net_t sysctl_net_unix_t })
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-12-06 12:26 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-12-06 12:26 UTC (permalink / raw
To: gentoo-commits
commit: e9af5bb6877993fb1045c45f7ca9cea2cc9246e8
Author: Guido Trentalancia via refpolicy <refpolicy <AT> oss <DOT> tresys <DOT> com>
AuthorDate: Sat Oct 29 22:01:47 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Nov 27 16:04:59 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e9af5bb6
Let the user list noxattr fs directories
When reading or managing noxattr fs files or symbolic links, also
let the user list noxattr fs directories.
This patch should be applied after the following one:
http://oss.tresys.com/pipermail/refpolicy/2016-October/008539.html
"Let users read/manage symlinks on fs that do not support xattr"
posted on Sat, 29 Oct 2016 15:39:46 UTC.
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/kernel/filesystem.if | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 5de3a44..9471dbe 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -1179,6 +1179,7 @@ interface(`fs_read_noxattr_fs_files',`
attribute noxattrfs;
')
+ fs_list_noxattr_fs($1)
read_files_pattern($1, noxattrfs, noxattrfs)
')
@@ -1234,6 +1235,7 @@ interface(`fs_manage_noxattr_fs_files',`
attribute noxattrfs;
')
+ fs_list_noxattr_fs($1)
manage_files_pattern($1, noxattrfs, noxattrfs)
')
@@ -1252,6 +1254,7 @@ interface(`fs_read_noxattr_fs_symlinks',`
attribute noxattrfs;
')
+ fs_list_noxattr_fs($1)
read_lnk_files_pattern($1, noxattrfs, noxattrfs)
')
@@ -1270,6 +1273,7 @@ interface(`fs_manage_noxattr_fs_symlinks',`
attribute noxattrfs;
')
+ fs_list_noxattr_fs($1)
manage_lnk_files_pattern($1, noxattrfs, noxattrfs)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-08-31 16:38 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-08-31 16:38 UTC (permalink / raw
To: gentoo-commits
commit: b4d0e393e05570bb3581a17bbba3f2c3070073bd
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Tue Aug 30 00:24:48 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Aug 31 15:38:26 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b4d0e393
Module version bump for module_load perm use from Guido Trentalancia.
policy/modules/kernel/files.te | 2 +-
policy/modules/kernel/kernel.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 3ad8cd8..9eff39b 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.21.1)
+policy_module(files, 1.21.2)
########################################
#
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index c18e7eb..cb9a236 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.20.4)
+policy_module(kernel, 1.20.5)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-08-31 16:38 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-08-31 16:38 UTC (permalink / raw
To: gentoo-commits
commit: aec9eaf2286333e32c87e20244488b162b885df9
Author: Guido Trentalancia <guido <AT> trentalancia <DOT> net>
AuthorDate: Fri Aug 19 13:27:32 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Aug 31 15:38:26 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=aec9eaf2
Add module_load permission to can_load_kernmodule
The "module_load" permission has been recently added to the "system"
class (kernel 4.7).
The following patch updates the Reference Policy so that the new
permission is allowed when a kernel module should be loaded.
To preserve the module encapsulation, a new interface is defined
in the kernel files module and that interface is then used in the
kernel module.
A short note is added about unneeded permissions that set the
kernel scheduling parameters (might lead to service disruption).
Signed-off-by: Guido Trentalancia <guido <AT> trentalancia.net>
policy/modules/kernel/files.if | 19 +++++++++++++++++++
policy/modules/kernel/kernel.te | 4 ++++
2 files changed, 23 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index dc13e31..0d9fddd 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -4160,6 +4160,25 @@ interface(`files_kernel_modules_filetrans',`
########################################
## <summary>
+## Load kernel module files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_load_kernel_modules',`
+ gen_require(`
+ type modules_object_t;
+ ')
+
+ files_read_kernel_modules($1)
+ allow $1 modules_object_t:system module_load;
+')
+
+########################################
+## <summary>
## List world-readable directories.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 6467aed..c18e7eb 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -429,8 +429,12 @@ optional_policy(`
if( ! secure_mode_insmod ) {
allow can_load_kernmodule self:capability sys_module;
+ files_load_kernel_modules(can_load_kernmodule)
+
# load_module() calls stop_machine() which
# calls sched_setscheduler()
+ # gt: there seems to be no trace of the above, at
+ # least in kernel versions greater than 2.6.37...
allow can_load_kernmodule self:capability sys_nice;
kernel_setsched(can_load_kernmodule)
}
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2016-08-13 18:35 Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2016-08-13 18:35 UTC (permalink / raw
To: gentoo-commits
commit: c2b53d33b3bf66abd19c8602a9c7c5dd97be13d3
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sun Aug 7 20:07:35 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Aug 13 18:23:03 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c2b53d33
corenetwork: Missed version bump for previous commit.
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index d047b6a..30d1617 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.21.2)
+policy_module(corenetwork, 1.21.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2016-08-13 18:35 Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2016-08-13 18:35 UTC (permalink / raw
To: gentoo-commits
commit: 1dcf41df874bce428006609b5b17885f5a0d2319
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sun Aug 7 18:46:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Aug 13 18:23:03 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1dcf41df
corenetwork: Add port labeling for Global Catalog over LDAPS.
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index a7c78b9..d047b6a 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -169,7 +169,7 @@ network_port(kdeconnect, tcp,1714,s0, udp,1714,s0)
network_port(kprop, tcp,754,s0)
network_port(ktalkd, udp,517,s0, udp,518,s0)
network_port(l2tp, tcp,1701,s0, udp,1701,s0)
-network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0)
+network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0, tcp,3269,s0)
network_port(lirc, tcp,8765,s0)
network_port(llmnr, tcp,5355,s0, udp,5355,s0)
network_port(lmtp, tcp,24,s0, udp,24,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2016-08-13 18:35 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
@ 2016-08-13 18:32 ` Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-08-13 18:32 UTC (permalink / raw
To: gentoo-commits
commit: 1dcf41df874bce428006609b5b17885f5a0d2319
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sun Aug 7 18:46:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Aug 13 18:23:03 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1dcf41df
corenetwork: Add port labeling for Global Catalog over LDAPS.
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index a7c78b9..d047b6a 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -169,7 +169,7 @@ network_port(kdeconnect, tcp,1714,s0, udp,1714,s0)
network_port(kprop, tcp,754,s0)
network_port(ktalkd, udp,517,s0, udp,518,s0)
network_port(l2tp, tcp,1701,s0, udp,1701,s0)
-network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0)
+network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0, tcp,3269,s0)
network_port(lirc, tcp,8765,s0)
network_port(llmnr, tcp,5355,s0, udp,5355,s0)
network_port(lmtp, tcp,24,s0, udp,24,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-07-31 10:40 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2016-07-31 10:40 UTC (permalink / raw
To: gentoo-commits
commit: 9fc280113ec3479814af5db91f21340f054e7aa4
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Sat Jul 30 20:25:42 2016 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jul 31 10:40:14 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9fc28011
Get attributes of generic ptys, from Russell Coker.
policy/modules/kernel/terminal.if | 17 +++++++++++++++++
policy/modules/kernel/terminal.te | 2 +-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 2e6a376..ed52733 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -538,6 +538,23 @@ interface(`term_relabel_pty_dirs',`
########################################
## <summary>
+## Get the attributes of generic pty devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to allow
+## </summary>
+## </param>
+#
+interface(`term_getattr_generic_ptys',`
+ gen_require(`
+ type devpts_t;
+ ')
+
+ allow $1 devpts_t:chr_file getattr;
+')
+########################################
+## <summary>
## Do not audit attempts to get the attributes
## of generic pty devices.
## </summary>
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index 01e1516..d25f4d2 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -1,4 +1,4 @@
-policy_module(terminal, 1.14.0)
+policy_module(terminal, 1.14.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-07-31 10:40 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2016-07-31 10:40 UTC (permalink / raw
To: gentoo-commits
commit: e43427a2c0916680bca3b13cc3cab976139bf7df
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Wed Jul 27 22:37:56 2016 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jul 31 10:40:12 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e43427a2
Module version bump for MLS relabeling patch from Lukas Vrabec.
policy/modules/kernel/mls.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/mls.te b/policy/modules/kernel/mls.te
index 13b8625..d1a05cf 100644
--- a/policy/modules/kernel/mls.te
+++ b/policy/modules/kernel/mls.te
@@ -1,4 +1,4 @@
-policy_module(mls, 1.8.1)
+policy_module(mls, 1.8.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:swift commit in: policy/modules/kernel/
@ 2016-07-03 11:34 Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2016-07-03 11:34 UTC (permalink / raw
To: gentoo-commits
commit: 54607cc91b1bf9ca7dbf3b9527776b5a0effefb1
Author: Garrett Holmstrom <gholms <AT> devzero <DOT> com>
AuthorDate: Wed Jun 29 23:27:13 2016 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jul 3 11:27:12 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=54607cc9
corecmd: Remove fcontext for /etc/sysconfig/libvirtd
/etc/sysconfig/libvirtd does not have the executable bit set, so it does
not make sense for it to be labelled bin_t. I can't seem to find the
reason it was set that way originally.
Signed-off-by: Garrett Holmstrom <gholms <AT> devzero.com>
policy/modules/kernel/corecommands.fc | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 90541eb..c265d1f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -105,7 +105,6 @@ ifdef(`distro_redhat',`
/etc/sysconfig/crond -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/init -- gen_context(system_u:object_r:bin_t,s0)
-/etc/sysconfig/libvirtd -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/netconsole -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/readonly-root -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2016-07-03 11:34 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
@ 2016-07-03 11:27 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2016-07-03 11:27 UTC (permalink / raw
To: gentoo-commits
commit: 54607cc91b1bf9ca7dbf3b9527776b5a0effefb1
Author: Garrett Holmstrom <gholms <AT> devzero <DOT> com>
AuthorDate: Wed Jun 29 23:27:13 2016 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jul 3 11:27:12 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=54607cc9
corecmd: Remove fcontext for /etc/sysconfig/libvirtd
/etc/sysconfig/libvirtd does not have the executable bit set, so it does
not make sense for it to be labelled bin_t. I can't seem to find the
reason it was set that way originally.
Signed-off-by: Garrett Holmstrom <gholms <AT> devzero.com>
policy/modules/kernel/corecommands.fc | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 90541eb..c265d1f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -105,7 +105,6 @@ ifdef(`distro_redhat',`
/etc/sysconfig/crond -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/init -- gen_context(system_u:object_r:bin_t,s0)
-/etc/sysconfig/libvirtd -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/netconsole -- gen_context(system_u:object_r:bin_t,s0)
/etc/sysconfig/readonly-root -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:swift commit in: policy/modules/kernel/
@ 2016-07-03 11:34 Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2016-07-03 11:34 UTC (permalink / raw
To: gentoo-commits
commit: fb5adde5e0a74184a838fba73f8f5d55102c89d2
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org>
AuthorDate: Fri Jul 1 00:36:16 2016 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jul 3 11:27:23 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=fb5adde5
Module version bump for corecommands update from Garrett Holmstrom.
policy/modules/kernel/corecommands.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index e944817..8bf3252 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.21.4)
+policy_module(corecommands, 1.21.5)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-06-23 15:59 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-06-23 15:59 UTC (permalink / raw
To: gentoo-commits
commit: c2a380d8e68516d797985eb57246a0af54dbfe1e
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Jun 21 17:09:47 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Jun 22 09:31:48 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c2a380d8
corecommands: Add fcontext for crossdev toolchains
policy/modules/kernel/corecommands.fc | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 35752e7..90541eb 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -347,8 +347,10 @@ ifdef(`distro_debian',`
')
ifdef(`distro_gentoo', `
-/usr/.*-.*-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/.*-.*-linux-gnu/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/]+-[^/]+-linux-gnu/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/]+-[^/]+-linux-gnu/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/]+-[^/]+-linux-gnu/[^/]+/gcc-bin/.*(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/[^/]+-[^/]+-linux-gnu/[^/]+/binutils-bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
')
ifdef(`distro_redhat', `
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-06-02 6:32 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-06-02 6:32 UTC (permalink / raw
To: gentoo-commits
commit: 4c773dad81001798871c3930ab32efdd2f3545a2
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu May 26 11:47:18 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Jun 1 18:20:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4c773dad
Module version bump for LMNR port from Laurent Bigonville.
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index d8b12e5..a7c78b9 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.21.1)
+policy_module(corenetwork, 1.21.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-06-02 6:32 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-06-02 6:32 UTC (permalink / raw
To: gentoo-commits
commit: 8743593e8e76d8dfe51411563b22d1337ac5ca99
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Thu May 26 09:20:08 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Jun 1 18:20:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=8743593e
Add llmnr/5355 (Link-local Multicast Name Resolution)
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 4503972..d8b12e5 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -171,6 +171,7 @@ network_port(ktalkd, udp,517,s0, udp,518,s0)
network_port(l2tp, tcp,1701,s0, udp,1701,s0)
network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0)
network_port(lirc, tcp,8765,s0)
+network_port(llmnr, tcp,5355,s0, udp,5355,s0)
network_port(lmtp, tcp,24,s0, udp,24,s0)
network_port(lrrd) # no defined portcon
network_port(mail, tcp,2000,s0, tcp,3905,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-05-13 5:37 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-05-13 5:37 UTC (permalink / raw
To: gentoo-commits
commit: 48506484a821aadad30275f31b50bb636564e031
Author: Lukas Vrabec <lvrabec <AT> redhat <DOT> com>
AuthorDate: Thu Mar 31 10:26:30 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri May 13 05:07:33 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=48506484
SELinux support for cgroup2 filesystem.
With the new "cgroup2" system added in kernel 4.5, systemd is getting
selinux denials when manipulating the cgroup hierarchy.
Pull request in systemd with cgroup2 support:
https://github.com/systemd/systemd/pull/2903
AVC when writing process numbers to move them to the right cgroup:
Mar 29 19:58:30 rawhide kernel: audit: type=1400
audit(1459295910.257:68): avc: denied { write } for pid=1
comm="systemd" name="cgroup.procs" dev="cgroup2" ino=6
scontext=system_u:system_r:init_t:s0
tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1
In this case new filesystem "cgroup2" need to be labeled as cgroup_t.
Signed-off-by: Lukas Vrabec <lvrabec <AT> redhat.com>
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 8de310b..86d59bf 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -78,6 +78,7 @@ fs_type(cgroup_t)
files_mountpoint(cgroup_t)
dev_associate_sysfs(cgroup_t)
genfscon cgroup / gen_context(system_u:object_r:cgroup_t,s0)
+genfscon cgroup2 / gen_context(system_u:object_r:cgroup_t,s0)
type configfs_t;
fs_type(configfs_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 2343ec0c4f4e7d09495b7f7304246c7522f644fa
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Mar 22 19:43:30 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2343ec0c
Reduce broad entrypoints for unconfined domains.
Entrypoints into unconfined domains, like with confined domains, should be
tightly controlled to make arbitrary code execution more difficult.
policy/modules/kernel/files.te | 4 ++--
policy/modules/kernel/kernel.te | 12 ++++++++----
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 7a0e0f2..3ad8cd8 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.21.0)
+policy_module(files, 1.21.1)
########################################
#
@@ -212,7 +212,7 @@ fs_associate_tmpfs(tmpfsfile)
#
# Create/access any file in a labeled filesystem;
-allow files_unconfined_type file_type:{ file chr_file } ~execmod;
+allow files_unconfined_type file_type:{ file chr_file } ~{ entrypoint execmod };
allow files_unconfined_type file_type:{ dir lnk_file sock_file fifo_file blk_file } *;
# Mount/unmount any filesystem with the context= option.
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 798dbb5..6467aed 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.20.3)
+policy_module(kernel, 1.20.4)
########################################
#
@@ -175,6 +175,7 @@ files_mountpoint(unlabeled_t)
fs_associate(unlabeled_t)
sid file gen_context(system_u:object_r:unlabeled_t,s0)
sid unlabeled gen_context(system_u:object_r:unlabeled_t,mls_systemhigh)
+neverallow * unlabeled_t:file entrypoint;
# These initial sids are no longer used, and can be removed:
sid any_socket gen_context(system_u:object_r:unlabeled_t,mls_systemhigh)
@@ -439,13 +440,16 @@ if( ! secure_mode_insmod ) {
# Rules for unconfined acccess to this module
#
-allow kern_unconfined proc_type:{ dir file lnk_file } *;
+allow kern_unconfined proc_type:{ dir lnk_file } *;
+allow kern_unconfined proc_type:file ~{ execmod entrypoint };
-allow kern_unconfined sysctl_type:{ dir file } *;
+allow kern_unconfined sysctl_type:dir *;
+allow kern_unconfined sysctl_type:file ~{ execmod entrypoint };
allow kern_unconfined kernel_t:system *;
-allow kern_unconfined unlabeled_t:dir_file_class_set *;
+allow kern_unconfined unlabeled_t:{ file chr_file } ~{ entrypoint execmod };
+allow kern_unconfined unlabeled_t:{ dir lnk_file sock_file fifo_file blk_file } *;
allow kern_unconfined unlabeled_t:filesystem *;
allow kern_unconfined unlabeled_t:association *;
allow kern_unconfined unlabeled_t:packet *;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 115b10433bf704ffe5966b476702b24970bb8cfc
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Wed Jan 20 11:36:02 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=115b1043
Fix typo in dev_setattr_dlm_control interface requirements
policy/modules/kernel/devices.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 9615efd..3f05417 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -1803,7 +1803,7 @@ interface(`dev_rw_crypto',`
#
interface(`dev_setattr_dlm_control',`
gen_require(`
- type device_t, kvm_device_t;
+ type device_t, dlm_control_device_t;
')
setattr_chr_files_pattern($1, device_t, dlm_control_device_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 8cc018e1c9e36a030434c16f5e5ace8a7e9c20eb
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Tue Dec 22 20:26:02 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=8cc018e1
Allow kdevtmpfs to unlink fixed disk devices
When a device gets removed, for example with "cryptsetup close",
kdevtmpfs (a kernel thread) removes its entry from devtmpfs filesystem:
avc: denied { unlink } for pid=48 comm="kdevtmpfs"
name="dm-4" dev="devtmpfs" ino=144111
scontext=system_u:system_r:kernel_t
tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file
Allow this access on systems using systemd.
policy/modules/kernel/kernel.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index f1016a3..a51fcf8 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -316,6 +316,7 @@ ifdef(`init_systemd',`
storage_dev_filetrans_fixed_disk(kernel_t)
storage_setattr_fixed_disk_dev(kernel_t)
storage_create_fixed_disk_dev(kernel_t)
+ storage_delete_fixed_disk_dev(kernel_t)
')
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: d53bd8c58a5bb827bf4f2f32d23c1ce1e289aa35
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Mar 22 19:34:53 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d53bd8c5
Module version bump for several Arch fixes from Nicolas Iooss.
policy/modules/kernel/corecommands.te | 2 +-
policy/modules/kernel/devices.te | 2 +-
policy/modules/kernel/kernel.te | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index f2cb295..eee1a19 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.21.2)
+policy_module(corecommands, 1.21.3)
########################################
#
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index ed045d9..e8b3bb0 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.18.0)
+policy_module(devices, 1.18.1)
########################################
#
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index a51fcf8..798dbb5 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.20.2)
+policy_module(kernel, 1.20.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 81028072096b64f3a06b3444311958ee9f442244
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Mar 19 09:30:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=81028072
Do not label /usr/lib/gvfs/libgvfscommon.so as bin_t
On Arch Linux, /usr/lib/gvfs directory contains both executable files
(gvfsd, gvfs-udisks2-volume-monitor...) and libraries (libgvfscommon.so
and libgvfsdaemon.so). As all executable files are prefixed with
"gfvs", so use this to distinguish them with the libraries.
This fixes the following AVC denials, reported from geoclue service
using a library wrongly labelled bin_t:
avc: denied { read } for pid=14872 comm="geoclue"
name="libgvfscommon.so" dev="dm-0" ino=3152594
scontext=system_u:system_r:geoclue_t
tcontext=system_u:object_r:bin_t tclass=file permissive=1
avc: denied { open } for pid=14872 comm="geoclue"
path="/usr/lib/gvfs/libgvfscommon.so" dev="dm-0" ino=3152594
scontext=system_u:system_r:geoclue_t
tcontext=system_u:object_r:bin_t tclass=file permissive=1
avc: denied { execute } for pid=14872 comm="geoclue"
path="/usr/lib/gvfs/libgvfscommon.so" dev="dm-0" ino=3152594
scontext=system_u:system_r:geoclue_t
tcontext=system_u:object_r:bin_t tclass=file permissive=1
policy/modules/kernel/corecommands.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 1e8e894..c228d79 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -222,7 +222,7 @@ ifdef(`distro_gentoo',`
/usr/lib/git-core/git-shell -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/git-core(/.*) -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gnome-settings-daemon/.* -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/gvfs/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/gvfs/gvfs.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ipsec/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/kde4/libexec/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: f5568d101b42ad43e72b4beca47cf5cb6de92d6c
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Mar 19 09:30:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:51:51 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f5568d10
Label TexLive scripts bin_t
These scripts can be run by users.
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index beb3ad8..db76963 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -327,6 +327,7 @@ ifdef(`distro_gentoo',`
/usr/share/smolt/client(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/spamassassin/sa-update\.cron gen_context(system_u:object_r:bin_t,s0)
/usr/share/texmf/web2c/mktexdir -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/texmf-dist/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/turboprint/lib(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/vhostmd/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 73e1663246b8b6b61342f8b7ce46238f32cf3731
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Mar 19 09:30:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=73e16632
Label some user session DBus services as bin_t
policy/modules/kernel/corecommands.fc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 6638e83..1e8e894 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -198,6 +198,7 @@ ifdef(`distro_gentoo',`
/usr/(.*/)?sbin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib(.*/)?sbin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/at-spi2-core(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/avahi/avahi-daemon-check-dns\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ccache/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/fence(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -212,8 +213,10 @@ ifdef(`distro_gentoo',`
/usr/lib/cups(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/cyrus/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/cyrus-imapd/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/dconf/dconf-service -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/evince/evinced -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/getconf(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gimp/.*/plug-ins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/git-core/git-shell -- gen_context(system_u:object_r:shell_exec_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-03-23 18:36 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-03-23 18:36 UTC (permalink / raw
To: gentoo-commits
commit: 1a6d1f9d456eaddc7e941ccc27bd3c40c0c8b945
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Mar 19 09:30:42 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Mar 23 17:53:49 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1a6d1f9d
Label gedit plugins properly on Arch Linux
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 320f040..6638e83 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -307,6 +307,7 @@ ifdef(`distro_gentoo',`
/usr/share/cluster/svclib_nfslock -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/e16/misc(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/share/gedit/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/gedit-2/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/gitolite/hooks/common/update -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/gitolite/hooks/gitolite-admin/post-update -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-02-12 3:51 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-02-12 3:51 UTC (permalink / raw
To: gentoo-commits
commit: c6a0130e91531f40f79fb38cf2f7fd1d829d7565
Author: Vit Mojzis <vmojzis <AT> redhat <DOT> com>
AuthorDate: Thu Oct 1 08:20:01 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 12 03:15:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c6a0130e
Add interface to allow reading files in efivarfs - contains Linux Kernel configuration options for UEFI systems (UEFI Runtime Variables)
policy/modules/kernel/filesystem.if | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index c5a1ad1..11fff8d 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -1846,6 +1846,26 @@ interface(`fs_manage_dos_files',`
manage_files_pattern($1, dosfs_t, dosfs_t)
')
+#######################################
+## <summary>
+## Read files in efivarfs
+## - contains Linux Kernel configuration options for UEFI systems
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`fs_read_efivarfs_files',`
+ gen_require(`
+ type efivarfs_t;
+ ')
+
+ read_files_pattern($1, efivarfs_t, efivarfs_t)
+')
+
########################################
## <summary>
## Read eventpollfs files.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-02-12 3:51 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-02-12 3:51 UTC (permalink / raw
To: gentoo-commits
commit: 93b77be0089cf90598faa8aecef45ca78b8f210b
Author: Dan Walsh <dwalsh <AT> redhat <DOT> com>
AuthorDate: Tue Dec 11 19:50:03 2012 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 12 03:15:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=93b77be0
Add label for efivarfs
policy/modules/kernel/filesystem.te | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index e3bc98c..62d7c58 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -93,6 +93,11 @@ fs_noxattr_type(ecryptfs_t)
files_mountpoint(ecryptfs_t)
genfscon ecryptfs / gen_context(system_u:object_r:ecryptfs_t,s0)
+type efivarfs_t;
+fs_noxattr_type(efivarfs_t)
+files_mountpoint(efivarfs_t)
+genfscon efivarfs / gen_context(system_u:object_r:efivarfs_t,s0)
+
type futexfs_t;
fs_type(futexfs_t)
genfscon futexfs / gen_context(system_u:object_r:futexfs_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-02-12 3:51 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-02-12 3:51 UTC (permalink / raw
To: gentoo-commits
commit: 76f8a0616a3925d6686e393c90df46e475f3c367
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Feb 2 14:35:30 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 12 03:15:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=76f8a061
Module version bump for patches from Nicolas Iooss and Grant Ridder.
policy/modules/kernel/corenetwork.te.in | 2 +-
policy/modules/kernel/filesystem.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 21f2a02..4503972 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.21.0)
+policy_module(corenetwork, 1.21.1)
########################################
#
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 7d64035..e3bc98c 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.20.2)
+policy_module(filesystem, 1.20.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-02-12 3:51 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-02-12 3:51 UTC (permalink / raw
To: gentoo-commits
commit: afd06230f6385557bd0aaf8b6ca8df1e5b5513b3
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Jan 30 13:22:01 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 12 03:15:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=afd06230
Label /sys/kernel/debug/tracing filesystem
tracefs filesystem is automounted in /sys/kernel/debug/tracing directory
since Linux 4.1. Label this filesystem properly.
Linux commit:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f76180bc07abc399977bfbe8c43bf58c4570e893
policy/modules/kernel/filesystem.te | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 6ee0996..7d64035 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -166,6 +166,10 @@ files_mountpoint(sysv_t)
genfscon sysv / gen_context(system_u:object_r:sysv_t,s0)
genfscon v7 / gen_context(system_u:object_r:sysv_t,s0)
+type tracefs_t;
+fs_type(tracefs_t)
+genfscon tracefs / gen_context(system_u:object_r:tracefs_t,s0)
+
type vmblock_t;
fs_noxattr_type(vmblock_t)
files_mountpoint(vmblock_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-02-12 3:51 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-02-12 3:51 UTC (permalink / raw
To: gentoo-commits
commit: 6ad7dfd8cc1eed6eab81ddcb625983c2b29a1c1f
Author: Grant Ridder <shortdudey123 <AT> gmail <DOT> com>
AuthorDate: Mon Feb 1 18:46:09 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri Feb 12 03:15:07 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=6ad7dfd8
Add redis-sentinel port to redis network_port def
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 07e4a9e..21f2a02 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -228,7 +228,7 @@ network_port(radacct, udp,1646,s0, udp,1813,s0)
network_port(radius, udp,1645,s0, udp,1812,s0)
network_port(radsec, tcp,2083,s0)
network_port(razor, tcp,2703,s0)
-network_port(redis, tcp,6379,s0)
+network_port(redis, tcp,6379,s0, tcp,26379,s0)
network_port(repository, tcp, 6363, s0)
network_port(ricci, tcp,11111,s0, udp,11111,s0)
network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-01-30 17:21 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-01-30 17:21 UTC (permalink / raw
To: gentoo-commits
commit: 81c91b609a6b136e43dd13a51b89af425878ed76
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jan 11 14:02:39 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jan 30 17:16:56 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=81c91b60
Add a type and genfscon for nsfs.
policy/modules/kernel/filesystem.te | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index d8c5271..89de79d 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.20.0)
+policy_module(filesystem, 1.20.1)
########################################
#
@@ -126,6 +126,9 @@ type nfsd_fs_t;
fs_type(nfsd_fs_t)
genfscon nfsd / gen_context(system_u:object_r:nfsd_fs_t,s0)
+type nsfs_t;
+genfscon nsfs / gen_context(system_u:object_r:nsfs_t,s0)
+
type oprofilefs_t;
fs_type(oprofilefs_t)
genfscon oprofilefs / gen_context(system_u:object_r:oprofilefs_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-01-30 17:21 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-01-30 17:21 UTC (permalink / raw
To: gentoo-commits
commit: 482a3e8b03cf77c4b3113a5d340aece78da232c0
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed Jan 6 14:09:36 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jan 30 17:16:56 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=482a3e8b
Add neverallow for mac_override capability. It is not used by SELinux.
policy/modules/kernel/domain.te | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index dfcf4a7..fa24e36 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -1,4 +1,4 @@
-policy_module(domain, 1.13.0)
+policy_module(domain, 1.13.1)
########################################
#
@@ -35,6 +35,9 @@ attribute set_curr_context;
# dynamic transition, you should not be using it!!!
neverallow { domain -set_curr_context } self:process setcurrent;
+# No domain needs mac_override as it is unused by SELinux.
+neverallow domain self:capability2 mac_override;
+
# entrypoint executables
attribute entry_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2016-01-30 17:21 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2016-01-30 17:21 UTC (permalink / raw
To: gentoo-commits
commit: c8c6d7d62a0f9789b4046607abcd32adf0c0eb12
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Mon Jan 18 22:47:38 2016 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Jan 30 17:16:57 2016 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c8c6d7d6
Fix typos in comments from corenetwork module
policy/modules/kernel/corenetwork.if.in | 2 +-
policy/modules/kernel/corenetwork.if.m4 | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if.in b/policy/modules/kernel/corenetwork.if.in
index a1d5b6a..6e0bb9f 100644
--- a/policy/modules/kernel/corenetwork.if.in
+++ b/policy/modules/kernel/corenetwork.if.in
@@ -855,7 +855,7 @@ interface(`corenet_udp_bind_generic_node',`
########################################
## <summary>
-## Bind raw sockets to genric nodes.
+## Bind raw sockets to generic nodes.
## </summary>
## <param name="domain">
## <summary>
diff --git a/policy/modules/kernel/corenetwork.if.m4 b/policy/modules/kernel/corenetwork.if.m4
index 8e0f9cd..8a4db53 100644
--- a/policy/modules/kernel/corenetwork.if.m4
+++ b/policy/modules/kernel/corenetwork.if.m4
@@ -820,7 +820,7 @@ define(`network_node',`
create_node_type_interfaces($1)
')
-# These next three macros have formatting, and should not me indented
+# These next three macros have formatting, and should not be indented
define(`determine_reserved_capability',`dnl
ifelse($2,`',`',`dnl
ifelse(eval($2 < 1024),1,``allow' dollarsone self:capability net_bind_service;',`dnl
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-12-17 18:49 Jason Zaman
2015-12-17 16:10 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2015-12-17 18:49 UTC (permalink / raw
To: gentoo-commits
commit: c8cafc3de53e84a7342a55cf8479c6d549dd5745
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Dec 14 15:04:14 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 17 15:25:22 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c8cafc3d
Module version bump for vm overcommit sysctl interfaces from Laurent Bigonville.
policy/modules/kernel/kernel.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 7fe0a70..4ac22e0 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.20.1)
+policy_module(kernel, 1.20.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-12-17 16:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-12-17 16:10 UTC (permalink / raw
To: gentoo-commits
commit: 3a34bdec305591d9452b07c29d59c61a6c365d81
Author: Dominick Grift <dac.override <AT> gmail <DOT> com>
AuthorDate: Thu Dec 10 16:08:27 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 17 15:25:22 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=3a34bdec
kernel: implement sysctl_vm_overcommit_t for /proc/sys/vm/overcommit_memory
Whoever requires this type first gets to create the interfaces to operate on this object
Signed-off-by: Dominick Grift <dac.override <AT> gmail.com>
policy/modules/kernel/kernel.te | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 0de538c..2625e2f 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -153,6 +153,9 @@ genfscon proc /sys/net/unix gen_context(system_u:object_r:sysctl_net_unix_t,s0)
type sysctl_vm_t, sysctl_type;
genfscon proc /sys/vm gen_context(system_u:object_r:sysctl_vm_t,s0)
+type sysctl_vm_overcommit_t, sysctl_type;
+genfscon proc /sys/vm/overcommit_memory gen_context(system_u:object_r:sysctl_vm_overcommit_t,s0)
+
# /proc/sys/dev directory and files
type sysctl_dev_t, sysctl_type;
genfscon proc /sys/dev gen_context(system_u:object_r:sysctl_dev_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-12-17 16:10 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-12-17 16:10 UTC (permalink / raw
To: gentoo-commits
commit: 5eb6ba4f89dbcd6b1c5c4e394164aa989c1d140b
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Fri Dec 11 13:03:36 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Dec 17 15:25:22 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5eb6ba4f
Add interfaces to read/write /proc/sys/vm/overcommit_memory
policy/modules/kernel/kernel.if | 40 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 40 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index df42fa3..5f2f78e 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -3341,3 +3341,43 @@ interface(`kernel_unconfined',`
typeattribute $1 kern_unconfined;
kernel_load_module($1)
')
+
+########################################
+## <summary>
+## Read virtual memory overcommit sysctl.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`kernel_read_vm_overcommit_sysctl',`
+ gen_require(`
+ type sysctl_vm_overcommit_t;
+ ')
+
+ kernel_search_vm_sysctl($1)
+ allow $1 sysctl_vm_overcommit_t:file read_file_perms;
+')
+
+########################################
+## <summary>
+## Read and write virtual memory overcommit sysctl.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`kernel_rw_vm_overcommit_sysctl',`
+ gen_require(`
+ type sysctl_vm_overcommit_t;
+ ')
+
+ kernel_search_vm_sysctl($1)
+ allow $1 sysctl_vm_overcommit_t:file rw_file_perms;
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-10-14 18:36 Jason Zaman
2015-10-13 14:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2015-10-14 18:36 UTC (permalink / raw
To: gentoo-commits
commit: a06bc6f9b36e8b2804ac9a313db8ae40cd83727c
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Oct 11 10:35:20 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Oct 13 13:58:21 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a06bc6f9
Add overlayfs as an XATTR capable fs
The module is called "overlay" in the kernel
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 840f0b2..aba6d88 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -35,6 +35,7 @@ fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr overlay gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2015-10-14 18:36 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
@ 2015-10-13 14:50 ` Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-10-13 14:50 UTC (permalink / raw
To: gentoo-commits
commit: a06bc6f9b36e8b2804ac9a313db8ae40cd83727c
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Oct 11 10:35:20 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Tue Oct 13 13:58:21 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a06bc6f9
Add overlayfs as an XATTR capable fs
The module is called "overlay" in the kernel
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 840f0b2..aba6d88 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -35,6 +35,7 @@ fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr overlay gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-10-11 10:48 Jason Zaman
2015-09-20 7:00 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2015-10-11 10:48 UTC (permalink / raw
To: gentoo-commits
commit: 028f1be9b96aeef997d18a421e05e4bbd2b20bbc
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Sep 15 12:39:21 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 20 06:52:53 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=028f1be9
Module version bump for vfio device from Alexander Wetzel.
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index eb12597..e5bcfcd 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.17.0)
+policy_module(devices, 1.17.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-09-20 7:00 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-09-20 7:00 UTC (permalink / raw
To: gentoo-commits
commit: 50f8ca591816aac7bf881211f9b722955d59fc29
Author: Alexander Wetzel <alexander.wetzel <AT> web <DOT> de>
AuthorDate: Sat Sep 5 07:41:48 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Sep 20 06:52:53 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=50f8ca59
adds vfio device support to base policy
Signed-off-by: Alexander Wetzel <alexander.wetzel <AT> web.de>
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.if | 36 ++++++++++++++++++++++++++++++++++++
policy/modules/kernel/devices.te | 3 +++
3 files changed, 40 insertions(+)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index d6ebfcd..a33e395 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -118,6 +118,7 @@
ifdef(`distro_suse', `
/dev/usbscanner -c gen_context(system_u:object_r:scanner_device_t,s0)
')
+/dev/vfio/.+ -c gen_context(system_u:object_r:vfio_device_t,s0)
/dev/vhost-net -c gen_context(system_u:object_r:vhost_device_t,s0)
/dev/vbi.* -c gen_context(system_u:object_r:v4l_device_t,s0)
/dev/vbox.* -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index ed25979..835ec14 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4611,6 +4611,42 @@ interface(`dev_write_video_dev',`
########################################
## <summary>
+## Read and write vfio devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_rw_vfio_dev',`
+ gen_require(`
+ type device_t, vfio_device_t;
+ ')
+
+ rw_chr_files_pattern($1, device_t, vfio_device_t)
+')
+
+########################################
+## <summary>
+## Relabel vfio devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_relabelfrom_vfio_dev',`
+ gen_require(`
+ type device_t, vfio_device_t;
+ ')
+
+ relabelfrom_chr_files_pattern($1, device_t, vfio_device_t)
+')
+
+############################
+## <summary>
## Allow read/write the vhost net device
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 166c8f7..eb12597 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -273,6 +273,9 @@ dev_node(usbmon_device_t)
type userio_device_t;
dev_node(userio_device_t)
+type vfio_device_t;
+dev_node(vfio_device_t)
+
type v4l_device_t;
dev_node(v4l_device_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-08-27 19:11 Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2015-08-27 19:11 UTC (permalink / raw
To: gentoo-commits
commit: 4cdea0f683f332134f3f93d79099f71d79d5f718
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Aug 8 11:50:28 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Aug 27 19:05:48 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4cdea0f6
Mark APR build scripts as bin_t
I don't know why those are in /usr/share/build-1/ instead of
/usr/share/apr-0/build/ here, but it doesn't appear to be
Gentoo-specific.
policy/modules/kernel/corecommands.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 0c4a15b..f465e43 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -292,6 +292,8 @@ ifdef(`distro_gentoo',`
/usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/libtool -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/build-1/mkdir.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/dayplanner/dayplanner -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
@ 2015-08-27 19:11 ` Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-08-27 19:11 UTC (permalink / raw
To: gentoo-commits
commit: 4cdea0f683f332134f3f93d79099f71d79d5f718
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Aug 8 11:50:28 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Aug 27 19:05:48 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=4cdea0f6
Mark APR build scripts as bin_t
I don't know why those are in /usr/share/build-1/ instead of
/usr/share/apr-0/build/ here, but it doesn't appear to be
Gentoo-specific.
policy/modules/kernel/corecommands.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 0c4a15b..f465e43 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -292,6 +292,8 @@ ifdef(`distro_gentoo',`
/usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/build-1/libtool -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/build-1/mkdir.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/dayplanner/dayplanner -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-08-27 19:11 Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
0 siblings, 1 reply; 268+ messages in thread
From: Jason Zaman @ 2015-08-27 19:11 UTC (permalink / raw
To: gentoo-commits
commit: 52bab858335f691b4469e369ff98c5f8ca521f3c
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Aug 11 12:46:41 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Thu Aug 27 19:05:48 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=52bab858
Module version bump for APR build script labeling from Luis Ressel.
policy/modules/kernel/corecommands.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index fab919e..4c3554d 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.20.0)
+policy_module(corecommands, 1.20.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-08-27 18:58 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-08-27 18:58 UTC (permalink / raw
To: gentoo-commits
commit: a979dd138209b265b8458e2ef901a61262570518
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Wed Aug 26 06:02:55 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Wed Aug 26 06:02:55 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a979dd13
introduce fs_cgroup_filetrans() interface
policy/modules/kernel/filesystem.if | 37 +++++++++++++++++++++++++++++++++++++
1 file changed, 37 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index b6b7063..4ddef7c 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -4988,3 +4988,40 @@ interface(`fs_unconfined',`
typeattribute $1 filesystem_unconfined_type;
')
+
+# gentoo specific under here but not allowed ifdef
+
+########################################
+## <summary>
+## Create an object in a cgroup tmpfs filesystem, with a private
+## type using a type transition.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <param name="private type">
+## <summary>
+## The type of the object to be created.
+## </summary>
+## </param>
+## <param name="object">
+## <summary>
+## The object class of the object being created.
+## </summary>
+## </param>
+## <param name="name" optional="true">
+## <summary>
+## The name of the object being created.
+## </summary>
+## </param>
+#
+interface(`fs_cgroup_filetrans',`
+ gen_require(`
+ type cgroup_t;
+ ')
+
+ allow $2 tmpfs_t:filesystem associate;
+ filetrans_pattern($1, cgroup_t, $2, $3, $4)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:swift commit in: policy/modules/kernel/
@ 2015-07-13 17:35 Sven Vermeulen
2015-07-13 17:42 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2015-07-13 17:35 UTC (permalink / raw
To: gentoo-commits
commit: de1e97adf612ca76797503eb1e8b8369dc428021
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jul 11 14:10:08 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Jul 13 17:35:07 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=de1e97ad
Enable Ceph as a valid SELinux-enabled file system
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 32ecb93..840f0b2 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -22,6 +22,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0)
# Use xattrs for the following filesystem types.
# Requires that a security xattr handler exist for the filesystem.
fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr ceph gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2015-07-13 17:35 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
@ 2015-07-13 17:42 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-07-13 17:42 UTC (permalink / raw
To: gentoo-commits
commit: de1e97adf612ca76797503eb1e8b8369dc428021
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jul 11 14:10:08 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Jul 13 17:35:07 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=de1e97ad
Enable Ceph as a valid SELinux-enabled file system
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 32ecb93..840f0b2 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -22,6 +22,7 @@ sid fs gen_context(system_u:object_r:fs_t,s0)
# Use xattrs for the following filesystem types.
# Requires that a security xattr handler exist for the filesystem.
fs_use_xattr btrfs gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr ceph gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr encfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-06-07 9:31 Sven Vermeulen
2015-06-09 10:52 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2015-06-07 9:31 UTC (permalink / raw
To: gentoo-commits
commit: 2b907c6e33c8e7ada4826e2b94d699a8666eadf1
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Jun 7 09:17:36 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jun 7 09:17:36 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2b907c6e
Add dev_dontaudit_usbmon_dev interface
This will allow us to hide avc denials for applications erroneously
trying to read the usbmon device files.
policy/modules/kernel/devices.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 5ab0f6e..ed25979 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5008,3 +5008,22 @@ interface(`dev_relabel_cpu_online',`
dev_search_sysfs($1)
allow $1 cpu_online_t:file relabel_file_perms;
')
+
+########################################
+## <summary>
+## Dont audit attempts to read usbmon devices
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain for which the attempts do not need to be audited
+## </summary>
+## </param>
+#
+interface(`dev_dontaudit_read_usbmon_dev',`
+ gen_require(`
+ type usbmon_device_t;
+ ')
+
+ dontaudit $1 usbmon_device_t:chr_file read_file_perms;
+')
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2015-06-07 9:31 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
@ 2015-06-09 10:52 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-06-09 10:52 UTC (permalink / raw
To: gentoo-commits
commit: 2b907c6e33c8e7ada4826e2b94d699a8666eadf1
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Jun 7 09:17:36 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jun 7 09:17:36 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2b907c6e
Add dev_dontaudit_usbmon_dev interface
This will allow us to hide avc denials for applications erroneously
trying to read the usbmon device files.
policy/modules/kernel/devices.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 5ab0f6e..ed25979 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -5008,3 +5008,22 @@ interface(`dev_relabel_cpu_online',`
dev_search_sysfs($1)
allow $1 cpu_online_t:file relabel_file_perms;
')
+
+########################################
+## <summary>
+## Dont audit attempts to read usbmon devices
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain for which the attempts do not need to be audited
+## </summary>
+## </param>
+#
+interface(`dev_dontaudit_read_usbmon_dev',`
+ gen_require(`
+ type usbmon_device_t;
+ ')
+
+ dontaudit $1 usbmon_device_t:chr_file read_file_perms;
+')
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-05-30 16:15 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-05-30 16:15 UTC (permalink / raw
To: gentoo-commits
commit: c57bbb62bf1c2b1430977133c2f8a8c738479021
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat May 30 15:00:26 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat May 30 15:00:26 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=c57bbb62
add kdeconnect port 1714
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 70f4ee8..07e4a9e 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -165,6 +165,7 @@ network_port(kerberos, tcp,88,s0, udp,88,s0, tcp,750,s0, udp,750,s0)
network_port(kerberos_admin, tcp,464,s0, udp,464,s0, tcp,749,s0)
network_port(kerberos_master, tcp,4444,s0, udp,4444,s0)
network_port(kismet, tcp,2501,s0)
+network_port(kdeconnect, tcp,1714,s0, udp,1714,s0)
network_port(kprop, tcp,754,s0)
network_port(ktalkd, udp,517,s0, udp,518,s0)
network_port(l2tp, tcp,1701,s0, udp,1701,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-05-22 19:32 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-05-22 19:32 UTC (permalink / raw
To: gentoo-commits
commit: 63a65bb081bc37f5f67316ea844e899f17fbc74c
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed May 6 13:50:14 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri May 22 19:16:43 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=63a65bb0
Module version bump for debufs mount point fc entry from Laurent Bigonville.
policy/modules/kernel/kernel.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 3a045e0..14b5713 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.19.0)
+policy_module(kernel, 1.19.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-05-22 19:32 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2015-05-22 19:32 UTC (permalink / raw
To: gentoo-commits
commit: 2d0945fd8690985bd52af6f783df3289cdf61606
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Wed May 6 10:51:36 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Fri May 22 19:16:43 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2d0945fd
Add fc for /sys/kernel/debug as debugfs_t
policy/modules/kernel/kernel.fc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.fc b/policy/modules/kernel/kernel.fc
index 7be4ddf..5000ce2 100644
--- a/policy/modules/kernel/kernel.fc
+++ b/policy/modules/kernel/kernel.fc
@@ -1 +1,2 @@
-# This module currently does not have any file contexts.
+/sys/kernel/debug -d gen_context(system_u:object_r:debugfs_t,s0)
+/sys/kernel/debug/.* <<none>>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-03-05 13:15 Sven Vermeulen
2015-03-04 19:34 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2015-03-05 13:15 UTC (permalink / raw
To: gentoo-commits
commit: eda29c4a002eff58dcd3c7466f147920e530bf1b
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Mar 4 19:33:03 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Mar 4 19:33:03 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=eda29c4a
Revert change to fix build
Recently I introduced support for kdevtmpfs managing all device nodes
but this triggers an issue. That method requires the storage module to
be in the base, which pulls in an entire set of other issues, or that
the attributes used by the storage module are moved towards the devices
module (or another module inside base) which also has quite some work on
it.
Going to check with other team first.
policy/modules/kernel/kernel.te | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index a48cf63..3a045e0 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -439,5 +439,6 @@ ifdef(`distro_gentoo',`
# To support kdevtmpfs properly (its purpose is to manage the /dev tmpfs so grant it these rights)
# See also bug 535992
- dev_manage_all_dev_nodes(kernel_t)
+ #dev_manage_all_dev_nodes(kernel_t)
+ dev_setattr_generic_chr_files(kernel_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2015-03-05 13:15 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
@ 2015-03-04 19:34 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-03-04 19:34 UTC (permalink / raw
To: gentoo-commits
commit: eda29c4a002eff58dcd3c7466f147920e530bf1b
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Mar 4 19:33:03 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Mar 4 19:33:03 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=eda29c4a
Revert change to fix build
Recently I introduced support for kdevtmpfs managing all device nodes
but this triggers an issue. That method requires the storage module to
be in the base, which pulls in an entire set of other issues, or that
the attributes used by the storage module are moved towards the devices
module (or another module inside base) which also has quite some work on
it.
Going to check with other team first.
policy/modules/kernel/kernel.te | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index a48cf63..3a045e0 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -439,5 +439,6 @@ ifdef(`distro_gentoo',`
# To support kdevtmpfs properly (its purpose is to manage the /dev tmpfs so grant it these rights)
# See also bug 535992
- dev_manage_all_dev_nodes(kernel_t)
+ #dev_manage_all_dev_nodes(kernel_t)
+ dev_setattr_generic_chr_files(kernel_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-03-04 15:35 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-03-04 15:35 UTC (permalink / raw
To: gentoo-commits
commit: 1c9f2085432c1add2a1bfc318f39cd74ef86c2ac
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Mar 4 15:33:34 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Mar 4 15:33:34 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=1c9f2085
Allow rtorrent to bind to tcp port 6926
Two fixes in one row:
1. Add in TCP definition for rtorrent port (was already assumed but
not formalized)
2. Add in TCP:6926 as an rtorrent_port_t as well
X-Gentoo-Bug: 541804
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=541804
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 104e7f5..70f4ee8 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -236,7 +236,7 @@ network_port(rndc, tcp,953,s0, udp,953,s0)
network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
network_port(rsh, tcp,514,s0)
network_port(rsync, tcp,873,s0, udp,873,s0)
-network_port(rtorrent, udp, 6881, s0)
+network_port(rtorrent, tcp,6881,s0, udp,6881,s0, tcp,6926,s0)
network_port(rtsp, tcp,554,s0, udp,554,s0)
network_port(rwho, udp,513,s0)
network_port(salt, tcp,4505,s0, tcp,4506,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-03-04 15:20 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-03-04 15:20 UTC (permalink / raw
To: gentoo-commits
commit: a935b290f5ecc5e507a8a8c1d0e365ddc3e239f3
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Mar 4 15:16:24 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Mar 4 15:16:24 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a935b290
Allow kdevtmpfs to manage /dev
The kdevtmpfs thread (running as kernel_t) is showing behavior regarding
access and management of /dev. Of course, that is its main purpose (see
the Linux kernel source code at drivers/base/devtmpfs.c).
In bug #535992 is an example denial given:
Jan 8 01:37:29 testbed kernel: [28549.831785] audit: type=1400
audit(1420702649.386:1263): avc: denied { setattr } for pid=47
comm="kdevtmpfs" name="dm-6" dev="devtmpfs" ino=10993394
scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:device_t
tclass=blk_file permissive=1
During the LVM2 related testing something similar comes up:
time->Wed Mar 4 15:43:29 2015
type=AVC msg=audit(1425480209.997:137): avc: denied { getattr } for
pid=16 comm="kdevtmpfs" path="/dm-3" dev="devtmpfs" ino=11400
scontext=system_u:system_r:kernel_t:s0
tcontext=system_u:object_r:fixed_disk_device_t:s0 tclass=blk_file
permissive=0
Although there is no error message available, given the function of
kdevtmpfs and the "trusted" domain that kernel_t is, we grant it full
manage rights on the device_node and device_t resources.
X-Gentoo-Bug: 535992
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=535992
policy/modules/kernel/kernel.te | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 2639a5a..a48cf63 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -437,5 +437,7 @@ ifdef(`distro_gentoo',`
#
allow kernel_t unlabeled_t:dir search_dir_perms;
- dev_setattr_generic_chr_files(kernel_t)
+ # To support kdevtmpfs properly (its purpose is to manage the /dev tmpfs so grant it these rights)
+ # See also bug 535992
+ dev_manage_all_dev_nodes(kernel_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-02-15 18:36 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-02-15 18:36 UTC (permalink / raw
To: gentoo-commits
commit: b715e919f47327b139754f16e514d03ae3a46bb1
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Feb 15 18:34:07 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 15 18:34:07 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b715e919
Fix bug #535986 - Mark configfs_t as file type/mount point
---
policy/modules/kernel/filesystem.te | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index f78adef..32ecb93 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -306,3 +306,8 @@ allow filesystem_unconfined_type filesystem_type:filesystem *;
# pseudo filesystem types that are applied to both the filesystem
# and its files.
allow filesystem_unconfined_type filesystem_type:{ dir file lnk_file sock_file fifo_file chr_file blk_file } *;
+
+ifdef(`distro_gentoo',`
+ # Fix bug 535986 - Mark configfs_t as file type (and mountpoint probably as well)
+ files_mountpoint(configfs_t)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-02-15 17:39 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-02-15 17:39 UTC (permalink / raw
To: gentoo-commits
commit: a6c696a96462a5b864f763abbdfae867c3410a52
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Feb 9 21:02:36 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 15 17:36:36 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a6c696a9
Fix domain_mmap_low() to be a proper tunable.
---
policy/modules/kernel/domain.if | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/policy/modules/kernel/domain.if b/policy/modules/kernel/domain.if
index b900767..3420b3a 100644
--- a/policy/modules/kernel/domain.if
+++ b/policy/modules/kernel/domain.if
@@ -1434,14 +1434,13 @@ interface(`domain_entry_file_spec_domtrans',`
interface(`domain_mmap_low',`
gen_require(`
attribute mmap_low_domain_type;
- bool mmap_low_allowed;
')
typeattribute $1 mmap_low_domain_type;
- if ( mmap_low_allowed ) {
+ tunable_policy(`mmap_low_allowed',`
allow $1 self:memprotect mmap_zero;
- }
+ ')
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2015-01-25 13:46 Sven Vermeulen
2015-01-25 13:45 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2015-01-25 13:46 UTC (permalink / raw
To: gentoo-commits
commit: 2cd1dfe595d20523d3dd6d9c01d08dc60f71df9d
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jan 24 19:07:30 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jan 25 13:42:52 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2cd1dfe5
Mark python-exec2-c as bin_t
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index e38e238..0c4a15b 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -421,5 +421,6 @@ ifdef(`distro_suse',`
ifdef(`distro_gentoo',`
/usr/lib/python-exec/python-exec2 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/python-exec/python-exec2-c -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/python-exec/python.*/.* -- gen_context(system_u:object_r:bin_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2015-01-25 13:45 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2015-01-25 13:45 UTC (permalink / raw
To: gentoo-commits
commit: 43e6ee5002b2242ddb58570dec2daef107d15dad
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jan 24 16:51:58 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jan 25 13:42:52 2015 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=43e6ee50
Fix bug #529420 - Allow all domains to read vm sysctls
---
policy/modules/kernel/domain.te | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index 3861c8e..451a1be 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -171,3 +171,13 @@ allow unconfined_domain_type domain:key *;
# receive from all domains over labeled networking
domain_all_recvfrom_all_domains(unconfined_domain_type)
+
+ifdef(`distro_gentoo',`
+ ########################################
+ #
+ # Permissions for all domains
+ #
+
+ # Bug 529420
+ kernel_read_vm_sysctls(domain)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-12-15 18:52 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-12-15 18:52 UTC (permalink / raw
To: gentoo-commits
commit: 24762b278b67aca295c421b75683c3bf5e27ed21
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Dec 15 18:50:28 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Dec 15 18:50:28 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=24762b27
Update corenetwork builds after adding bitcoin ports
---
policy/modules/kernel/corenetwork.if | 443 +++++++++++++++++++++++++++++++++++
policy/modules/kernel/corenetwork.te | 10 +-
2 files changed, 452 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 3385d83..ee210d4 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -12021,6 +12021,449 @@ interface(`corenet_relabelto_bgp_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ dontaudit $1 bitcoin_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ dontaudit $1 bitcoin_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_bitcoin_port',`
+ corenet_udp_send_bitcoin_port($1)
+ corenet_udp_receive_bitcoin_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_bitcoin_port',`
+ corenet_dontaudit_udp_send_bitcoin_port($1)
+ corenet_dontaudit_udp_receive_bitcoin_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the bitcoin port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_bitcoin_port',`
+ gen_require(`
+ type bitcoin_port_t;
+ ')
+
+ allow $1 bitcoin_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_bitcoin_client_packets',`
+ gen_require(`
+ type bitcoin_client_packet_t;
+ ')
+
+ allow $1 bitcoin_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_bitcoin_client_packets',`
+ gen_require(`
+ type bitcoin_client_packet_t;
+ ')
+
+ dontaudit $1 bitcoin_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_bitcoin_client_packets',`
+ gen_require(`
+ type bitcoin_client_packet_t;
+ ')
+
+ allow $1 bitcoin_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_bitcoin_client_packets',`
+ gen_require(`
+ type bitcoin_client_packet_t;
+ ')
+
+ dontaudit $1 bitcoin_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_bitcoin_client_packets',`
+ corenet_send_bitcoin_client_packets($1)
+ corenet_receive_bitcoin_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive bitcoin_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_bitcoin_client_packets',`
+ corenet_dontaudit_send_bitcoin_client_packets($1)
+ corenet_dontaudit_receive_bitcoin_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to bitcoin_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_bitcoin_client_packets',`
+ gen_require(`
+ type bitcoin_client_packet_t;
+ ')
+
+ allow $1 bitcoin_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_bitcoin_server_packets',`
+ gen_require(`
+ type bitcoin_server_packet_t;
+ ')
+
+ allow $1 bitcoin_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_bitcoin_server_packets',`
+ gen_require(`
+ type bitcoin_server_packet_t;
+ ')
+
+ dontaudit $1 bitcoin_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_bitcoin_server_packets',`
+ gen_require(`
+ type bitcoin_server_packet_t;
+ ')
+
+ allow $1 bitcoin_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_bitcoin_server_packets',`
+ gen_require(`
+ type bitcoin_server_packet_t;
+ ')
+
+ dontaudit $1 bitcoin_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_bitcoin_server_packets',`
+ corenet_send_bitcoin_server_packets($1)
+ corenet_receive_bitcoin_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive bitcoin_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_bitcoin_server_packets',`
+ corenet_dontaudit_send_bitcoin_server_packets($1)
+ corenet_dontaudit_receive_bitcoin_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to bitcoin_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_bitcoin_server_packets',`
+ gen_require(`
+ type bitcoin_server_packet_t;
+ ')
+
+ allow $1 bitcoin_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the boinc port.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index 1bbf3c5..af43a4e 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.20.2)
+policy_module(corenetwork, 1.21.0)
########################################
#
@@ -236,6 +236,14 @@ portcon tcp 2605 gen_context(system_u:object_r:bgp_port_t,s0)
portcon udp 2605 gen_context(system_u:object_r:bgp_port_t,s0)
+type bitcoin_port_t, port_type, defined_port_type;
+type bitcoin_client_packet_t, packet_type, client_packet_type;
+type bitcoin_server_packet_t, packet_type, server_packet_type;
+typeattribute bitcoin_port_t unreserved_port_type;
+portcon tcp 8332 gen_context(system_u:object_r:bitcoin_port_t,s0)
+portcon tcp 8333 gen_context(system_u:object_r:bitcoin_port_t,s0)
+
+
type boinc_port_t, port_type, defined_port_type;
type boinc_client_packet_t, packet_type, client_packet_type;
type boinc_server_packet_t, packet_type, server_packet_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-12-15 18:40 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-12-15 18:40 UTC (permalink / raw
To: gentoo-commits
commit: 4c1f6bd7f3b8835acd750cadd6a20eb3373be4b6
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Nov 11 14:22:23 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Dec 15 18:37:59 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=4c1f6bd7
Add bitcoin ports
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 2afa2e5..104e7f5 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -93,6 +93,7 @@ network_port(asterisk, tcp,1720,s0, udp,2427,s0, udp,2727,s0, udp,4569,s0)
network_port(audit, tcp,60,s0)
network_port(auth, tcp,113,s0)
network_port(bgp, tcp,179,s0, udp,179,s0, tcp,2605,s0, udp,2605,s0)
+network_port(bitcoin, tcp,8332,s0, tcp,8333,s0)
network_port(boinc, tcp,31416,s0)
network_port(boinc_client, tcp,1043,s0, udp,1034,s0)
network_port(biff) # no defined portcon
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/kernel/
@ 2014-11-28 10:04 Sven Vermeulen
2014-11-22 18:24 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-11-28 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 0b661b0c7e5a893fdf7697930e3dcaf8bcf55cee
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Nov 22 18:10:09 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Nov 22 18:10:09 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0b661b0c
Match whitespace with upstream
---
policy/modules/kernel/terminal.if | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 9f6d7c3..cbb729b 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -1531,4 +1531,3 @@ interface(`term_use_virtio_console',`
dev_list_all_dev_nodes($1)
allow $1 virtio_device_t:chr_file rw_term_perms;
')
-
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-11-22 18:24 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-11-22 18:24 UTC (permalink / raw
To: gentoo-commits
commit: f65b4a5c66cee88e554361b57195a47e21b90d9d
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Nov 22 18:04:38 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Nov 22 18:04:38 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f65b4a5c
Reshuffle to better match upstream
---
policy/modules/kernel/files.if | 285 ++++++++++++++++++++---------------------
1 file changed, 142 insertions(+), 143 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index fd1f8e9..dd16f74 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1450,7 +1450,6 @@ interface(`files_relabel_non_auth_files',`
# to allow files_relabel_non_auth_files to be an optional setting (tunable).
')
-
#############################################
## <summary>
## Manage all configuration directories on filesystem
@@ -1604,6 +1603,24 @@ interface(`files_setattr_all_mountpoints',`
########################################
## <summary>
+## Do not audit attempts to set the attributes on all mount points.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_setattr_all_mountpoints',`
+ gen_require(`
+ attribute mountpoint;
+ ')
+
+ dontaudit $1 mountpoint:dir setattr;
+')
+
+########################################
+## <summary>
## Search all mount points.
## </summary>
## <param name="domain">
@@ -1676,11 +1693,11 @@ interface(`files_dontaudit_list_all_mountpoints',`
########################################
## <summary>
-## Do not audit write attempts on mount points.
+## Do not audit attempts to write to mount points.
## </summary>
## <param name="domain">
## <summary>
-## Domain to ignore write attempts from
+## Domain to not audit.
## </summary>
## </param>
#
@@ -1694,24 +1711,6 @@ interface(`files_dontaudit_write_all_mountpoints',`
########################################
## <summary>
-## Do not audit setattr attempts on mount points.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to ignore setattr attempts from
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_setattr_all_mountpoints',`
- gen_require(`
- attribute mountpoint;
- ')
-
- dontaudit $1 mountpoint:dir setattr;
-')
-
-########################################
-## <summary>
## List the contents of the root directory.
## </summary>
## <param name="domain">
@@ -2669,25 +2668,6 @@ interface(`files_manage_etc_dirs',`
########################################
## <summary>
-## Do not audit attempts to read files
-## in /etc
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_read_etc_files',`
- gen_require(`
- type etc_t;
- ')
-
- dontaudit $1 etc_t:file { getattr read };
-')
-
-########################################
-## <summary>
## Read generic files in /etc.
## </summary>
## <desc>
@@ -3003,24 +2983,6 @@ interface(`files_dontaudit_setattr_etc_runtime_files',`
########################################
## <summary>
-## Do not audit attempts to read etc_runtime resources
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_read_etc_runtime',`
- gen_require(`
- type etc_runtime_t;
- ')
-
- dontaudit $1 etc_runtime_t:file read_file_perms;
-')
-
-########################################
-## <summary>
## Read files in /etc that are dynamically
## created on boot, such as mtab.
## </summary>
@@ -3142,26 +3104,6 @@ interface(`files_manage_etc_runtime_files',`
########################################
## <summary>
-## Create, read, write, and delete symbolic links in
-## /etc that are dynamically created on boot.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`files_manage_etc_runtime_lnk_files',`
- gen_require(`
- type etc_t, etc_runtime_t;
- ')
-
- manage_lnk_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
-')
-
-########################################
-## <summary>
## Create, etc runtime objects with an automatic
## type transition.
## </summary>
@@ -5660,6 +5602,24 @@ interface(`files_manage_mounttab',`
########################################
## <summary>
+## Set the attributes of the generic lock directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_setattr_lock_dirs',`
+ gen_require(`
+ type var_t, var_lock_t;
+ ')
+
+ setattr_dirs_pattern($1, var_t, var_lock_t)
+')
+
+########################################
+## <summary>
## Search the locks directory (/var/lock).
## </summary>
## <param name="domain">
@@ -5738,11 +5698,11 @@ interface(`files_rw_lock_dirs',`
########################################
## <summary>
-## Create lock directories.
+## Create lock directories
## </summary>
## <param name="domain">
-## <summary>
-## Domain allowed access.
+## <summary>
+## Domain allowed access
## </summary>
## </param>
#
@@ -5756,7 +5716,6 @@ interface(`files_create_lock_dirs',`
create_dirs_pattern($1, var_lock_t, var_lock_t)
')
-
########################################
## <summary>
## Relabel to and from all lock directory types.
@@ -5802,24 +5761,6 @@ interface(`files_getattr_generic_locks',`
########################################
## <summary>
-## Set the attributes of generic lock directories
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_setattr_lock_dirs',`
- gen_require(`
- type var_t, var_lock_t;
- ')
-
- setattr_dirs_pattern($1, var_t, var_lock_t)
-')
-
-########################################
-## <summary>
## Delete generic lock files.
## </summary>
## <param name="domain">
@@ -6101,29 +6042,6 @@ interface(`files_write_generic_pid_pipes',`
allow $1 var_run_t:lnk_file read_lnk_file_perms;
allow $1 var_run_t:fifo_file write;
')
-########################################
-## <summary>
-## Write dirs in /var/run with the lock file type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## Name of the directory that the file transition will work on
-## </summary>
-## </param>
-#
-interface(`files_pid_filetrans_lock_dir',`
- gen_require(`
- type var_t, var_run_t;
- ')
-
- files_pid_filetrans($1, var_lock_t, dir, $2)
-')
-
########################################
## <summary>
@@ -6189,6 +6107,29 @@ interface(`files_pid_filetrans',`
########################################
## <summary>
+## Create a generic lock directory within the run directories
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+## <param name="name" optional="true">
+## <summary>
+## The name of the object being created.
+## </summary>
+## </param>
+#
+interface(`files_pid_filetrans_lock_dir',`
+ gen_require(`
+ type var_lock_t;
+ ')
+
+ files_pid_filetrans($1, var_lock_t, dir, $2)
+')
+
+########################################
+## <summary>
## Read and write generic process ID files.
## </summary>
## <param name="domain">
@@ -6291,26 +6232,6 @@ interface(`files_read_all_pids',`
########################################
## <summary>
-## Create PID directories.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_create_pid_dirs',`
- gen_require(`
- type var_t, var_run_t;
- ')
-
- allow $1 var_t:dir search_dir_perms;
- allow $1 var_run_t:lnk_file read_lnk_file_perms;
- create_dirs_pattern($1, var_run_t, var_run_t)
-')
-
-########################################
-## <summary>
## Delete all process IDs.
## </summary>
## <param name="domain">
@@ -6623,6 +6544,84 @@ interface(`files_unconfined',`
# should be in an ifdef distro_gentoo but cannot do so for interfaces
+########################################
+## <summary>
+## Create PID directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_create_pid_dirs',`
+ gen_require(`
+ type var_t, var_run_t;
+ ')
+
+ allow $1 var_t:dir search_dir_perms;
+ allow $1 var_run_t:lnk_file read_lnk_file_perms;
+ create_dirs_pattern($1, var_run_t, var_run_t)
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete symbolic links in
+## /etc that are dynamically created on boot.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`files_manage_etc_runtime_lnk_files',`
+ gen_require(`
+ type etc_t, etc_runtime_t;
+ ')
+
+ manage_lnk_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to read etc_runtime resources
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_read_etc_runtime',`
+ gen_require(`
+ type etc_runtime_t;
+ ')
+
+ dontaudit $1 etc_runtime_t:file read_file_perms;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to read files
+## in /etc
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_read_etc_files',`
+ gen_require(`
+ type etc_t;
+ ')
+
+ dontaudit $1 etc_t:file { getattr read };
+')
+
+
#########################################
## <summary>
## List usr/src files
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-11-22 17:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-11-22 17:43 UTC (permalink / raw
To: gentoo-commits
commit: 2773893962d4db7159e88a38b0bf3528af35a1ea
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Nov 22 17:34:21 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Nov 22 17:34:21 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=27738939
Remove trailing space (messed up comparison with upstream)
---
policy/modules/kernel/corecommands.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 58b5a6e..d63b547 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -243,7 +243,7 @@ ifdef(`distro_gentoo',`
/usr/lib/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/sudo/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-compose-mail-1 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/panel/migrate -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-11-22 17:43 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-11-22 17:43 UTC (permalink / raw
To: gentoo-commits
commit: 8379e35ded31dd45bffe5357bd3e95f6e2c17455
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Nov 22 17:42:58 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Nov 22 17:42:58 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8379e35d
Use same whitespace as upstream (better comparison)
---
policy/modules/kernel/corecommands.fc | 37 +++++++++++++++++------------------
1 file changed, 18 insertions(+), 19 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index d63b547..406a11e 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -77,6 +77,7 @@ ifdef(`distro_redhat',`
ifdef(`distro_redhat',`
/etc/mcelog/triggers(/.*)? gen_context(system_u:object_r:bin_t,s0)
')
+
/etc/mgetty\+sendfax/new_fax -- gen_context(system_u:object_r:bin_t,s0)
/etc/netplug\.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -193,7 +194,6 @@ ifdef(`distro_gentoo',`
/usr/bin/scponly -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/bin/tcsh -- gen_context(system_u:object_r:shell_exec_t,s0)
-
/usr/lib(.*/)?bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/(.*/)?sbin(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -261,12 +261,12 @@ ifdef(`distro_gentoo',`
/usr/lib/debug/usr/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/debug/usr/sbin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/[^/]*thunderbird[^/]*/thunderbird -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/[^/]*thunderbird[^/]*/thunderbird-bin -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/[^/]*thunderbird[^/]*/open-browser\.sh -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/[^/]*/run-mozilla\.sh -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/[^/]*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/thunderbird.*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]*thunderbird[^/]*/thunderbird -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]*thunderbird[^/]*/thunderbird-bin -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]*thunderbird[^/]*/open-browser\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]*/run-mozilla\.sh -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/[^/]*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/thunderbird.*/mozilla-xremote-client -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nspluginwrapper/i386/linux/npviewer.bin -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nspluginwrapper/i386/linux/npviewer -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/xulrunner-.*/plugin-container -- gen_context(system_u:object_r:bin_t,s0)
@@ -283,15 +283,14 @@ ifdef(`distro_gentoo',`
/usr/local/Printer(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/local/linuxprinter/filters(/.*)? gen_context(system_u:object_r:bin_t,s0)
-
/usr/sbin/scponlyc -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/sbin/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/sbin/smrsh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/share/ajaxterm/ajaxterm.py.* -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/ajaxterm/qweb.py.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apr-0/build/[^/]+\.sh -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/apr-0/build/libtool -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/build-1/mkdir.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/dayplanner/dayplanner -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/debconf/.+ -- gen_context(system_u:object_r:bin_t,s0)
@@ -302,14 +301,14 @@ ifdef(`distro_gentoo',`
/usr/share/cluster/svclib_nfslock -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/e16/misc(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/share/gedit-2/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/share/gitolite/hooks/common/update -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/gedit-2/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/share/gitolite/hooks/common/update -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/gitolite/hooks/gitolite-admin/post-update -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/gnucash/finance-quote-check -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/gnucash/finance-quote-helper -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/gnucash/finance-quote-check -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/gnucash/finance-quote-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/GNUstep/Makefiles/*\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/GNUstep/Makefiles/mkinstalldirs -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/hal/device-manager/hal-device-manager -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/hal/device-manager/hal-device-manager -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/hal/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/mc/extfs/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/Modules/init(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -328,9 +327,9 @@ ifdef(`distro_gentoo',`
/usr/X11R6/lib(64)?/X11/xkb/xkbcomp -- gen_context(system_u:object_r:bin_t,s0)
ifdef(`distro_debian',`
-/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
')
ifdef(`distro_gentoo', `
@@ -397,7 +396,7 @@ ifdef(`distro_redhat', `
ifdef(`distro_suse', `
/usr/lib/cron/run-crons -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/samba/classic/.* -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/ssh/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/ssh/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/apache2/[^/]* -- gen_context(system_u:object_r:bin_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-10-25 19:21 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-10-25 19:21 UTC (permalink / raw
To: gentoo-commits
commit: 342060e2976143e4e99ca9f63db8bd36c78fa1eb
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Oct 7 19:08:07 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Sun Oct 12 09:51:25 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=342060e2
Add port for ADB (Android Debug Bridge)
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 7fb8a5b..a118109 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -73,6 +73,7 @@ type hi_reserved_port_t, port_type, reserved_port_type, rpc_port_type;
#
type server_packet_t, packet_type, server_packet_type;
+network_port(adb, tcp,5037,s0)
network_port(afs_bos, udp,7007,s0)
network_port(afs_fs, tcp,2040,s0, udp,7000,s0, udp,7005,s0)
network_port(afs_ka, udp,7004,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-10-25 19:21 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-10-25 19:21 UTC (permalink / raw
To: gentoo-commits
commit: 85b4cc48c489b4f2cb3591d0650d0182974aa691
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sat Oct 25 19:19:22 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Sat Oct 25 19:19:22 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=85b4cc48
regenerated corenetwork.te after adding adb ports
---
policy/modules/kernel/corenetwork.if | 443 +++++++++++++++++++++++++++++++++++
policy/modules/kernel/corenetwork.te | 7 +
2 files changed, 450 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 5431c56..3385d83 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -3161,6 +3161,449 @@ interface(`corenet_unconfined',`
########################################
## <summary>
+## Send and receive TCP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ dontaudit $1 adb_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ dontaudit $1 adb_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_adb_port',`
+ corenet_udp_send_adb_port($1)
+ corenet_udp_receive_adb_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_adb_port',`
+ corenet_dontaudit_udp_send_adb_port($1)
+ corenet_dontaudit_udp_receive_adb_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the adb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_adb_port',`
+ gen_require(`
+ type adb_port_t;
+ ')
+
+ allow $1 adb_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_adb_client_packets',`
+ gen_require(`
+ type adb_client_packet_t;
+ ')
+
+ allow $1 adb_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_adb_client_packets',`
+ gen_require(`
+ type adb_client_packet_t;
+ ')
+
+ dontaudit $1 adb_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_adb_client_packets',`
+ gen_require(`
+ type adb_client_packet_t;
+ ')
+
+ allow $1 adb_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_adb_client_packets',`
+ gen_require(`
+ type adb_client_packet_t;
+ ')
+
+ dontaudit $1 adb_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_adb_client_packets',`
+ corenet_send_adb_client_packets($1)
+ corenet_receive_adb_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive adb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_adb_client_packets',`
+ corenet_dontaudit_send_adb_client_packets($1)
+ corenet_dontaudit_receive_adb_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to adb_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_adb_client_packets',`
+ gen_require(`
+ type adb_client_packet_t;
+ ')
+
+ allow $1 adb_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_adb_server_packets',`
+ gen_require(`
+ type adb_server_packet_t;
+ ')
+
+ allow $1 adb_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_adb_server_packets',`
+ gen_require(`
+ type adb_server_packet_t;
+ ')
+
+ dontaudit $1 adb_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_adb_server_packets',`
+ gen_require(`
+ type adb_server_packet_t;
+ ')
+
+ allow $1 adb_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_adb_server_packets',`
+ gen_require(`
+ type adb_server_packet_t;
+ ')
+
+ dontaudit $1 adb_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_adb_server_packets',`
+ corenet_send_adb_server_packets($1)
+ corenet_receive_adb_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive adb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_adb_server_packets',`
+ corenet_dontaudit_send_adb_server_packets($1)
+ corenet_dontaudit_receive_adb_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to adb_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_adb_server_packets',`
+ gen_require(`
+ type adb_server_packet_t;
+ ')
+
+ allow $1 adb_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the afs_bos port.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index f1830c7..1bbf3c5 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -78,6 +78,13 @@ type hi_reserved_port_t, port_type, reserved_port_type, rpc_port_type;
type server_packet_t, packet_type, server_packet_type;
+type adb_port_t, port_type, defined_port_type;
+type adb_client_packet_t, packet_type, client_packet_type;
+type adb_server_packet_t, packet_type, server_packet_type;
+typeattribute adb_port_t unreserved_port_type;
+portcon tcp 5037 gen_context(system_u:object_r:adb_port_t,s0)
+
+
type afs_bos_port_t, port_type, defined_port_type;
type afs_bos_client_packet_t, packet_type, client_packet_type;
type afs_bos_server_packet_t, packet_type, server_packet_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-31 18:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-31 18:27 UTC (permalink / raw
To: gentoo-commits
commit: 3a6d2a23dd689eaac41d3534c954c24e9c2dc3f2
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Aug 31 18:26:32 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Aug 31 18:26:32 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3a6d2a23
Python-exec wrappers has scripts in specific location, mark those as bin_t
---
policy/modules/kernel/corecommands.fc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 52cb3ee..7e1b58c 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -422,5 +422,8 @@ ifdef(`distro_suse',`
')
ifdef(`distro_gentoo',`
+/usr/lib/python-exec/python-exec2 -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/python-exec/python.*/.* -- gen_context(system_u:object_r:bin_t,s0)
+
/usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-26 14:55 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-26 14:55 UTC (permalink / raw
To: gentoo-commits
commit: 7f17bb6538aa58f6199373fb8a4f3f34db25915d
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Aug 23 11:35:45 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 26 14:52:06 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=7f17bb65
Label /usr/lib/networkmanager/ like /usr/lib/NetworkManager/
On ArchLinux the directory name of Network Manager in /usr/lib is
written in lowercase but not the files in /usr/bin, /var/lib, etc.
While at it, remove a useless backslash before a minus character.
---
policy/modules/kernel/corecommands.fc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 433040b..52cb3ee 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -232,7 +232,8 @@ ifdef(`distro_gentoo',`
/usr/lib/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nagios/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/netsaint/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/NetworkManager/nm\-.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/NetworkManager/nm-.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/networkmanager/nm-.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/news/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nspluginwrapper/np.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/portage/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-26 14:55 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-26 14:55 UTC (permalink / raw
To: gentoo-commits
commit: f9197659eb19f9e0c8c05129f2753169104ae71e
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Aug 23 11:35:47 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 26 14:52:14 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f9197659
Fix typo in fs_getattr_all_fs description
---
policy/modules/kernel/filesystem.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 5b80ee2..b6b7063 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -4625,7 +4625,7 @@ interface(`fs_unmount_all_fs',`
## <desc>
## <p>
## Allow the specified domain to
-## et the attributes of all filesystems.
+## get the attributes of all filesystems.
## Example attributes:
## </p>
## <ul>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-26 14:55 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-26 14:55 UTC (permalink / raw
To: gentoo-commits
commit: c1cf5db371b24eaaed3fbb1f8eaf713f371a61fa
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Sat Aug 23 11:35:51 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 26 14:52:10 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c1cf5db3
Label (/var)?/tmp/systemd-private-.../tmp like /tmp
Such directories are used by systemd as private mountpoints for
services.
---
policy/modules/kernel/files.fc | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 1a83f34..3c61990 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -191,6 +191,10 @@ ifdef(`distro_debian',`
/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/tmp/lost\+found/.* <<none>>
+/tmp/systemd-private-[^/]+ -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
+/tmp/systemd-private-[^/]+/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
+/tmp/systemd-private-[^/]+/tmp/.* <<none>>
+
#
# /usr
#
@@ -265,6 +269,9 @@ ifndef(`distro_redhat',`
/var/tmp/.* <<none>>
/var/tmp/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/tmp/lost\+found/.* <<none>>
+/var/tmp/systemd-private-[^/]+ -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
+/var/tmp/systemd-private-[^/]+/tmp -d gen_context(system_u:object_r:tmp_t,s0-mls_systemhigh)
+/var/tmp/systemd-private-[^/]+/tmp/.* <<none>>
/var/tmp/vi\.recover -d gen_context(system_u:object_r:tmp_t,s0)
ifdef(`distro_debian',`
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-26 14:55 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-26 14:55 UTC (permalink / raw
To: gentoo-commits
commit: 9ac5c5fd0b882e1bccdce448fb06d11e8660ff50
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Aug 26 13:14:44 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 26 14:52:17 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=9ac5c5fd
Module version bump for misc fixes from Nicolas Iooss.
---
policy/modules/kernel/corecommands.te | 2 +-
policy/modules/kernel/files.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index 00fbc3d..873031e 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.19.3)
+policy_module(corecommands, 1.19.4)
########################################
#
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 9a4eb58..6397fec 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.19.1)
+policy_module(files, 1.19.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 20:23 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-19 20:23 UTC (permalink / raw
To: gentoo-commits
commit: a6e3727f6a44639b69ee0e63580611504dd29a65
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Aug 19 20:23:13 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 19 20:23:13 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a6e3727f
Built from .te.in
---
policy/modules/kernel/corenetwork.te | 39 +++++++++++++++++++++++++++++++++++-
1 file changed, 38 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index 83cdee2..f1830c7 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.19.0)
+policy_module(corenetwork, 1.20.2)
########################################
#
@@ -460,6 +460,14 @@ portcon tcp 53 gen_context(system_u:object_r:dns_port_t,s0)
portcon udp 53 gen_context(system_u:object_r:dns_port_t,s0)
+type dropbox_port_t, port_type, defined_port_type;
+type dropbox_client_packet_t, packet_type, client_packet_type;
+type dropbox_server_packet_t, packet_type, server_packet_type;
+typeattribute dropbox_port_t unreserved_port_type;
+portcon tcp 17500 gen_context(system_u:object_r:dropbox_port_t,s0)
+portcon udp 17500 gen_context(system_u:object_r:dropbox_port_t,s0)
+
+
type efs_port_t, port_type, defined_port_type;
type efs_client_packet_t, packet_type, client_packet_type;
type efs_server_packet_t, packet_type, server_packet_type;
@@ -526,6 +534,15 @@ portcon tcp 1721 gen_context(system_u:object_r:gatekeeper_port_t,s0)
portcon tcp 7000 gen_context(system_u:object_r:gatekeeper_port_t,s0)
+type gdomap_port_t, port_type, defined_port_type;
+type gdomap_client_packet_t, packet_type, client_packet_type;
+type gdomap_server_packet_t, packet_type, server_packet_type;
+typeattribute gdomap_port_t reserved_port_type;
+typeattribute gdomap_port_t rpc_port_type;
+portcon tcp 538 gen_context(system_u:object_r:gdomap_port_t,s0)
+portcon udp 538 gen_context(system_u:object_r:gdomap_port_t,s0)
+
+
type gds_db_port_t, port_type, defined_port_type;
type gds_db_client_packet_t, packet_type, client_packet_type;
type gds_db_server_packet_t, packet_type, server_packet_type;
@@ -746,7 +763,12 @@ type ircd_port_t, port_type, defined_port_type;
type ircd_client_packet_t, packet_type, client_packet_type;
type ircd_server_packet_t, packet_type, server_packet_type;
typeattribute ircd_port_t unreserved_port_type;
+portcon tcp 6665 gen_context(system_u:object_r:ircd_port_t,s0)
+portcon tcp 6666 gen_context(system_u:object_r:ircd_port_t,s0)
portcon tcp 6667 gen_context(system_u:object_r:ircd_port_t,s0)
+portcon tcp 6668 gen_context(system_u:object_r:ircd_port_t,s0)
+portcon tcp 6669 gen_context(system_u:object_r:ircd_port_t,s0)
+portcon tcp 6697 gen_context(system_u:object_r:ircd_port_t,s0)
type isakmp_port_t, port_type, defined_port_type;
@@ -1318,6 +1340,13 @@ typeattribute razor_port_t unreserved_port_type;
portcon tcp 2703 gen_context(system_u:object_r:razor_port_t,s0)
+type redis_port_t, port_type, defined_port_type;
+type redis_client_packet_t, packet_type, client_packet_type;
+type redis_server_packet_t, packet_type, server_packet_type;
+typeattribute redis_port_t unreserved_port_type;
+portcon tcp 6379 gen_context(system_u:object_r:redis_port_t,s0)
+
+
type repository_port_t, port_type, defined_port_type;
type repository_client_packet_t, packet_type, client_packet_type;
type repository_server_packet_t, packet_type, server_packet_type;
@@ -1409,6 +1438,14 @@ typeattribute rwho_port_t rpc_port_type;
portcon udp 513 gen_context(system_u:object_r:rwho_port_t,s0)
+type salt_port_t, port_type, defined_port_type;
+type salt_client_packet_t, packet_type, client_packet_type;
+type salt_server_packet_t, packet_type, server_packet_type;
+typeattribute salt_port_t unreserved_port_type;
+portcon tcp 4505 gen_context(system_u:object_r:salt_port_t,s0)
+portcon tcp 4506 gen_context(system_u:object_r:salt_port_t,s0)
+
+
type sap_port_t, port_type, defined_port_type;
type sap_client_packet_t, packet_type, client_packet_type;
type sap_server_packet_t, packet_type, server_packet_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 20:07 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-19 20:07 UTC (permalink / raw
To: gentoo-commits
commit: 202b3249febffbb02fc90263302c51d667f163e3
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Mon Aug 11 21:40:51 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 19 20:06:40 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=202b3249
kernel/corenetwork.te: Add all registered IRC ports
IANA has registered 6665-9/tcp and 6697 for IRC.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 47efbdb..a8de5f2 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -152,7 +152,7 @@ network_port(ionixnetmon, tcp,7410,s0, udp,7410,s0)
network_port(ipmi, udp,623,s0, udp,664,s0)
network_port(ipp, tcp,631,s0, udp,631,s0, tcp,8610-8614,s0, udp,8610-8614,s0)
network_port(ipsecnat, tcp,4500,s0, udp,4500,s0)
-network_port(ircd, tcp,6667,s0)
+network_port(ircd, tcp,6665,s0, tcp,6666,s0, tcp,6667,s0, tcp,6668,s0, tcp,6669,s0, tcp,6697,s0)
network_port(isakmp, udp,500,s0)
network_port(iscsi, tcp,3260,s0)
network_port(isns, tcp,3205,s0, udp,3205,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 20:07 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-19 20:07 UTC (permalink / raw
To: gentoo-commits
commit: f21a2de7c6552dac39f6149c57bdef83ec80495e
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Aug 18 19:21:49 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Aug 19 20:06:41 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f21a2de7
Module version bump for full IRC ports from Luis Ressel.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index a8de5f2..7fb8a5b 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.20.1)
+policy_module(corenetwork, 1.20.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: d47c778ccbce70463fed9a0ddd79c41570508f86
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 15 13:39:08 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 13:39:08 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d47c778c
Add built version of corenetwork.if with salt ports
---
policy/modules/kernel/corenetwork.if | 443 +++++++++++++++++++++++++++++++++++
1 file changed, 443 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 22e8137..5431c56 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -75813,6 +75813,449 @@ interface(`corenet_relabelto_rwho_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ dontaudit $1 salt_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ dontaudit $1 salt_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_salt_port',`
+ corenet_udp_send_salt_port($1)
+ corenet_udp_receive_salt_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_salt_port',`
+ corenet_dontaudit_udp_send_salt_port($1)
+ corenet_dontaudit_udp_receive_salt_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ dontaudit $1 salt_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ dontaudit $1 salt_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_salt_client_packets',`
+ corenet_send_salt_client_packets($1)
+ corenet_receive_salt_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_salt_client_packets',`
+ corenet_dontaudit_send_salt_client_packets($1)
+ corenet_dontaudit_receive_salt_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to salt_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ dontaudit $1 salt_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ dontaudit $1 salt_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_salt_server_packets',`
+ corenet_send_salt_server_packets($1)
+ corenet_receive_salt_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_salt_server_packets',`
+ corenet_dontaudit_send_salt_server_packets($1)
+ corenet_dontaudit_receive_salt_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to salt_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the sap port.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 044584b198f2b155849e5f00f9fdeb7531882d28
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:22 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:58:07 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=044584b1
Introduce kernel_delete_unlabeled_chr_files
The kernel_delete_unlabeled_chr_files interface is called by the
(deprecated) files_delete_isid_type_chr_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 5d978cc..c100068 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2760,6 +2760,25 @@ interface(`kernel_dontaudit_write_unlabeled_chr_files',`
########################################
## <summary>
+## Delete unlabeled character device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_chr_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_chr_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled character device nodes.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 536d7e19de29d9c93f31f3ac71698b9730ac96f9
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:20 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:58:02 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=536d7e19
Introduce kernel_delete_unlabeled_sockets
The kernel_delete_unlabeled_sockets interface is called by the
(deprecated) files_delete_isid_type_sock_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 035f101..0ed9d53 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2872,6 +2872,23 @@ interface(`kernel_relabelfrom_unlabeled_sockets',`
########################################
## <summary>
+## Delete unlabeled named sockets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_sockets',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_sock_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+########################################
+## <summary>
## Send and receive messages from an
## unlabeled IPSEC association.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 3523edf717419a72bfa83870909a7c9a66caefa7
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 14 18:22:33 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 10:04:11 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3523edf7
Support salt ports 4505 and 4506
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index c5fa3f7..47efbdb 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -237,6 +237,7 @@ network_port(rsync, tcp,873,s0, udp,873,s0)
network_port(rtorrent, udp, 6881, s0)
network_port(rtsp, tcp,554,s0, udp,554,s0)
network_port(rwho, udp,513,s0)
+network_port(salt, tcp,4505,s0, tcp,4506,s0)
network_port(sap, tcp,9875,s0, udp,9875,s0)
network_port(servistaitsm, tcp,3636,s0, udp,3636,s0)
network_port(sieve, tcp,4190,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 6207dd32f1345e9740d1108cf7a7be30d848c427
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:21 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:58:05 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6207dd32
Introduce kernel_delete_unlabeled_blk_files
The kernel_delete_unlabeled_blk_files interface is called by the
(deprecated) files_delete_isid_type_blk_files in kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 0ed9d53..5d978cc 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2686,6 +2686,24 @@ interface(`kernel_rw_unlabeled_blk_files',`
########################################
## <summary>
+## Delete unlabeled block device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_blk_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_blk_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled block device nodes.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: a8166f08f9c7f9702c9e7e218da82bcc181c6cf8
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Aug 14 19:49:59 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:58:09 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a8166f08
Module version bump for missing unlabeled interfaces from Sven Vermeulen.
---
policy/modules/kernel/kernel.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 5d6da7f..4e39c2c 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.18.1)
+policy_module(kernel, 1.18.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 376cc6ab8bf4ebc9d108d35bbc7c93a98f439efc
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:19 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:58:01 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=376cc6ab
Introduce kernel_delete_unlabeled_pipes
The kernel_delete_unlabeled_pipes interface is called by the
(deprecated) files_delete_isid_type_fifo_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 0ef8242..035f101 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2835,6 +2835,24 @@ interface(`kernel_relabelfrom_unlabeled_pipes',`
########################################
## <summary>
+## Delete unlabeled named pipes
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_pipes',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_fifo_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Allow caller to relabel unlabeled named sockets.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-19 9:19 Jason Zaman
0 siblings, 0 replies; 268+ messages in thread
From: Jason Zaman @ 2014-08-19 9:19 UTC (permalink / raw
To: gentoo-commits
commit: 01775f1aa6754ec1b90f1497fbe08592c710e4a3
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:18 2014 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Fri Aug 15 09:57:59 2014 +0000
URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=01775f1a
Introduce kernel_delete_unlabeled_symlinks
The kernel_delete_unlabeled_symlinks interface is called by the
files_delete_isid_type_symlinks interface (in kernel/files.if). This
interface is deprecated (and calls kernel_delete_unlabeled_symlinks).
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 18cef42..0ef8242 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2556,6 +2556,24 @@ interface(`kernel_dontaudit_read_unlabeled_files',`
########################################
## <summary>
+## Delete unlabeled symbolic links.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_symlinks',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_lnk_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled symbolic links.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 14:51 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 14:51 UTC (permalink / raw
To: gentoo-commits
commit: d47c778ccbce70463fed9a0ddd79c41570508f86
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 15 13:39:08 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 13:39:08 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d47c778c
Add built version of corenetwork.if with salt ports
---
policy/modules/kernel/corenetwork.if | 443 +++++++++++++++++++++++++++++++++++
1 file changed, 443 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 22e8137..5431c56 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -75813,6 +75813,449 @@ interface(`corenet_relabelto_rwho_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ dontaudit $1 salt_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ dontaudit $1 salt_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_salt_port',`
+ corenet_udp_send_salt_port($1)
+ corenet_udp_receive_salt_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_salt_port',`
+ corenet_dontaudit_udp_send_salt_port($1)
+ corenet_dontaudit_udp_receive_salt_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the salt port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_salt_port',`
+ gen_require(`
+ type salt_port_t;
+ ')
+
+ allow $1 salt_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ dontaudit $1 salt_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ dontaudit $1 salt_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_salt_client_packets',`
+ corenet_send_salt_client_packets($1)
+ corenet_receive_salt_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive salt_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_salt_client_packets',`
+ corenet_dontaudit_send_salt_client_packets($1)
+ corenet_dontaudit_receive_salt_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to salt_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_salt_client_packets',`
+ gen_require(`
+ type salt_client_packet_t;
+ ')
+
+ allow $1 salt_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ dontaudit $1 salt_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ dontaudit $1 salt_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_salt_server_packets',`
+ corenet_send_salt_server_packets($1)
+ corenet_receive_salt_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive salt_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_salt_server_packets',`
+ corenet_dontaudit_send_salt_server_packets($1)
+ corenet_dontaudit_receive_salt_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to salt_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_salt_server_packets',`
+ gen_require(`
+ type salt_server_packet_t;
+ ')
+
+ allow $1 salt_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the sap port.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:salt commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 6207dd32f1345e9740d1108cf7a7be30d848c427
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:21 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:05 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6207dd32
Introduce kernel_delete_unlabeled_blk_files
The kernel_delete_unlabeled_blk_files interface is called by the
(deprecated) files_delete_isid_type_blk_files in kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 0ed9d53..5d978cc 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2686,6 +2686,24 @@ interface(`kernel_rw_unlabeled_blk_files',`
########################################
## <summary>
+## Delete unlabeled block device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_blk_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_blk_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled block device nodes.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
@ 2014-08-15 10:04 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 6207dd32f1345e9740d1108cf7a7be30d848c427
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:21 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:05 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6207dd32
Introduce kernel_delete_unlabeled_blk_files
The kernel_delete_unlabeled_blk_files interface is called by the
(deprecated) files_delete_isid_type_blk_files in kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 0ed9d53..5d978cc 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2686,6 +2686,24 @@ interface(`kernel_rw_unlabeled_blk_files',`
########################################
## <summary>
+## Delete unlabeled block device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_blk_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_blk_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled block device nodes.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:salt commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
2014-08-15 14:51 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 3523edf717419a72bfa83870909a7c9a66caefa7
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 14 18:22:33 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 10:04:11 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3523edf7
Support salt ports 4505 and 4506
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index c5fa3f7..47efbdb 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -237,6 +237,7 @@ network_port(rsync, tcp,873,s0, udp,873,s0)
network_port(rtorrent, udp, 6881, s0)
network_port(rtsp, tcp,554,s0, udp,554,s0)
network_port(rwho, udp,513,s0)
+network_port(salt, tcp,4505,s0, tcp,4506,s0)
network_port(sap, tcp,9875,s0, udp,9875,s0)
network_port(servistaitsm, tcp,3636,s0, udp,3636,s0)
network_port(sieve, tcp,4190,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
@ 2014-08-15 14:51 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 14:51 UTC (permalink / raw
To: gentoo-commits
commit: 3523edf717419a72bfa83870909a7c9a66caefa7
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 14 18:22:33 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 10:04:11 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3523edf7
Support salt ports 4505 and 4506
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index c5fa3f7..47efbdb 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -237,6 +237,7 @@ network_port(rsync, tcp,873,s0, udp,873,s0)
network_port(rtorrent, udp, 6881, s0)
network_port(rtsp, tcp,554,s0, udp,554,s0)
network_port(rwho, udp,513,s0)
+network_port(salt, tcp,4505,s0, tcp,4506,s0)
network_port(sap, tcp,9875,s0, udp,9875,s0)
network_port(servistaitsm, tcp,3636,s0, udp,3636,s0)
network_port(sieve, tcp,4190,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 044584b198f2b155849e5f00f9fdeb7531882d28
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:22 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:07 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=044584b1
Introduce kernel_delete_unlabeled_chr_files
The kernel_delete_unlabeled_chr_files interface is called by the
(deprecated) files_delete_isid_type_chr_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 5d978cc..c100068 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2760,6 +2760,25 @@ interface(`kernel_dontaudit_write_unlabeled_chr_files',`
########################################
## <summary>
+## Delete unlabeled character device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_chr_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_chr_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled character device nodes.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: a8166f08f9c7f9702c9e7e218da82bcc181c6cf8
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Aug 14 19:49:59 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:09 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a8166f08
Module version bump for missing unlabeled interfaces from Sven Vermeulen.
---
policy/modules/kernel/kernel.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 5d6da7f..4e39c2c 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.18.1)
+policy_module(kernel, 1.18.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 376cc6ab8bf4ebc9d108d35bbc7c93a98f439efc
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:19 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:01 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=376cc6ab
Introduce kernel_delete_unlabeled_pipes
The kernel_delete_unlabeled_pipes interface is called by the
(deprecated) files_delete_isid_type_fifo_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 0ef8242..035f101 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2835,6 +2835,24 @@ interface(`kernel_relabelfrom_unlabeled_pipes',`
########################################
## <summary>
+## Delete unlabeled named pipes
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_pipes',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_fifo_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Allow caller to relabel unlabeled named sockets.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 536d7e19de29d9c93f31f3ac71698b9730ac96f9
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:20 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:58:02 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=536d7e19
Introduce kernel_delete_unlabeled_sockets
The kernel_delete_unlabeled_sockets interface is called by the
(deprecated) files_delete_isid_type_sock_files interface in
kernel/files.if.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 035f101..0ed9d53 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2872,6 +2872,23 @@ interface(`kernel_relabelfrom_unlabeled_sockets',`
########################################
## <summary>
+## Delete unlabeled named sockets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_sockets',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_sock_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+########################################
+## <summary>
## Send and receive messages from an
## unlabeled IPSEC association.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-15 10:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-15 10:04 UTC (permalink / raw
To: gentoo-commits
commit: 01775f1aa6754ec1b90f1497fbe08592c710e4a3
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 12:33:18 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 15 09:57:59 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=01775f1a
Introduce kernel_delete_unlabeled_symlinks
The kernel_delete_unlabeled_symlinks interface is called by the
files_delete_isid_type_symlinks interface (in kernel/files.if). This
interface is deprecated (and calls kernel_delete_unlabeled_symlinks).
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/kernel.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 18cef42..0ef8242 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2556,6 +2556,24 @@ interface(`kernel_dontaudit_read_unlabeled_files',`
########################################
## <summary>
+## Delete unlabeled symbolic links.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_symlinks',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ delete_lnk_files_pattern($1, unlabeled_t, unlabeled_t)
+')
+
+########################################
+## <summary>
## Create, read, write, and delete unlabeled symbolic links.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:testing commit in: policy/modules/kernel/
@ 2014-08-08 8:50 Sven Vermeulen
2014-08-08 8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-08 8:50 UTC (permalink / raw
To: gentoo-commits
commit: 712145986e7c34ed256362a0a81dfe2a4b50639e
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 08:46:27 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 8 08:46:27 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=71214598
Use files_relabel_all_non_security_file_types
Use the naming convention "_all_" + <attribute-name> + "s" (plural)
---
policy/modules/kernel/files.if | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 33076ed..fd1f8e9 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6731,8 +6731,7 @@ interface(`files_read_etc_runtime',`
########################################
## <summary>
-## Relabel all non-security related
-## files.
+## Allow relabel from and to non-security types
## </summary>
## <param name="domain">
## <summary>
@@ -6741,17 +6740,19 @@ interface(`files_read_etc_runtime',`
## </param>
## <rolecap/>
#
-interface(`files_relabel_non_security_file_type',`
+interface(`files_relabel_all_non_security_file_types',`
gen_require(`
attribute non_security_file_type;
')
allow $1 non_security_file_type:dir list_dir_perms;
+
relabel_dirs_pattern($1, non_security_file_type, non_security_file_type)
relabel_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_lnk_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_fifo_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_sock_files_pattern($1, non_security_file_type, non_security_file_type)
+
# this is only relabelfrom since there should be no
# device nodes with file types.
relabelfrom_blk_files_pattern($1, non_security_file_type, non_security_file_type)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-08 8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
@ 2014-08-08 8:48 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-08 8:48 UTC (permalink / raw
To: gentoo-commits
commit: 712145986e7c34ed256362a0a81dfe2a4b50639e
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 08:46:27 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 8 08:46:27 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=71214598
Use files_relabel_all_non_security_file_types
Use the naming convention "_all_" + <attribute-name> + "s" (plural)
---
policy/modules/kernel/files.if | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 33076ed..fd1f8e9 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6731,8 +6731,7 @@ interface(`files_read_etc_runtime',`
########################################
## <summary>
-## Relabel all non-security related
-## files.
+## Allow relabel from and to non-security types
## </summary>
## <param name="domain">
## <summary>
@@ -6741,17 +6740,19 @@ interface(`files_read_etc_runtime',`
## </param>
## <rolecap/>
#
-interface(`files_relabel_non_security_file_type',`
+interface(`files_relabel_all_non_security_file_types',`
gen_require(`
attribute non_security_file_type;
')
allow $1 non_security_file_type:dir list_dir_perms;
+
relabel_dirs_pattern($1, non_security_file_type, non_security_file_type)
relabel_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_lnk_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_fifo_files_pattern($1, non_security_file_type, non_security_file_type)
relabel_sock_files_pattern($1, non_security_file_type, non_security_file_type)
+
# this is only relabelfrom since there should be no
# device nodes with file types.
relabelfrom_blk_files_pattern($1, non_security_file_type, non_security_file_type)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:testing commit in: policy/modules/kernel/
@ 2014-08-08 8:50 Sven Vermeulen
2014-08-08 8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-08 8:50 UTC (permalink / raw
To: gentoo-commits
commit: a6a300d4692eb06f7de55d413099b844e142a7b2
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 08:44:15 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 8 08:44:15 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a6a300d4
Introduce files_relabel_all_pidfiles
This interface can be used by domains needing wide relabel privileges
towards the *_var_run_t and var_run_t types.
---
policy/modules/kernel/files.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index efd7836..33076ed 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6781,3 +6781,24 @@ interface(`files_manage_all_non_security_file_types',`
manage_sock_files_pattern($1, non_security_file_type, non_security_file_type)
')
+#########################################
+## <summary>
+## Allow relabeling from and to any pidfile associated type
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_relabel_all_pidfiles',`
+ gen_require(`
+ attribute pidfile;
+ ')
+
+ allow $1 pidfile:dir list_dir_perms;
+
+ relabel_dirs_pattern($1, pidfile, pidfile)
+ relabel_files_pattern($1, pidfile, pidfile)
+ relabel_lnk_files_pattern($1, pidfile, pidfile)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-08 8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
@ 2014-08-08 8:48 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-08 8:48 UTC (permalink / raw
To: gentoo-commits
commit: a6a300d4692eb06f7de55d413099b844e142a7b2
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 08:44:15 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 8 08:44:15 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a6a300d4
Introduce files_relabel_all_pidfiles
This interface can be used by domains needing wide relabel privileges
towards the *_var_run_t and var_run_t types.
---
policy/modules/kernel/files.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index efd7836..33076ed 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6781,3 +6781,24 @@ interface(`files_manage_all_non_security_file_types',`
manage_sock_files_pattern($1, non_security_file_type, non_security_file_type)
')
+#########################################
+## <summary>
+## Allow relabeling from and to any pidfile associated type
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_relabel_all_pidfiles',`
+ gen_require(`
+ attribute pidfile;
+ ')
+
+ allow $1 pidfile:dir list_dir_perms;
+
+ relabel_dirs_pattern($1, pidfile, pidfile)
+ relabel_files_pattern($1, pidfile, pidfile)
+ relabel_lnk_files_pattern($1, pidfile, pidfile)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-08 8:48 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-08 8:48 UTC (permalink / raw
To: gentoo-commits
commit: 105008a744011a7cb78546338fe90c55772dbab4
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 8 08:40:03 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Aug 8 08:40:03 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=105008a7
Apply different naming
The idea is that an interface that manages a whole set of types contains
the _all_ inside the name. When it does, then the next block should
contain the attribute name in its entirety, but plural.
So for non_security_file_type, this becomes
_all_non_security_file_types.
---
policy/modules/kernel/files.if | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 105c7c2..efd7836 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6760,7 +6760,7 @@ interface(`files_relabel_non_security_file_type',`
########################################
## <summary>
-## Manage non-security related resources.
+## Manage non-security-sensitive resource types
## </summary>
## <param name="domain">
## <summary>
@@ -6769,7 +6769,7 @@ interface(`files_relabel_non_security_file_type',`
## </param>
## <rolecap/>
#
-interface(`files_manage_non_security_file_type',`
+interface(`files_manage_all_non_security_file_types',`
gen_require(`
attribute non_security_file_type;
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-08-07 9:41 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-07 9:41 UTC (permalink / raw
To: gentoo-commits
commit: efbdcdbe1e713bdf62e3ad054d0b950e29b6b605
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 7 09:39:37 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Aug 7 09:39:37 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=efbdcdbe
Add files_relabel_non_security_file_type
This interface allows for relabel operations against all resources with
a type associated with the non_security_file_type attribute.
---
policy/modules/kernel/files.if | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 5d53aa4..105c7c2 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6731,6 +6731,35 @@ interface(`files_read_etc_runtime',`
########################################
## <summary>
+## Relabel all non-security related
+## files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`files_relabel_non_security_file_type',`
+ gen_require(`
+ attribute non_security_file_type;
+ ')
+
+ allow $1 non_security_file_type:dir list_dir_perms;
+ relabel_dirs_pattern($1, non_security_file_type, non_security_file_type)
+ relabel_files_pattern($1, non_security_file_type, non_security_file_type)
+ relabel_lnk_files_pattern($1, non_security_file_type, non_security_file_type)
+ relabel_fifo_files_pattern($1, non_security_file_type, non_security_file_type)
+ relabel_sock_files_pattern($1, non_security_file_type, non_security_file_type)
+ # this is only relabelfrom since there should be no
+ # device nodes with file types.
+ relabelfrom_blk_files_pattern($1, non_security_file_type, non_security_file_type)
+ relabelfrom_chr_files_pattern($1, non_security_file_type, non_security_file_type)
+')
+
+########################################
+## <summary>
## Manage non-security related resources.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:testing commit in: policy/modules/kernel/
@ 2014-08-06 18:13 Sven Vermeulen
2014-08-07 8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-06 18:13 UTC (permalink / raw
To: gentoo-commits
commit: a3557731110822effbdd433dffe24c3fbacdc9d8
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 6 08:55:58 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Aug 6 18:08:37 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a3557731
Comment out seutil_relabelto_bin_policy
We comment out the use of the seutil_relabelto_bin_policy call in the
files_relabel_non_auth_files interface. This allows us to set this
interface in a tunable statement, like so:
seutil_relabelto_bin_policy(foo_t)
tunable_policy(`foo_relabel_non_auth_files',`
files_relabel_non_auth_files(foo_t)
')
In larger entries, this allows us to have a minimalistic policy (a
domain only allowed to manage and relabel a certain set of file types)
and, through a boolean, enable it to manage and relabel a larger set of
types.
---
policy/modules/kernel/files.if | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 3f20525..ca278d5 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1445,7 +1445,9 @@ interface(`files_relabel_non_auth_files',`
relabelfrom_chr_files_pattern($1, non_auth_file_type, non_auth_file_type)
# satisfy the assertions:
- seutil_relabelto_bin_policy($1)
+ # seutil_relabelto_bin_policy($1)
+ # Gentoo: this is removed as we do not want to set attributes in this phase, we want
+ # to allow files_relabel_non_auth_files to be an optional setting (tunable).
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
@ 2014-08-07 8:06 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-07 8:06 UTC (permalink / raw
To: gentoo-commits
commit: a3557731110822effbdd433dffe24c3fbacdc9d8
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 6 08:55:58 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Aug 6 18:08:37 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a3557731
Comment out seutil_relabelto_bin_policy
We comment out the use of the seutil_relabelto_bin_policy call in the
files_relabel_non_auth_files interface. This allows us to set this
interface in a tunable statement, like so:
seutil_relabelto_bin_policy(foo_t)
tunable_policy(`foo_relabel_non_auth_files',`
files_relabel_non_auth_files(foo_t)
')
In larger entries, this allows us to have a minimalistic policy (a
domain only allowed to manage and relabel a certain set of file types)
and, through a boolean, enable it to manage and relabel a larger set of
types.
---
policy/modules/kernel/files.if | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 3f20525..ca278d5 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1445,7 +1445,9 @@ interface(`files_relabel_non_auth_files',`
relabelfrom_chr_files_pattern($1, non_auth_file_type, non_auth_file_type)
# satisfy the assertions:
- seutil_relabelto_bin_policy($1)
+ # seutil_relabelto_bin_policy($1)
+ # Gentoo: this is removed as we do not want to set attributes in this phase, we want
+ # to allow files_relabel_non_auth_files to be an optional setting (tunable).
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:testing commit in: policy/modules/kernel/
@ 2014-08-06 18:13 Sven Vermeulen
2014-08-07 8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
0 siblings, 1 reply; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-06 18:13 UTC (permalink / raw
To: gentoo-commits
commit: c59fbdcd0347acb36cb72b2da4e60f553121113b
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 6 09:03:57 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Aug 6 18:08:37 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c59fbdcd
Introduce files_manage_non_security_file_type interface
This interface, similar to files_manage_non_auth_files, allows the
domain to manage and work on non-security related file types. No type
attributes are set so this can be used in a tunable_policy statement if
necessary.
Naming based on the attribute used (non_security_file_type).
---
policy/modules/kernel/files.if | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index ca278d5..5d53aa4 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6728,3 +6728,27 @@ interface(`files_read_etc_runtime',`
read_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
read_lnk_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
')
+
+########################################
+## <summary>
+## Manage non-security related resources.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`files_manage_non_security_file_type',`
+ gen_require(`
+ attribute non_security_file_type;
+ ')
+
+ manage_dirs_pattern($1, non_security_file_type, non_security_file_type)
+ manage_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_lnk_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_fifo_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_sock_files_pattern($1, non_security_file_type, non_security_file_type)
+')
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
@ 2014-08-07 8:06 ` Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-08-07 8:06 UTC (permalink / raw
To: gentoo-commits
commit: c59fbdcd0347acb36cb72b2da4e60f553121113b
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 6 09:03:57 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Aug 6 18:08:37 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c59fbdcd
Introduce files_manage_non_security_file_type interface
This interface, similar to files_manage_non_auth_files, allows the
domain to manage and work on non-security related file types. No type
attributes are set so this can be used in a tunable_policy statement if
necessary.
Naming based on the attribute used (non_security_file_type).
---
policy/modules/kernel/files.if | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index ca278d5..5d53aa4 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6728,3 +6728,27 @@ interface(`files_read_etc_runtime',`
read_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
read_lnk_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
')
+
+########################################
+## <summary>
+## Manage non-security related resources.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <rolecap/>
+#
+interface(`files_manage_non_security_file_type',`
+ gen_require(`
+ attribute non_security_file_type;
+ ')
+
+ manage_dirs_pattern($1, non_security_file_type, non_security_file_type)
+ manage_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_lnk_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_fifo_files_pattern($1, non_security_file_type, non_security_file_type)
+ manage_sock_files_pattern($1, non_security_file_type, non_security_file_type)
+')
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-07-05 16:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-07-05 16:06 UTC (permalink / raw
To: gentoo-commits
commit: 8bea53bd07297a2fcf2028cea7576af656699b43
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jun 30 19:28:51 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Jul 5 16:04:53 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8bea53bd
Move tumblerd fc entry
---
policy/modules/kernel/corecommands.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 69224e3..433040b 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -243,6 +243,7 @@ ifdef(`distro_gentoo',`
/usr/lib/rpm/rpmv -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/sudo/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
+/usr/lib/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-compose-mail-1 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0)
@@ -253,7 +254,6 @@ ifdef(`distro_gentoo',`
/usr/lib/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0)
-/usr/lib/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/couchdb/erlang/lib/couch-[0-9.]+/priv/couchspawnkillable -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-07-05 16:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-07-05 16:06 UTC (permalink / raw
To: gentoo-commits
commit: 52c7cf58ef05cdece45ee96e6e3f0e98b71d6d39
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jun 30 19:29:25 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Jul 5 16:04:56 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=52c7cf58
Module version bump for tumblerd fc entry from Jason Zaman.
---
policy/modules/kernel/corecommands.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index 859b61d..00fbc3d 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.19.2)
+policy_module(corecommands, 1.19.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-07-05 16:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-07-05 16:06 UTC (permalink / raw
To: gentoo-commits
commit: ec767d14480810ee4a1ab58d2f6fe846d1a9d85f
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon Jun 23 18:46:54 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Jul 5 16:03:49 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ec767d14
File Context for tumbler
Tumbler is a D-Bus service for applications to request thumbnails
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 256b258..69224e3 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -253,6 +253,7 @@ ifdef(`distro_gentoo',`
/usr/lib/xfce4/session/xfsm-shutdown-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/tumbler-1/tumblerd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/couchdb/erlang/lib/couch-[0-9.]+/priv/couchspawnkillable -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-25 19:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-25 19:06 UTC (permalink / raw
To: gentoo-commits
commit: 6875eb43810a516b4451a830602237d59f331acc
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon Jun 23 18:46:53 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Jun 25 18:59:21 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6875eb43
File contexts for zram
zram is a compressed block device in ram
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
---
policy/modules/kernel/storage.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 4dd865b..73599f3 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -59,6 +59,7 @@ ifdef(`distro_redhat', `
/dev/zd.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/zfs -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/zpios -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
+/dev/zram[0-9]+ -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/ataraid/.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-25 19:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-25 19:06 UTC (permalink / raw
To: gentoo-commits
commit: 2faf56876e58b1d6f21ea92abac0eaf5e9ec7bea
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed Jun 25 15:57:24 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Wed Jun 25 18:59:23 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2faf5687
Module version bump for zram fc entry from Jason Zaman.
---
policy/modules/kernel/storage.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/storage.te b/policy/modules/kernel/storage.te
index 45a8856..284929d 100644
--- a/policy/modules/kernel/storage.te
+++ b/policy/modules/kernel/storage.te
@@ -1,4 +1,4 @@
-policy_module(storage, 1.12.0)
+policy_module(storage, 1.12.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-10 18:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-10 18:17 UTC (permalink / raw
To: gentoo-commits
commit: 0a3f188d17d7b86c67923b8caee4310b9862b7be
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jun 9 12:23:24 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Jun 10 18:14:39 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0a3f188d
Module version bump for firstboot_rw_t alias removal.
---
policy/modules/kernel/files.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index bd7adb0..9a4eb58 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.19.0)
+policy_module(files, 1.19.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-10 18:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-10 18:17 UTC (permalink / raw
To: gentoo-commits
commit: 39aa3573cb8518e1e67b93c3f8ed09db2dfbe3ba
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jun 9 12:42:26 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Jun 10 18:15:15 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=39aa3573
Module version bump for dropbox port from Sven Vermeulen.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index b0d06e9..c5fa3f7 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.20.0)
+policy_module(corenetwork, 1.20.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-10 18:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-10 18:17 UTC (permalink / raw
To: gentoo-commits
commit: 081c266dc82109443c4e83a0dff53dd49da932e4
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Jun 9 12:22:52 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Jun 10 18:14:36 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=081c266d
Remove firstboot_rw_t as FC5 has been gone for a long time.
---
policy/modules/kernel/files.te | 2 --
1 file changed, 2 deletions(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 852bd46..bd7adb0 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -71,8 +71,6 @@ typealias etc_t alias snmpd_etc_t;
#
type etc_runtime_t;
files_type(etc_runtime_t)
-#Temporarily in policy until FC5 disappears
-typealias etc_runtime_t alias firstboot_rw_t;
#
# home_root_t is the type for the directory where user home directories
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-10 18:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-10 18:17 UTC (permalink / raw
To: gentoo-commits
commit: ce276f219e65732b565f66f67d408af840832bd8
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu May 29 17:24:48 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Jun 10 18:14:15 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ce276f21
Enable rcs2log location for all distributions
Currently, the /usr/share/cvs/contrib/rcs2log is only labeled as bin_t
for redhat distributions. Moving this to the general one as it is also
in use on other distributions
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/corecommands.fc | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 9b4388e..256b258 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -300,6 +300,7 @@ ifdef(`distro_gentoo',`
/usr/share/cluster/.*\.sh gen_context(system_u:object_r:bin_t,s0)
/usr/share/cluster/ocf-shellfuncs -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/cluster/svclib_nfslock -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/e16/misc(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/gedit-2/plugins/externaltools/tools(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/share/gitolite/hooks/common/update -- gen_context(system_u:object_r:bin_t,s0)
@@ -349,7 +350,6 @@ ifdef(`distro_redhat', `
/usr/share/authconfig/authconfig-gtk\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/authconfig/authconfig-tui\.py -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/authconfig/authconfig\.py -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/clamav/clamd-gen -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/clamav/freshclam-sleep -- gen_context(system_u:object_r:bin_t,s0)
/usr/share/createrepo(/.*)? gen_context(system_u:object_r:bin_t,s0)
@@ -421,5 +421,4 @@ ifdef(`distro_suse',`
ifdef(`distro_gentoo',`
/usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-07 18:20 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-07 18:20 UTC (permalink / raw
To: gentoo-commits
commit: b08d56f2b2db5a8683a68cda6af4d723c2824b7c
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jun 7 18:19:31 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Jun 7 18:19:31 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b08d56f2
Update corenetwork.if after regeneration
---
policy/modules/kernel/corenetwork.if | 1348 ++++++++++++++++++++++++++++++++++
1 file changed, 1348 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 5b6fef3..22e8137 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -1904,6 +1904,25 @@ interface(`corenet_tcp_connect_all_reserved_ports',`
########################################
## <summary>
+## Do not audit connect attempts to TCP sockets on
+## ports greater than 1024.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain not to audit access to.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_tcp_connect_all_unreserved_ports',`
+ gen_require(`
+ attribute unreserved_port_type;
+ ')
+
+ dontaudit $1 unreserved_port_type:tcp_socket name_connect;
+')
+
+########################################
+## <summary>
## Connect TCP sockets to all ports > 1024.
## </summary>
## <param name="domain">
@@ -23963,6 +23982,449 @@ interface(`corenet_relabelto_dns_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ dontaudit $1 dropbox_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ dontaudit $1 dropbox_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_dropbox_port',`
+ corenet_udp_send_dropbox_port($1)
+ corenet_udp_receive_dropbox_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_dropbox_port',`
+ corenet_dontaudit_udp_send_dropbox_port($1)
+ corenet_dontaudit_udp_receive_dropbox_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the dropbox port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_dropbox_port',`
+ gen_require(`
+ type dropbox_port_t;
+ ')
+
+ allow $1 dropbox_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_dropbox_client_packets',`
+ gen_require(`
+ type dropbox_client_packet_t;
+ ')
+
+ allow $1 dropbox_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_dropbox_client_packets',`
+ gen_require(`
+ type dropbox_client_packet_t;
+ ')
+
+ dontaudit $1 dropbox_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_dropbox_client_packets',`
+ gen_require(`
+ type dropbox_client_packet_t;
+ ')
+
+ allow $1 dropbox_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_dropbox_client_packets',`
+ gen_require(`
+ type dropbox_client_packet_t;
+ ')
+
+ dontaudit $1 dropbox_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_dropbox_client_packets',`
+ corenet_send_dropbox_client_packets($1)
+ corenet_receive_dropbox_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive dropbox_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_dropbox_client_packets',`
+ corenet_dontaudit_send_dropbox_client_packets($1)
+ corenet_dontaudit_receive_dropbox_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to dropbox_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_dropbox_client_packets',`
+ gen_require(`
+ type dropbox_client_packet_t;
+ ')
+
+ allow $1 dropbox_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_dropbox_server_packets',`
+ gen_require(`
+ type dropbox_server_packet_t;
+ ')
+
+ allow $1 dropbox_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_dropbox_server_packets',`
+ gen_require(`
+ type dropbox_server_packet_t;
+ ')
+
+ dontaudit $1 dropbox_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_dropbox_server_packets',`
+ gen_require(`
+ type dropbox_server_packet_t;
+ ')
+
+ allow $1 dropbox_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_dropbox_server_packets',`
+ gen_require(`
+ type dropbox_server_packet_t;
+ ')
+
+ dontaudit $1 dropbox_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_dropbox_server_packets',`
+ corenet_send_dropbox_server_packets($1)
+ corenet_receive_dropbox_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive dropbox_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_dropbox_server_packets',`
+ corenet_dontaudit_send_dropbox_server_packets($1)
+ corenet_dontaudit_receive_dropbox_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to dropbox_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_dropbox_server_packets',`
+ gen_require(`
+ type dropbox_server_packet_t;
+ ')
+
+ allow $1 dropbox_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the efs port.
## </summary>
## <param name="domain">
@@ -27507,6 +27969,449 @@ interface(`corenet_relabelto_gatekeeper_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ dontaudit $1 gdomap_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ dontaudit $1 gdomap_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_gdomap_port',`
+ corenet_udp_send_gdomap_port($1)
+ corenet_udp_receive_gdomap_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_gdomap_port',`
+ corenet_dontaudit_udp_send_gdomap_port($1)
+ corenet_dontaudit_udp_receive_gdomap_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the gdomap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_gdomap_port',`
+ gen_require(`
+ type gdomap_port_t;
+ ')
+
+ allow $1 gdomap_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_gdomap_client_packets',`
+ gen_require(`
+ type gdomap_client_packet_t;
+ ')
+
+ allow $1 gdomap_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_gdomap_client_packets',`
+ gen_require(`
+ type gdomap_client_packet_t;
+ ')
+
+ dontaudit $1 gdomap_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_gdomap_client_packets',`
+ gen_require(`
+ type gdomap_client_packet_t;
+ ')
+
+ allow $1 gdomap_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_gdomap_client_packets',`
+ gen_require(`
+ type gdomap_client_packet_t;
+ ')
+
+ dontaudit $1 gdomap_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_gdomap_client_packets',`
+ corenet_send_gdomap_client_packets($1)
+ corenet_receive_gdomap_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive gdomap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_gdomap_client_packets',`
+ corenet_dontaudit_send_gdomap_client_packets($1)
+ corenet_dontaudit_receive_gdomap_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to gdomap_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_gdomap_client_packets',`
+ gen_require(`
+ type gdomap_client_packet_t;
+ ')
+
+ allow $1 gdomap_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_gdomap_server_packets',`
+ gen_require(`
+ type gdomap_server_packet_t;
+ ')
+
+ allow $1 gdomap_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_gdomap_server_packets',`
+ gen_require(`
+ type gdomap_server_packet_t;
+ ')
+
+ dontaudit $1 gdomap_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_gdomap_server_packets',`
+ gen_require(`
+ type gdomap_server_packet_t;
+ ')
+
+ allow $1 gdomap_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_gdomap_server_packets',`
+ gen_require(`
+ type gdomap_server_packet_t;
+ ')
+
+ dontaudit $1 gdomap_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_gdomap_server_packets',`
+ corenet_send_gdomap_server_packets($1)
+ corenet_receive_gdomap_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive gdomap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_gdomap_server_packets',`
+ corenet_dontaudit_send_gdomap_server_packets($1)
+ corenet_dontaudit_receive_gdomap_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to gdomap_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_gdomap_server_packets',`
+ gen_require(`
+ type gdomap_server_packet_t;
+ ')
+
+ allow $1 gdomap_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the gds_db port.
## </summary>
## <param name="domain">
@@ -69592,6 +70497,449 @@ interface(`corenet_relabelto_razor_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ dontaudit $1 redis_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ dontaudit $1 redis_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_redis_port',`
+ corenet_udp_send_redis_port($1)
+ corenet_udp_receive_redis_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_redis_port',`
+ corenet_dontaudit_udp_send_redis_port($1)
+ corenet_dontaudit_udp_receive_redis_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the redis port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_redis_port',`
+ gen_require(`
+ type redis_port_t;
+ ')
+
+ allow $1 redis_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_redis_client_packets',`
+ gen_require(`
+ type redis_client_packet_t;
+ ')
+
+ allow $1 redis_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_redis_client_packets',`
+ gen_require(`
+ type redis_client_packet_t;
+ ')
+
+ dontaudit $1 redis_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_redis_client_packets',`
+ gen_require(`
+ type redis_client_packet_t;
+ ')
+
+ allow $1 redis_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_redis_client_packets',`
+ gen_require(`
+ type redis_client_packet_t;
+ ')
+
+ dontaudit $1 redis_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_redis_client_packets',`
+ corenet_send_redis_client_packets($1)
+ corenet_receive_redis_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive redis_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_redis_client_packets',`
+ corenet_dontaudit_send_redis_client_packets($1)
+ corenet_dontaudit_receive_redis_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to redis_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_redis_client_packets',`
+ gen_require(`
+ type redis_client_packet_t;
+ ')
+
+ allow $1 redis_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_redis_server_packets',`
+ gen_require(`
+ type redis_server_packet_t;
+ ')
+
+ allow $1 redis_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_redis_server_packets',`
+ gen_require(`
+ type redis_server_packet_t;
+ ')
+
+ dontaudit $1 redis_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_redis_server_packets',`
+ gen_require(`
+ type redis_server_packet_t;
+ ')
+
+ allow $1 redis_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_redis_server_packets',`
+ gen_require(`
+ type redis_server_packet_t;
+ ')
+
+ dontaudit $1 redis_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_redis_server_packets',`
+ corenet_send_redis_server_packets($1)
+ corenet_receive_redis_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive redis_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_redis_server_packets',`
+ corenet_dontaudit_send_redis_server_packets($1)
+ corenet_dontaudit_receive_redis_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to redis_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_redis_server_packets',`
+ gen_require(`
+ type redis_server_packet_t;
+ ')
+
+ allow $1 redis_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the repository port.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-06-07 18:12 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-06-07 18:12 UTC (permalink / raw
To: gentoo-commits
commit: ad9cfacaf3c3436d30fbb96cf6cd5b5ccacc1cbc
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Jun 7 18:11:27 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sat Jun 7 18:11:27 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ad9cfaca
Adding dropbox_port_t (tcp/udp 17500)
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index fc18a14..b0d06e9 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -120,6 +120,7 @@ network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0,
network_port(dict, tcp,2628,s0)
network_port(distccd, tcp,3632,s0)
network_port(dns, tcp,53,s0, udp,53,s0)
+network_port(dropbox, tcp,17500,s0, udp,17500,s0)
network_port(efs, tcp,520,s0)
network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
network_port(epmap, tcp,135,s0, udp,135,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-05-01 18:59 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-05-01 18:59 UTC (permalink / raw
To: gentoo-commits
commit: 0b6f58747314452da12fec27f7876ca66bfb503c
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu May 1 18:58:59 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu May 1 18:58:59 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0b6f5874
Add files_read_etc_runtime interface
---
policy/modules/kernel/files.if | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 5cff62e..3f20525 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6705,3 +6705,24 @@ interface(`files_lib_filetrans_kernel_modules',`
libs_lib_filetrans($1, modules_object_t, $2, $3)
')
+
+#########################################
+## <summary>
+## Read etc runtime resources
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+#
+interface(`files_read_etc_runtime',`
+ gen_require(`
+ type etc_runtime_t;
+ type etc_t;
+ ')
+
+ list_dirs_pattern($1, etc_t, etc_runtime_t)
+ read_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
+ read_lnk_files_pattern($1, { etc_t etc_runtime_t }, etc_runtime_t)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: 56d8957dcd7da20184b9604274f815b622a3a72f
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Wed Apr 16 18:02:23 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:17:58 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=56d8957d
Allow hugetlbfs_t to be associated to /dev
Even if there is not FHS provision for this, systemd is using
/dev/hugepages to mount the hugetlbfs fs by default.
The needed file contexts are already present
---
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index bad3d16..1e5b262 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -98,6 +98,7 @@ genfscon futexfs / gen_context(system_u:object_r:futexfs_t,s0)
type hugetlbfs_t;
fs_xattr_type(hugetlbfs_t)
files_mountpoint(hugetlbfs_t)
+dev_associate(hugetlbfs_t)
fs_use_trans hugetlbfs gen_context(system_u:object_r:hugetlbfs_t,s0);
type ibmasmfs_t;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: 2881f0894c6f2af70e0780d4672371f4d712e983
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Mon Apr 14 21:18:31 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:19:48 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2881f089
filesystem: label cgroup symlinks
/sys/fs/cgroup is a tmpfs which contains cgroup mounts and symlinks such as
cpu and cpuacct. Running restorecon makes this warning happen:
restorecon: Warning no default label for /sys/fs/cgroup/cpu
Declare a file context for every symlink in the cgroup tmpfs montpoint to
no longer have such warning.
---
policy/modules/kernel/filesystem.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
index d7c11a0..f5cfe84 100644
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@ -13,6 +13,7 @@
/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
/sys/fs/cgroup/.* <<none>>
+/sys/fs/cgroup/[^/]+ -l gen_context(system_u:object_r:cgroup_t,s0)
/sys/fs/pstore -d gen_context(system_u:object_r:pstore_t,s0)
/sys/fs/pstore/.* <<none>>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: 8f10b1934102c4c9b5f683dfe2d186e4133ec33e
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Mon Apr 14 21:15:07 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:19:52 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8f10b193
Label /usr/lib/getconf as bin_t
On ArchLinux, glibc package installs /usr/bin/getconf as a hard link to a file
in /usr/lib/getconf/. For example on a x86_64 machine:
$ ls -i -l /usr/bin/getconf /usr/lib/getconf/XBS5_LP64_OFF64
5900355 -rwxr-xr-x. 4 root root 22880 Feb 28 04:53 /usr/bin/getconf
5900355 -rwxr-xr-x. 4 root root 22880 Feb 28 04:53 /usr/lib/getconf/XBS5_LP64_OFF64
Such configuration produces an instability when labeling the files with
"restorecon -Rv /":
restorecon reset /usr/bin/getconf context unconfined_u:object_r:lib_t:s0->unconfined_u:object_r:bin_t:s0
restorecon reset /usr/lib/getconf/XBS5_LP64_OFF64 context unconfined_u:object_r:bin_t:s0->unconfined_u:object_r:lib_t:s0
As /usr/lib/getconf directory only contains executable programs, this issue is
fixed by labeling this directory and its content "bin_t".
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index d1ad47f..9b4388e 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -217,6 +217,7 @@ ifdef(`distro_gentoo',`
/usr/lib/cyrus-imapd/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/getconf(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gimp/.*/plug-ins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/git-core/git-shell -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/git-core(/.*) -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: 726854ef32842b32a59d09bf755d5229b4f98429
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Apr 21 15:22:12 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:22:12 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=726854ef
Merged upstream, so own def can be removed
---
policy/modules/kernel/devices.if | 37 -------------------------------------
1 file changed, 37 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 1ae060c..2963f91 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4955,43 +4955,6 @@ interface(`dev_dontaudit_read_sysfs',`
########################################
## <summary>
-## Do not audit getting the attributes of sysfs filesystem
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to dontaudit access from
-## </summary>
-## </param>
-#
-interface(`dev_dontaudit_getattr_sysfs_fs',`
- gen_require(`
- type sysfs_t;
- ')
-
- dontaudit $1 sysfs_t:filesystem getattr;
-')
-
-########################################
-## <summary>
-## Get the attributes of sysfs filesystem
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dev_getattr_sysfs_fs',`
- gen_require(`
- type sysfs_t;
- ')
-
- allow $1 sysfs_t:filesystem getattr;
-')
-
-
-########################################
-## <summary>
## Setattr for generic character device files.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: f01d104b5d9379b68da800b834316754f30f0b2e
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Apr 21 13:01:08 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:17:01 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f01d104b
Module version bump for /sys/fs/selinux support from Sven Vermeulen.
---
policy/modules/kernel/devices.te | 2 +-
policy/modules/kernel/selinux.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 3e03a9d..00605a8 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.16.2)
+policy_module(devices, 1.16.3)
########################################
#
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index d289ba3..4f94796 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -1,4 +1,4 @@
-policy_module(selinux, 1.13.0)
+policy_module(selinux, 1.13.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: a8e2799f72cad0f2b12ba6d60dfcda183d8bb580
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Apr 11 18:01:41 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:14:11 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a8e2799f
The security_t file system can be at /sys/fs/selinux
Because it is no longer a top-level file system, we need to enhance some
of the interfaces with the appropriate rights towards sysfs_t.
First set to allow getattr rights on the file system, which now also
means getattr on the sysfs_t file system as well as search privileges in
sysfs_t.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/devices.if | 18 ++++++++++++++++++
policy/modules/kernel/selinux.if | 5 +++--
2 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 8c14b43..60a3f46 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -3873,6 +3873,24 @@ interface(`dev_getattr_sysfs_dirs',`
########################################
## <summary>
+## Get the attributes of sysfs filesystem
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_getattr_sysfs',`
+ gen_require(`
+ type sysfs_t;
+ ')
+
+ allow $1 sysfs_t:filesystem getattr;
+')
+
+########################################
+## <summary>
## Search the sysfs directories.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index c5b9bd0..31706ac 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -64,7 +64,7 @@ interface(`selinux_get_fs_mount',`
allow $1 security_t:filesystem getattr;
# Same for /sys/fs/selinux
- dev_getattr_sysfs_fs($1)
+ dev_getattr_sysfs($1)
dev_search_sysfs($1)
# read /proc/filesystems to see if selinuxfs is supported
@@ -173,7 +173,8 @@ interface(`selinux_getattr_fs',`
')
allow $1 security_t:filesystem getattr;
- dev_getattr_sysfs_fs($1)
+
+ dev_getattr_sysfs($1)
dev_search_sysfs($1)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-21 15:25 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-21 15:25 UTC (permalink / raw
To: gentoo-commits
commit: 49a43dd34f9a50207ae012a26f3fe941a66ebdbc
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Apr 11 18:01:42 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Apr 21 15:16:51 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=49a43dd3
Dontaudit access on security_t file system at /sys/fs/selinux
Second part of the support of security_t under /sys/fs/selinux - when
asked not to audit getting attributes on the selinux file system, have
this propagate to the sysfs parts as well.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/devices.if | 18 ++++++++++++++++++
policy/modules/kernel/selinux.if | 4 ++--
2 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 60a3f46..1ae060c 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -3891,6 +3891,24 @@ interface(`dev_getattr_sysfs',`
########################################
## <summary>
+## Do not audit getting the attributes of sysfs filesystem
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to dontaudit access from
+## </summary>
+## </param>
+#
+interface(`dev_dontaudit_getattr_sysfs',`
+ gen_require(`
+ type sysfs_t;
+ ')
+
+ dontaudit $1 sysfs_t:filesystem getattr;
+')
+
+########################################
+## <summary>
## Search the sysfs directories.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index 31706ac..9192d23 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -94,7 +94,7 @@ interface(`selinux_dontaudit_get_fs_mount',`
dontaudit $1 security_t:filesystem getattr;
# Same for /sys/fs/selinux
- dev_dontaudit_getattr_sysfs_fs($1)
+ dev_dontaudit_getattr_sysfs($1)
dev_dontaudit_search_sysfs($1)
# read /proc/filesystems to see if selinuxfs is supported
@@ -196,7 +196,7 @@ interface(`selinux_dontaudit_getattr_fs',`
dontaudit $1 security_t:filesystem getattr;
- dev_dontaudit_getattr_sysfs_fs($1)
+ dev_dontaudit_getattr_sysfs($1)
dev_dontaudit_search_sysfs($1)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-17 18:21 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-17 18:21 UTC (permalink / raw
To: gentoo-commits
commit: 81e7c63e1781015a444ea090dfe2b453bdbf70b2
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Apr 17 18:20:58 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Apr 17 18:20:58 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=81e7c63e
Also on Gentoo
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 7ef2dd5..d1ad47f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -420,4 +420,5 @@ ifdef(`distro_suse',`
ifdef(`distro_gentoo',`
/usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/cvs/contrib/rcs2log -- gen_context(system_u:object_r:bin_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-11 17:48 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-11 17:48 UTC (permalink / raw
To: gentoo-commits
commit: decabd8c4269860861be981cec6f0936aeea9b10
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Fri Apr 4 20:52:53 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Apr 11 17:47:57 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=decabd8c
Associate the new xattrfs attribute to fs_t and some pseudo-fs
Associate the new xattrfs attribute to fs_t and the pseudo filesystems
that we know support xattr
This patch adds the attribute to the following (pseudo) filesystems
- device_t
- devpts_t
- fs_t
- hugetlbfs
- sysfs_t
- tmpfs_t
---
policy/modules/kernel/devices.te | 4 ++--
policy/modules/kernel/filesystem.te | 6 +++---
policy/modules/kernel/terminal.te | 2 +-
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 25d28ce..2fdb01b 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -18,7 +18,7 @@ fs_associate_tmpfs(device_t)
files_type(device_t)
files_mountpoint(device_t)
files_associate_tmp(device_t)
-fs_type(device_t)
+fs_xattr_type(device_t)
fs_use_trans devtmpfs gen_context(system_u:object_r:device_t,s0);
#
@@ -231,7 +231,7 @@ dev_node(sound_device_t)
#
type sysfs_t;
files_mountpoint(sysfs_t)
-fs_type(sysfs_t)
+fs_xattr_type(sysfs_t)
genfscon sysfs / gen_context(system_u:object_r:sysfs_t,s0)
#
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index abaf5c0..31058f0 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -16,7 +16,7 @@ attribute xattrfs;
# filesystems with extended attributes
#
type fs_t;
-fs_type(fs_t)
+fs_xattr_type(fs_t)
sid fs gen_context(system_u:object_r:fs_t,s0)
# Use xattrs for the following filesystem types.
@@ -96,7 +96,7 @@ fs_type(futexfs_t)
genfscon futexfs / gen_context(system_u:object_r:futexfs_t,s0)
type hugetlbfs_t;
-fs_type(hugetlbfs_t)
+fs_xattr_type(hugetlbfs_t)
files_mountpoint(hugetlbfs_t)
fs_use_trans hugetlbfs gen_context(system_u:object_r:hugetlbfs_t,s0);
@@ -176,7 +176,7 @@ genfscon vxfs / gen_context(system_u:object_r:vxfs_t,s0)
#
type tmpfs_t;
dev_associate(tmpfs_t)
-fs_type(tmpfs_t)
+fs_xattr_type(tmpfs_t)
files_type(tmpfs_t)
files_mountpoint(tmpfs_t)
files_poly_parent(tmpfs_t)
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index e05079a..01dbf46 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -27,7 +27,7 @@ dev_node(console_device_t)
type devpts_t;
files_mountpoint(devpts_t)
fs_associate_tmpfs(devpts_t)
-fs_type(devpts_t)
+fs_xattr_type(devpts_t)
fs_use_trans devpts gen_context(system_u:object_r:devpts_t,s0);
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-11 17:48 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-11 17:48 UTC (permalink / raw
To: gentoo-commits
commit: 03082087c0e7ca8f63e18f125ae24b73ca0c9e1b
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Fri Apr 4 20:52:52 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Apr 11 17:47:56 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=03082087
Create new xattrfs attribute and fs_getattr_all_xattr_fs() interface
Create a new attribute and fs_getattr_all_xattr_fs() interface that will
be used for all the filesystems that support xattr
---
policy/modules/kernel/filesystem.if | 58 +++++++++++++++++++++++++++++++++++++
policy/modules/kernel/filesystem.te | 1 +
2 files changed, 59 insertions(+)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index e7d05e7..5b80ee2 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -108,6 +108,64 @@ interface(`fs_exec_noxattr',`
########################################
## <summary>
+## Transform specified type into a filesystem
+## type which has extended attribute
+## support.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`fs_xattr_type',`
+ gen_require(`
+ attribute xattrfs;
+ ')
+
+ fs_type($1)
+
+ typeattribute $1 xattrfs;
+')
+
+########################################
+## <summary>
+## Get the attributes of all the
+## filesystems which have extended
+## attributes.
+## This includes pseudo filesystems.
+## </summary>
+## <desc>
+## <p>
+## Allow the specified domain to
+## get the attributes of a filesystems
+## which have extended attributes.
+## Example attributes:
+## </p>
+## <ul>
+## <li>Type of the file system (e.g., tmpfs)</li>
+## <li>Size of the file system</li>
+## <li>Available space on the file system</li>
+## </ul>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="5"/>
+## <rolecap/>
+#
+interface(`fs_getattr_all_xattr_fs',`
+ gen_require(`
+ attribute xattrfs;
+ ')
+
+ allow $1 xattrfs:filesystem getattr;
+')
+
+########################################
+## <summary>
## Mount a persistent filesystem which
## has extended attributes, such as
## ext3, JFS, or XFS.
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 0e09942..abaf5c0 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -8,6 +8,7 @@ policy_module(filesystem, 1.18.0)
attribute filesystem_type;
attribute filesystem_unconfined_type;
attribute noxattrfs;
+attribute xattrfs;
##############################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-08 16:12 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-08 16:12 UTC (permalink / raw
To: gentoo-commits
commit: 089750c82708d26eb65d01a0f88ee6599d5d1159
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Apr 8 16:11:56 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Apr 8 16:11:56 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=089750c8
Remove duplicate declaration
---
policy/modules/kernel/devices.te | 7 -------
1 file changed, 7 deletions(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index ba79da9..25d28ce 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -328,10 +328,3 @@ files_associate_tmp(device_node)
allow devices_unconfined_type self:capability sys_rawio;
allow devices_unconfined_type device_node:{ blk_file chr_file } *;
allow devices_unconfined_type mtrr_device_t:file *;
-
-ifdef(`distro_gentoo',`
- # Support access to /sys/devices/system/cpu/online
- type cpu_online_t;
- files_type(cpu_online_t)
- dev_associate_sysfs(cpu_online_t)
-')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-08 16:02 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-08 16:02 UTC (permalink / raw
To: gentoo-commits
commit: c2b4cb85ee37e4ae38214ccffea6f477915bf360
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Fri Apr 4 20:09:30 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Apr 8 15:25:58 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c2b4cb85
Module version bump for 2 Gentoo patches from Sven Vermeulen.
---
policy/modules/kernel/devices.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 948b064..ba79da9 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.16.0)
+policy_module(devices, 1.16.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-04-08 16:02 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-04-08 16:02 UTC (permalink / raw
To: gentoo-commits
commit: 891859b30d8ed3a32c815c1fa2648cbe4109d899
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Mar 25 20:30:06 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Apr 8 15:25:15 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=891859b3
Support /sys/devices/system/cpu/online
In glibc, the get_nprocs method reads /sys/devices/system/cpu/online, so
we need to grant most domains read access to this file. As we don't want
them to have read access on sysfs_t by default, create a new type
(cpu_online_t) and assign it to the file, and grant domains read access
to the file.
This does require systems to relabel the file upon every boot, something
distributions do in their bootup scripts, as /sys devices don't keep
their context.
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.if | 31 ++++++++++++++++---------------
policy/modules/kernel/devices.te | 7 +++++++
policy/modules/kernel/domain.te | 3 ++-
4 files changed, 26 insertions(+), 16 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 5bf5ef2..053cfa7 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -199,6 +199,7 @@ ifdef(`distro_debian',`
/lib/udev/devices/zero -c gen_context(system_u:object_r:zero_device_t,s0)
/sys(/.*)? gen_context(system_u:object_r:sysfs_t,s0)
+/sys/devices/system/cpu/online -- gen_context(system_u:object_r:cpu_online_t,s0)
ifdef(`distro_redhat',`
# originally from named.fc
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 41eb2ca..56dd021 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4929,48 +4929,49 @@ interface(`dev_create_zero_dev',`
########################################
## <summary>
-## Unconfined access to devices.
+## Read cpu online hardware state information
## </summary>
+## <desc>
+## <p>
+## Allow the specified domain to read /sys/devices/system/cpu/online
+## </p>
+## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
-interface(`dev_unconfined',`
+interface(`dev_read_cpu_online',`
gen_require(`
- attribute devices_unconfined_type;
+ type cpu_online_t;
')
- typeattribute $1 devices_unconfined_type;
+ dev_search_sysfs($1)
+ read_files_pattern($1, cpu_online_t, cpu_online_t)
')
-# We cannot use ifdef distro_gentoo for interfaces
########################################
## <summary>
-## Read cpu online hardware state information.
+## Unconfined access to devices.
## </summary>
-## <desc>
-## <p>
-## Allow the specified domain to read /sys/devices/system/cpu/online file.
-## </p>
-## </desc>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
-interface(`dev_read_cpu_online',`
+interface(`dev_unconfined',`
gen_require(`
- type cpu_online_t;
+ attribute devices_unconfined_type;
')
- dev_search_sysfs($1)
- read_files_pattern($1, cpu_online_t, cpu_online_t)
+ typeattribute $1 devices_unconfined_type;
')
+# We cannot use ifdef distro_gentoo for interfaces
+
########################################
## <summary>
## Relabel cpu online hardware state information.
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 14c178e..948b064 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -60,6 +60,13 @@ type cpu_device_t;
dev_node(cpu_device_t)
#
+# /sys/devices/system/cpu/online device
+#
+type cpu_online_t;
+files_type(cpu_online_t)
+dev_associate_sysfs(cpu_online_t)
+
+#
# Type for /dev/crash
#
type crash_device_t;
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index ea5cdee..4af7dbd 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -1,4 +1,4 @@
-policy_module(domain, 1.11.0)
+policy_module(domain, 1.11.1)
########################################
#
@@ -98,6 +98,7 @@ allow domain self:process { fork sigchld };
# glibc get_nprocs requires read access to /sys/devices/system/cpu/online
dev_read_cpu_online(domain)
+
# Use trusted objects in /dev
dev_rw_null(domain)
dev_rw_zero(domain)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-03-17 8:24 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-03-17 8:24 UTC (permalink / raw
To: gentoo-commits
commit: a219e5b1d01662788f5c475a73d38b2404e13772
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Mon Mar 3 22:59:24 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Mar 17 08:19:34 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a219e5b1
Properly label git-shell and other git commands for Debian
---
policy/modules/kernel/corecommands.fc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 9652430..7ef2dd5 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -218,6 +218,8 @@ ifdef(`distro_gentoo',`
/usr/lib/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gimp/.*/plug-ins(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/git-core/git-shell -- gen_context(system_u:object_r:shell_exec_t,s0)
+/usr/lib/git-core(/.*) -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gnome-settings-daemon/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gvfs/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ipsec/.* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-17 19:55 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-17 19:55 UTC (permalink / raw
To: gentoo-commits
commit: f12d47898fb062e38bf21e67ea1d4b0249692db3
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Feb 15 12:24:55 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Mon Feb 17 19:54:03 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f12d4789
Use xattr-labeling for squashfs.
This is taken from the Fedora policy (authors: Dan Walsh, Miroslav
Grepl) and dates back to 2011 there.
---
policy/modules/kernel/filesystem.te | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 4fbc8f1..e3b00ef 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.17.2)
+policy_module(filesystem, 1.17.3)
########################################
#
@@ -33,6 +33,7 @@ fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr squashfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
@@ -151,11 +152,6 @@ fs_type(spufs_t)
genfscon spufs / gen_context(system_u:object_r:spufs_t,s0)
files_mountpoint(spufs_t)
-type squash_t;
-fs_type(squash_t)
-genfscon squash / gen_context(system_u:object_r:squash_t,s0)
-files_mountpoint(squash_t)
-
type sysv_t;
fs_noxattr_type(sysv_t)
files_mountpoint(sysv_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: d0d2ffe60be2a9fda03bcac8dabde1d51a67dff0
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 8 15:48:50 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:52:44 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d0d2ffe6
Move loop control interface definition.
---
policy/modules/kernel/devices.if | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index b1c505f..41eb2ca 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -2397,44 +2397,44 @@ interface(`dev_rw_lirc',`
######################################
## <summary>
-## Read and write the loop-control device.
+## Automatic type transition to the type
+## for lirc device nodes when created in /dev.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
+## <param name="name" optional="true">
+## <summary>
+## The name of the object being created.
+## </summary>
+## </param>
#
-interface(`dev_rw_loop_control',`
+interface(`dev_filetrans_lirc',`
gen_require(`
- type device_t, loop_control_device_t;
+ type device_t, lirc_device_t;
')
- rw_chr_files_pattern($1, device_t, loop_control_device_t)
+ filetrans_pattern($1, device_t, lirc_device_t, chr_file, $2)
')
######################################
## <summary>
-## Automatic type transition to the type
-## for lirc device nodes when created in /dev.
+## Read and write the loop-control device.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
#
-interface(`dev_filetrans_lirc',`
+interface(`dev_rw_loop_control',`
gen_require(`
- type device_t, lirc_device_t;
+ type device_t, loop_control_device_t;
')
- filetrans_pattern($1, device_t, lirc_device_t, chr_file, $2)
+ rw_chr_files_pattern($1, device_t, loop_control_device_t)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: e8474f760d33e29a5f8ae81215c33e44cc90d8a6
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Feb 1 13:50:24 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:52:42 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e8474f76
Grant kernel_t necessary permissions for loopback mounts
For loopback mounts to work, the kernel requires access permissions to
fd's passed in by mount and to the source files (labeled mount_loopback_t).
---
policy/modules/kernel/kernel.te | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 1437180..c47eb45 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -287,6 +287,9 @@ files_list_etc(kernel_t)
files_list_home(kernel_t)
files_read_usr_files(kernel_t)
+mount_use_fds(kernel_t)
+mount_read_mount_loopback(kernel_t)
+
mcs_process_set_categories(kernel_t)
mls_process_read_up(kernel_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: d12bed7c1a2136edf8fc856c91d262e1d2725ca5
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Feb 1 13:50:21 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:52:35 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d12bed7c
kernel/devices.if: Add dev_rw_loop_control interface
---
policy/modules/kernel/devices.if | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 58ab7e9..b1c505f 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -2397,6 +2397,24 @@ interface(`dev_rw_lirc',`
######################################
## <summary>
+## Read and write the loop-control device.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_rw_loop_control',`
+ gen_require(`
+ type device_t, loop_control_device_t;
+ ')
+
+ rw_chr_files_pattern($1, device_t, loop_control_device_t)
+')
+
+######################################
+## <summary>
## Automatic type transition to the type
## for lirc device nodes when created in /dev.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: c51b72db7217c4eb8155fd045c30d7a044d1a6e0
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 8 14:42:43 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:51:14 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c51b72db
Move bin_t fc from couchdb to corecommands.
---
policy/modules/kernel/corecommands.fc | 2 ++
policy/modules/kernel/corecommands.te | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index e5d963f..c2db0f5 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -250,6 +250,8 @@ ifdef(`distro_gentoo',`
/usr/lib/xfce4/xfconf/xfconfd -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/xfwm4/helper-dialog -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/couchdb/erlang/lib/couch-[0-9.]+/priv/couchspawnkillable -- gen_context(system_u:object_r:bin_t,s0)
+
/usr/lib/debug/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/debug/sbin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/debug/usr/bin(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index 20c76cf..b0e2fdc 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.18.1)
+policy_module(corecommands, 1.18.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: 3128a73df77853da9fef4ea3bd1f7ab5829d5432
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 8 14:04:18 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:51:13 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3128a73d
Module version bump for files_dontaudit_list_var() interface from Luis Ressel.
---
policy/modules/kernel/files.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 769a7f2..faaaf51 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.18.2)
+policy_module(files, 1.18.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: b00241283ed3b661142287eb001e0a2a81e18d6b
Author: Nicolas Iooss <nicolas.iooss <AT> m4x <DOT> org>
AuthorDate: Thu Jan 30 19:52:37 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:52:30 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b0024128
Label /usr/lib/sudo/sesh as shell_exec_t
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index c2db0f5..9652430 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -239,6 +239,7 @@ ifdef(`distro_gentoo',`
/usr/lib/rpm/rpmq -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/rpm/rpmv -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/sudo/sesh -- gen_context(system_u:object_r:shell_exec_t,s0)
/usr/lib/vte/gnome-pty-helper -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-compose-mail-1 -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/xfce4/exo-1/exo-helper-1 -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: 659d2f225e2b2e274ccb21cd1702dd421fdaec48
Author: Chris PeBenito <pebenito <AT> gentoo <DOT> org>
AuthorDate: Sat Feb 8 14:57:32 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:52:34 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=659d2f22
Module version bump for sesh fc from Nicolas Iooss.
---
policy/modules/kernel/corecommands.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corecommands.te b/policy/modules/kernel/corecommands.te
index b0e2fdc..eabf979 100644
--- a/policy/modules/kernel/corecommands.te
+++ b/policy/modules/kernel/corecommands.te
@@ -1,4 +1,4 @@
-policy_module(corecommands, 1.18.2)
+policy_module(corecommands, 1.18.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-02-09 10:54 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-02-09 10:54 UTC (permalink / raw
To: gentoo-commits
commit: 073a0b3330c5f31fbe0a31f6c0948fc23763e8c1
Author: Luis Ressel <aranea <AT> aixah <DOT> de>
AuthorDate: Sat Feb 1 11:36:49 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Feb 9 10:51:11 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=073a0b33
kernel/files.if: Add files_dontaudit_list_var interface
This is required for an update of the couchdb policy.
---
policy/modules/kernel/files.if | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 74959e8..5cff62e 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -5239,6 +5239,25 @@ interface(`files_list_var',`
########################################
## <summary>
+## Do not audit attempts to list
+## the contents of /var.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`files_dontaudit_list_var',`
+ gen_require(`
+ type var_t;
+ ')
+
+ dontaudit $1 var_t:dir list_dir_perms;
+')
+
+########################################
+## <summary>
## Create, read, write, and delete directories
## in the /var directory.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-01-23 20:00 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-01-23 20:00 UTC (permalink / raw
To: gentoo-commits
commit: fd503e738031c7084c6ccdc8076d44299055388d
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Jan 21 13:52:24 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Thu Jan 23 19:59:28 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=fd503e73
Remove ZFS symlink labeling.
---
policy/modules/kernel/storage.fc | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/storage.fc b/policy/modules/kernel/storage.fc
index 4315bd5..4ba2184 100644
--- a/policy/modules/kernel/storage.fc
+++ b/policy/modules/kernel/storage.fc
@@ -81,7 +81,6 @@ ifdef(`distro_redhat', `
/dev/zfs -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/zpios -c gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
-/dev/zvol(/.*)? -l gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/dev/zd.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
/lib/udev/devices/loop.* -b gen_context(system_u:object_r:fixed_disk_device_t,mls_systemhigh)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2014-01-19 19:01 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2014-01-19 19:01 UTC (permalink / raw
To: gentoo-commits
commit: 04d8dfc736343c9a23530e5971f9048dc57cff2c
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Jan 16 16:19:00 2014 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jan 19 18:50:25 2014 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=04d8dfc7
Merge file_t into unlabeled_t, as they are security equivalent.
---
policy/modules/kernel/files.if | 180 +++++++++++----------------------
policy/modules/kernel/files.te | 12 +--
policy/modules/kernel/kernel.if | 219 +++++++++++++++++++++++++++++++++++++++-
policy/modules/kernel/kernel.te | 11 +-
4 files changed, 288 insertions(+), 134 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 0d735e0..74959e8 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -3190,7 +3190,7 @@ interface(`files_etc_filetrans_etc_runtime',`
########################################
## <summary>
## Getattr of directories on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3199,17 +3199,14 @@ interface(`files_etc_filetrans_etc_runtime',`
## </param>
#
interface(`files_getattr_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:dir getattr;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_getattr_unlabeled_dirs() instead.')
+ kernel_getattr_unlabeled_dirs($1)
')
########################################
## <summary>
## Do not audit attempts to search directories on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3218,17 +3215,14 @@ interface(`files_getattr_isid_type_dirs',`
## </param>
#
interface(`files_dontaudit_search_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- dontaudit $1 file_t:dir search_dir_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_dontaudit_search_unlabeled() instead.')
+ kernel_dontaudit_search_unlabeled($1)
')
########################################
## <summary>
## List the contents of directories on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3237,17 +3231,14 @@ interface(`files_dontaudit_search_isid_type_dirs',`
## </param>
#
interface(`files_list_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:dir list_dir_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_list_unlabeled() instead.')
+ kernel_list_unlabeled($1)
')
########################################
## <summary>
## Read and write directories on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3256,17 +3247,14 @@ interface(`files_list_isid_type_dirs',`
## </param>
#
interface(`files_rw_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:dir rw_dir_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_rw_unlabeled_dirs() instead.')
+ kernel_rw_unlabeled_dirs($1)
')
########################################
## <summary>
## Delete directories on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3275,17 +3263,14 @@ interface(`files_rw_isid_type_dirs',`
## </param>
#
interface(`files_delete_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- delete_dirs_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_dirs() instead.')
+ kernel_delete_unlabeled_dirs($1)
')
########################################
## <summary>
## Create, read, write, and delete directories
-## on new filesystems that have not yet been labeled.
+## on new filesystems that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3294,17 +3279,14 @@ interface(`files_delete_isid_type_dirs',`
## </param>
#
interface(`files_manage_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:dir manage_dir_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_manage_unlabeled_dirs() instead.')
+ kernel_manage_unlabeled_dirs($1)
')
########################################
## <summary>
## Mount a filesystem on a directory on new filesystems
-## that has not yet been labeled.
+## that has not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3313,17 +3295,14 @@ interface(`files_manage_isid_type_dirs',`
## </param>
#
interface(`files_mounton_isid_type_dirs',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:dir { search_dir_perms mounton };
+ refpolicywarn(`$0($*) has been deprecated, use kernel_mounton_unlabeled_dirs() instead.')
+ kernel_mounton_unlabeled_dirs($1)
')
########################################
## <summary>
## Read files on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3332,17 +3311,14 @@ interface(`files_mounton_isid_type_dirs',`
## </param>
#
interface(`files_read_isid_type_files',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:file read_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_read_unlabeled_files() instead.')
+ kernel_read_unlabeled_files($1)
')
########################################
## <summary>
## Delete files on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3351,17 +3327,14 @@ interface(`files_read_isid_type_files',`
## </param>
#
interface(`files_delete_isid_type_files',`
- gen_require(`
- type file_t;
- ')
-
- delete_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_files() instead.')
+ kernel_delete_unlabeled_files($1)
')
########################################
## <summary>
## Delete symbolic links on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3370,17 +3343,14 @@ interface(`files_delete_isid_type_files',`
## </param>
#
interface(`files_delete_isid_type_symlinks',`
- gen_require(`
- type file_t;
- ')
-
- delete_lnk_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_symlinks() instead.')
+ kernel_delete_unlabeled_symlinks($1)
')
########################################
## <summary>
## Delete named pipes on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3389,17 +3359,14 @@ interface(`files_delete_isid_type_symlinks',`
## </param>
#
interface(`files_delete_isid_type_fifo_files',`
- gen_require(`
- type file_t;
- ')
-
- delete_fifo_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_pipes() instead.')
+ kernel_delete_unlabeled_pipes($1)
')
########################################
## <summary>
## Delete named sockets on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3408,17 +3375,14 @@ interface(`files_delete_isid_type_fifo_files',`
## </param>
#
interface(`files_delete_isid_type_sock_files',`
- gen_require(`
- type file_t;
- ')
-
- delete_sock_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_sockets() instead.')
+ kernel_delete_unlabeled_sockets($1)
')
########################################
## <summary>
## Delete block files on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3427,17 +3391,14 @@ interface(`files_delete_isid_type_sock_files',`
## </param>
#
interface(`files_delete_isid_type_blk_files',`
- gen_require(`
- type file_t;
- ')
-
- delete_blk_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_blk_files() instead.')
+ kernel_delete_unlabeled_blk_files($1)
')
########################################
## <summary>
## Do not audit attempts to write to character
-## files that have not yet been labeled.
+## files that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3446,17 +3407,14 @@ interface(`files_delete_isid_type_blk_files',`
## </param>
#
interface(`files_dontaudit_write_isid_chr_files',`
- gen_require(`
- type file_t;
- ')
-
- dontaudit $1 file_t:chr_file write;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_dontaudit_write_unlabeled_chr_files() instead.')
+ kernel_dontaudit_write_unlabeled_chr_files($1)
')
########################################
## <summary>
## Delete chr files on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3465,17 +3423,14 @@ interface(`files_dontaudit_write_isid_chr_files',`
## </param>
#
interface(`files_delete_isid_type_chr_files',`
- gen_require(`
- type file_t;
- ')
-
- delete_chr_files_pattern($1, file_t, file_t)
+ refpolicywarn(`$0($*) has been deprecated, use kernel_delete_unlabeled_chr_files() instead.')
+ kernel_delete_unlabeled_chr_files($1)
')
########################################
## <summary>
## Create, read, write, and delete files
-## on new filesystems that have not yet been labeled.
+## on new filesystems that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3484,17 +3439,14 @@ interface(`files_delete_isid_type_chr_files',`
## </param>
#
interface(`files_manage_isid_type_files',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:file manage_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_manage_unlabeled_files() instead.')
+ kernel_manage_unlabeled_files($1)
')
########################################
## <summary>
## Create, read, write, and delete symbolic links
-## on new filesystems that have not yet been labeled.
+## on new filesystems that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3503,17 +3455,14 @@ interface(`files_manage_isid_type_files',`
## </param>
#
interface(`files_manage_isid_type_symlinks',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:lnk_file manage_lnk_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_manage_unlabeled_symlinks() instead.')
+ kernel_manage_unlabeled_symlinks($1)
')
########################################
## <summary>
## Read and write block device nodes on new filesystems
-## that have not yet been labeled.
+## that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3522,17 +3471,14 @@ interface(`files_manage_isid_type_symlinks',`
## </param>
#
interface(`files_rw_isid_type_blk_files',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:blk_file rw_blk_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_rw_unlabeled_blk_files() instead.')
+ kernel_rw_unlabeled_blk_files($1)
')
########################################
## <summary>
## Create, read, write, and delete block device nodes
-## on new filesystems that have not yet been labeled.
+## on new filesystems that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3541,17 +3487,14 @@ interface(`files_rw_isid_type_blk_files',`
## </param>
#
interface(`files_manage_isid_type_blk_files',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:blk_file manage_blk_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_manage_unlabeled_blk_files() instead.')
+ kernel_manage_unlabeled_blk_files($1)
')
########################################
## <summary>
## Create, read, write, and delete character device nodes
-## on new filesystems that have not yet been labeled.
+## on new filesystems that have not yet been labeled. (Deprecated)
## </summary>
## <param name="domain">
## <summary>
@@ -3560,11 +3503,8 @@ interface(`files_manage_isid_type_blk_files',`
## </param>
#
interface(`files_manage_isid_type_chr_files',`
- gen_require(`
- type file_t;
- ')
-
- allow $1 file_t:chr_file manage_chr_file_perms;
+ refpolicywarn(`$0($*) has been deprecated, use kernel_manage_unlabeled_chr_files() instead.')
+ kernel_manage_unlabeled_chr_files($1)
')
########################################
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 1a03abd..769a7f2 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.18.1)
+policy_module(files, 1.18.2)
########################################
#
@@ -75,16 +75,6 @@ files_type(etc_runtime_t)
typealias etc_runtime_t alias firstboot_rw_t;
#
-# file_t is the default type of a file that has not yet been
-# assigned an extended attribute (EA) value (when using a filesystem
-# that supports EAs).
-#
-type file_t;
-files_mountpoint(file_t)
-kernel_rootfs_mountpoint(file_t)
-sid file gen_context(system_u:object_r:file_t,s0)
-
-#
# home_root_t is the type for the directory where user home directories
# are created
#
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 54f1b0b..18cef42 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2282,6 +2282,42 @@ interface(`kernel_sigchld_unlabeled',`
########################################
## <summary>
+## Get the attributes of unlabeled directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_getattr_unlabeled_dirs',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:dir getattr_dir_perms;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to search unlabeled directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`kernel_dontaudit_search_unlabeled',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ dontaudit $1 unlabeled_t:dir search_dir_perms;
+')
+
+########################################
+## <summary>
## List unlabeled directories.
## </summary>
## <param name="domain">
@@ -2356,6 +2392,78 @@ interface(`kernel_rw_unlabeled_dirs',`
########################################
## <summary>
+## Delete unlabeled directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_dirs',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:dir delete_dir_perms;
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete unlabeled directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_manage_unlabeled_dirs',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:dir manage_dir_perms;
+')
+
+########################################
+## <summary>
+## Mount a filesystem on an unlabeled directory.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_mounton_unlabeled_dirs',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:dir { search_dir_perms mounton };
+')
+
+########################################
+## <summary>
+## Read unlabeled files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_read_unlabeled_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:file read_file_perms;
+')
+
+########################################
+## <summary>
## Read and write unlabeled files.
## </summary>
## <param name="domain">
@@ -2374,6 +2482,42 @@ interface(`kernel_rw_unlabeled_files',`
########################################
## <summary>
+## Delete unlabeled files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_delete_unlabeled_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:file delete_file_perms;
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete unlabeled files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_manage_unlabeled_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:file manage_file_perms;
+')
+
+########################################
+## <summary>
## Do not audit attempts by caller to get the
## attributes of an unlabeled file.
## </summary>
@@ -2412,6 +2556,24 @@ interface(`kernel_dontaudit_read_unlabeled_files',`
########################################
## <summary>
+## Create, read, write, and delete unlabeled symbolic links.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_manage_unlabeled_symlinks',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:lnk_file manage_lnk_file_perms;
+')
+
+########################################
+## <summary>
## Do not audit attempts by caller to get the
## attributes of unlabeled symbolic links.
## </summary>
@@ -2501,7 +2663,25 @@ interface(`kernel_rw_unlabeled_blk_files',`
type unlabeled_t;
')
- allow $1 unlabeled_t:blk_file getattr;
+ allow $1 unlabeled_t:blk_file rw_blk_file_perms;
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete unlabeled block device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_manage_unlabeled_blk_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:blk_file manage_blk_file_perms;
')
########################################
@@ -2525,6 +2705,43 @@ interface(`kernel_dontaudit_getattr_unlabeled_chr_files',`
########################################
## <summary>
+## Do not audit attempts to
+## write unlabeled character devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+#
+interface(`kernel_dontaudit_write_unlabeled_chr_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ dontaudit $1 unlabeled_t:file write;
+')
+
+########################################
+## <summary>
+## Create, read, write, and delete unlabeled character device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_manage_unlabeled_chr_files',`
+ gen_require(`
+ type unlabeled_t;
+ ')
+
+ allow $1 unlabeled_t:chr_file manage_chr_file_perms;
+')
+
+########################################
+## <summary>
## Allow caller to relabel unlabeled directories.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index a39d803..1437180 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.17.2)
+policy_module(kernel, 1.17.3)
########################################
#
@@ -162,8 +162,15 @@ genfscon proc /sys/dev gen_context(system_u:object_r:sysctl_dev_t,s0)
# Objects that have no known labeling information or that
# have labels that are no longer valid are treated as having this type.
#
-type unlabeled_t;
+# Mountpoint permissions are for the case when a file has been assigned
+# an extended attribute for the first time (old file_t). Directories
+# where filesystems are mounted may never get relabeled.
+#
+type unlabeled_t alias file_t;
+kernel_rootfs_mountpoint(unlabeled_t)
+files_mountpoint(unlabeled_t)
fs_associate(unlabeled_t)
+sid file gen_context(system_u:object_r:unlabeled_t,s0)
sid unlabeled gen_context(system_u:object_r:unlabeled_t,mls_systemhigh)
# These initial sids are no longer used, and can be removed:
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-12-06 17:33 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-12-06 17:33 UTC (permalink / raw
To: gentoo-commits
commit: cb5ce73052e31e60c35345999387321e9b4fc769
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Sat Nov 9 09:45:14 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Dec 6 17:30:13 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=cb5ce730
kernel: cryptomgr_test (kernel_t) requests kernel to load cryptd(__driver-ecb-aes-aesni
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/kernel.te | 2 ++
1 file changed, 2 insertions(+)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index dd7648a..ab4d21f 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -228,6 +228,8 @@ allow kernel_t unlabeled_t:dir mounton;
# connections with invalidated labels:
allow kernel_t unlabeled_t:packet send;
+kernel_request_load_module(kernel_t)
+
# Allow unlabeled network traffic
allow unlabeled_t unlabeled_t:packet { forward_in forward_out };
corenet_in_generic_if(unlabeled_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-11-03 11:19 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-11-03 11:19 UTC (permalink / raw
To: gentoo-commits
commit: 79328a8d79780d669e3830e6b9e7bac81ce89727
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Nov 3 11:12:11 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Nov 3 11:12:11 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=79328a8d
Add relabel interfaces for bin_t dir and lnk_files
These interfaces will be used later by the portage_t domain.
---
policy/modules/kernel/corecommands.if | 38 +++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
index 9e9263a..917b160 100644
--- a/policy/modules/kernel/corecommands.if
+++ b/policy/modules/kernel/corecommands.if
@@ -1091,3 +1091,41 @@ interface(`corecmd_mmap_all_executables',`
mmap_files_pattern($1, bin_t, exec_type)
')
+
+# Now starts gentoo specific but cannot use ifdef_distro gentoo here
+
+########################################
+## <summary>
+## Relabel to and from the bin type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corecmd_relabel_bin_dirs',`
+ gen_require(`
+ type bin_t;
+ ')
+
+ relabel_dirs_pattern($1, bin_t, bin_t)
+')
+
+########################################
+## <summary>
+## Relabel to and from the bin type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corecmd_relabel_bin_lnk_files',`
+ gen_require(`
+ type bin_t;
+ ')
+
+ relabel_lnk_files_pattern($1, bin_t, bin_t)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: d20d55d0808e1d71bb96df2646bc5805dd30f750
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Sep 27 13:25:06 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:25:06 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d20d55d0
Fix warning upon patch
While applying the change to terminal.if, the following warning was
given:
Applying: Initial virtio console device
/home/swift/Development/Centralized/hardened-refpolicy/.git/rebase-apply/patch:57:
new blank line at EOF.
+
warning: 1 line adds whitespace errors.
Hopefully fixing potential issues with this whitespace commit.
---
policy/modules/kernel/terminal.if | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index cbb729b..9f6d7c3 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -1531,3 +1531,4 @@ interface(`term_use_virtio_console',`
dev_list_all_dev_nodes($1)
allow $1 virtio_device_t:chr_file rw_term_perms;
')
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: d0cd1eda5429f9c47ebc1b0f16c8f072b3f875c9
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Sep 26 14:28:24 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:23:11 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d0cd1eda
Whitespace fix in terminal.te.
---
policy/modules/kernel/terminal.te | 1 -
1 file changed, 1 deletion(-)
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index a4c9998..18d0f0b 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -59,4 +59,3 @@ dev_node(usbtty_device_t)
type virtio_device_t, serial_device;
dev_node(virtio_device_t)
-
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: 2a24834357b1bff8a98b7aeabfd2f18425810109
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Sep 26 14:28:55 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:23:20 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2a248343
Module version bump for virtio console from Dominick Grift.
---
policy/modules/kernel/terminal.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index 18d0f0b..66e116a 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -1,4 +1,4 @@
-policy_module(terminal, 1.11.0)
+policy_module(terminal, 1.11.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: 91cc19ae017b405774446edb7d9baf56def70095
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Tue Sep 24 13:40:24 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:23:24 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=91cc19ae
corecmd: avahi-daemon executes /usr/lib/avahi/avahi-daemon-check-dns.sh
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/corecommands.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 0b6bbcc..e5d963f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -201,6 +201,7 @@ ifdef(`distro_gentoo',`
/usr/(.*/)?sbin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib(.*/)?sbin(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/avahi/avahi-daemon-check-dns\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ccache/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/fence(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/pgsql/test/regress/.*\.sh -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: 5a90d99532c94d6a1978b7f9fbb1704d723b87b5
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Tue Sep 24 13:39:56 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:22:57 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=5a90d995
Initial virtio console device
Also known as 'vmchannel', a transport mechanism is needed for
communication between the host userspace and guest userspace for
achieving things like making clipboard copy/paste work seamlessly across
the host and guest, locking the guest screen in case the vnc session to
the guest is closed and so on. This can be used in offline cases as
well, for example with libguestfs to probe which file systems the guest
uses, the apps installed, etc.
Virtio-serial is just the transport protocol that will enable such
applications to be written. It has two parts: (a) device emulation in
qemu that presents a virtio-pci device to the guest and (b) a guest
driver that presents a char device interface to userspace applications.
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/terminal.fc | 1 +
policy/modules/kernel/terminal.if | 19 +++++++++++++++++++
policy/modules/kernel/terminal.te | 4 ++++
3 files changed, 24 insertions(+)
diff --git a/policy/modules/kernel/terminal.fc b/policy/modules/kernel/terminal.fc
index 7d45d15..0ea25b6 100644
--- a/policy/modules/kernel/terminal.fc
+++ b/policy/modules/kernel/terminal.fc
@@ -19,6 +19,7 @@
/dev/slamr[0-9]+ -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/tty -c gen_context(system_u:object_r:devtty_t,s0)
/dev/ttySG.* -c gen_context(system_u:object_r:tty_device_t,s0)
+/dev/vport[0-9]p[0-9]+ -c gen_context(system_u:object_r:virtio_device_t,s0)
/dev/xvc[^/]* -c gen_context(system_u:object_r:tty_device_t,s0)
/dev/pty/.* -c gen_context(system_u:object_r:bsdpty_device_t,s0)
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 771bce1..cbb729b 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -1512,3 +1512,22 @@ interface(`term_dontaudit_use_all_user_ttys',`
refpolicywarn(`$0() is deprecated, use term_dontaudit_use_all_ttys() instead.')
term_dontaudit_use_all_ttys($1)
')
+
+#####################################
+## <summary>
+## Read from and write virtio console.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`term_use_virtio_console',`
+ gen_require(`
+ type virtio_device_t;
+ ')
+
+ dev_list_all_dev_nodes($1)
+ allow $1 virtio_device_t:chr_file rw_term_perms;
+')
diff --git a/policy/modules/kernel/terminal.te b/policy/modules/kernel/terminal.te
index 224e500..a4c9998 100644
--- a/policy/modules/kernel/terminal.te
+++ b/policy/modules/kernel/terminal.te
@@ -56,3 +56,7 @@ dev_node(tty_device_t)
#
type usbtty_device_t, serial_device;
dev_node(usbtty_device_t)
+
+type virtio_device_t, serial_device;
+dev_node(virtio_device_t)
+
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: e9939fc49c85fedc26d9bfae8a50bd4cd3e684fb
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Sep 26 13:52:37 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:22:38 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e9939fc4
Module version bump for selinuxfs location change from Dominick Grift.
---
policy/modules/kernel/selinux.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/selinux.te b/policy/modules/kernel/selinux.te
index 522ab32..e0a973b 100644
--- a/policy/modules/kernel/selinux.te
+++ b/policy/modules/kernel/selinux.te
@@ -1,4 +1,4 @@
-policy_module(selinux, 1.12.0)
+policy_module(selinux, 1.12.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 13:27 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 13:27 UTC (permalink / raw
To: gentoo-commits
commit: 4455484d09c0509e1ff5f7124131d087b39a73aa
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Tue Sep 24 13:40:34 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 13:22:36 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=4455484d
selinux: selinuxfs is now mounted under /sys/fs/selinux instead of /selinux, so we need to allow domains that use selinuxfs to interface with SELinux to traverse /sys/fs to be able to get to /sys/fs/selinux
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/selinux.if | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index ced3220..c5b9bd0 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -233,6 +233,7 @@ interface(`selinux_search_fs',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir search_dir_perms;
')
@@ -291,6 +292,7 @@ interface(`selinux_get_enforce_mode',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file read_file_perms;
')
@@ -324,6 +326,7 @@ interface(`selinux_set_enforce_mode',`
bool secure_mode_policyload;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
typeattribute $1 can_setenforce;
@@ -355,6 +358,7 @@ interface(`selinux_load_policy',`
bool secure_mode_policyload;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
typeattribute $1 can_load_policy;
@@ -384,6 +388,7 @@ interface(`selinux_read_policy',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file read_file_perms;
allow $1 security_t:security read_policy;
@@ -448,6 +453,8 @@ interface(`selinux_set_generic_booleans',`
type security_t;
')
+ dev_search_sysfs($1)
+
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
@@ -488,6 +495,8 @@ interface(`selinux_set_all_booleans',`
bool secure_mode_policyload;
')
+ dev_search_sysfs($1)
+
allow $1 security_t:dir list_dir_perms;
allow $1 { boolean_type -secure_mode_policyload_t }:file rw_file_perms;
allow $1 secure_mode_policyload_t:file read_file_perms;
@@ -532,6 +541,7 @@ interface(`selinux_set_parameters',`
attribute can_setsecparam;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security setsecparam;
@@ -555,6 +565,7 @@ interface(`selinux_validate_context',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security check_context;
@@ -597,6 +608,7 @@ interface(`selinux_compute_access_vector',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_av;
@@ -618,6 +630,7 @@ interface(`selinux_compute_create_context',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_create;
@@ -639,6 +652,7 @@ interface(`selinux_compute_member',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_member;
@@ -668,6 +682,7 @@ interface(`selinux_compute_relabel_context',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_relabel;
@@ -688,6 +703,7 @@ interface(`selinux_compute_user_contexts',`
type security_t;
')
+ dev_search_sysfs($1)
allow $1 security_t:dir list_dir_perms;
allow $1 security_t:file rw_file_perms;
allow $1 security_t:security compute_user;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-27 6:50 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-27 6:50 UTC (permalink / raw
To: gentoo-commits
commit: e00380516991292e932fd17a63ff0118062a8b3a
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Sep 27 06:49:04 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Fri Sep 27 06:49:04 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e0038051
Add interface to dontaudit name_connect on unreserved ports
---
policy/modules/kernel/corenetwork.if.in | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/policy/modules/kernel/corenetwork.if.in b/policy/modules/kernel/corenetwork.if.in
index 07126bd..a1d5b6a 100644
--- a/policy/modules/kernel/corenetwork.if.in
+++ b/policy/modules/kernel/corenetwork.if.in
@@ -1900,6 +1900,25 @@ interface(`corenet_tcp_connect_all_reserved_ports',`
########################################
## <summary>
+## Do not audit connect attempts to TCP sockets on
+## ports greater than 1024.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain not to audit access to.
+## </summary>
+## </param>
+#
+interface(`corenet_dontaudit_tcp_connect_all_unreserved_ports',`
+ gen_require(`
+ attribute unreserved_port_type;
+ ')
+
+ dontaudit $1 unreserved_port_type:tcp_socket name_connect;
+')
+
+########################################
+## <summary>
## Connect TCP sockets to all ports > 1024.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-24 17:10 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-24 17:10 UTC (permalink / raw
To: gentoo-commits
commit: 00db469908ff5a63f491bc00f0344826c8460d8f
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Sep 23 19:47:00 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Sep 24 13:39:17 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=00db4699
Module version bump for redis port from Dominick Grift.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 485f6a7..6f5dd53 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.19.0)
+policy_module(corenetwork, 1.19.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-24 17:10 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-24 17:10 UTC (permalink / raw
To: gentoo-commits
commit: a5e27330f5d49474151e24edbf3d67b1e6cb2faf
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Wed Sep 11 08:53:08 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Sep 24 13:39:12 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a5e27330
Initial pstore support
Generic interface to platform dependent persistent storage
https://www.kernel.org/doc/Documentation/ABI/testing/pstore
This basically works pretty much the same as cgroup file systems from a
SELinux perspective
Make sure that the installed /sys/fs/pstore directory is labeled
properly so that the pstore file system can be mounted on that
I also removed the files_type() calls as they are duplicate (it is
already called in files_mountpoint)
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/filesystem.fc | 8 +++++---
policy/modules/kernel/filesystem.te | 9 +++++++--
2 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
index 3d67e80..d7c11a0 100644
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@ -11,9 +11,11 @@
/lib/udev/devices/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
/lib/udev/devices/shm/.* <<none>>
-# for systemd systems:
-/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
-/sys/fs/cgroup/.* <<none>>
+/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
+/sys/fs/cgroup/.* <<none>>
+
+/sys/fs/pstore -d gen_context(system_u:object_r:pstore_t,s0)
+/sys/fs/pstore/.* <<none>>
ifdef(`distro_debian',`
/var/run/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 9949d77..4c86c4f 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -71,9 +71,8 @@ genfscon capifs / gen_context(system_u:object_r:capifs_t,s0)
type cgroup_t;
fs_type(cgroup_t)
-files_type(cgroup_t)
files_mountpoint(cgroup_t)
-dev_associate_sysfs(cgroup_t) # only for systemd systems
+dev_associate_sysfs(cgroup_t)
genfscon cgroup / gen_context(system_u:object_r:cgroup_t,s0)
type configfs_t;
@@ -126,6 +125,12 @@ type oprofilefs_t;
fs_type(oprofilefs_t)
genfscon oprofilefs / gen_context(system_u:object_r:oprofilefs_t,s0)
+type pstore_t;
+fs_type(pstore_t)
+files_mountpoint(pstore_t)
+dev_associate_sysfs(pstore_t)
+genfscon pstore / gen_context(system_u:object_r:pstore_t,s0)
+
type ramfs_t;
fs_type(ramfs_t)
files_mountpoint(ramfs_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-24 17:10 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-24 17:10 UTC (permalink / raw
To: gentoo-commits
commit: a958485f40ed5426f9b2e5fe8e4d8c1a18728f8e
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Sep 23 18:41:03 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Sep 24 13:39:14 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a958485f
Module version bump for pstore filesystem support from Dominick Grift.
---
policy/modules/kernel/filesystem.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 4c86c4f..85f0738 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.17.0)
+policy_module(filesystem, 1.17.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-09-24 17:10 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-09-24 17:10 UTC (permalink / raw
To: gentoo-commits
commit: 3ed01ba58f8bb05cb12fef93e88e33997c875527
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Fri Sep 20 07:50:53 2013 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Tue Sep 24 13:39:16 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3ed01ba5
Support redis port tcp,6379
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 0bdd1d5..485f6a7 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -223,6 +223,7 @@ network_port(radacct, udp,1646,s0, udp,1813,s0)
network_port(radius, udp,1645,s0, udp,1812,s0)
network_port(radsec, tcp,2083,s0)
network_port(razor, tcp,2703,s0)
+network_port(redis, tcp,6379,s0)
network_port(repository, tcp, 6363, s0)
network_port(ricci, tcp,11111,s0, udp,11111,s0)
network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-08-15 17:23 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-08-15 17:23 UTC (permalink / raw
To: gentoo-commits
commit: 023490ef698dfe40bf7e3dbecca785ffa43f11f2
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 15 17:10:52 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Aug 15 17:10:52 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=023490ef
Adding files_read_src_files
In order for the depmod command (now linked with kmod and thus running in
insmod_t) to handle System.map file (and other files residing in /usr/src and
needed during the "make modules_install" phase of a kernel build) we need it to
grant read rights to src_t.
Start with defining the interface.
See also bug #428322
---
policy/modules/kernel/files.if | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index a8663b5..a544f27 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6641,3 +6641,23 @@ interface(`files_unconfined',`
typeattribute $1 files_unconfined_type;
')
+
+# should be in an ifdef distro_gentoo but cannot do so for interfaces
+
+#########################################
+## <summary>
+## Read usr/src files
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+#
+interface(`files_read_src_files',`
+ gen_require(`
+ type src_t;
+ ')
+
+ read_files_pattern($1, src_t, src_t)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-08-15 9:22 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-08-15 9:22 UTC (permalink / raw
To: gentoo-commits
commit: 276491ad8cea1a717faf1a318c5d29085d65385a
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Aug 15 09:16:32 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Aug 15 09:16:32 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=276491ad
Ran make generate to update interfaces for corenetwork
---
policy/modules/kernel/corenetwork.if | 443 +++++++++++++++++++++++++++++++++++
policy/modules/kernel/corenetwork.te | 396 ++++++++++++++++++++++++++++++-
2 files changed, 834 insertions(+), 5 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 89c4c59..5b6fef3 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -87312,6 +87312,449 @@ interface(`corenet_relabelto_trisoap_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ dontaudit $1 trivnet1_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ dontaudit $1 trivnet1_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_trivnet1_port',`
+ corenet_udp_send_trivnet1_port($1)
+ corenet_udp_receive_trivnet1_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_trivnet1_port',`
+ corenet_dontaudit_udp_send_trivnet1_port($1)
+ corenet_dontaudit_udp_receive_trivnet1_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the trivnet1 port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_trivnet1_port',`
+ gen_require(`
+ type trivnet1_port_t;
+ ')
+
+ allow $1 trivnet1_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_trivnet1_client_packets',`
+ gen_require(`
+ type trivnet1_client_packet_t;
+ ')
+
+ allow $1 trivnet1_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_trivnet1_client_packets',`
+ gen_require(`
+ type trivnet1_client_packet_t;
+ ')
+
+ dontaudit $1 trivnet1_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_trivnet1_client_packets',`
+ gen_require(`
+ type trivnet1_client_packet_t;
+ ')
+
+ allow $1 trivnet1_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_trivnet1_client_packets',`
+ gen_require(`
+ type trivnet1_client_packet_t;
+ ')
+
+ dontaudit $1 trivnet1_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_trivnet1_client_packets',`
+ corenet_send_trivnet1_client_packets($1)
+ corenet_receive_trivnet1_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive trivnet1_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_trivnet1_client_packets',`
+ corenet_dontaudit_send_trivnet1_client_packets($1)
+ corenet_dontaudit_receive_trivnet1_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to trivnet1_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_trivnet1_client_packets',`
+ gen_require(`
+ type trivnet1_client_packet_t;
+ ')
+
+ allow $1 trivnet1_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_trivnet1_server_packets',`
+ gen_require(`
+ type trivnet1_server_packet_t;
+ ')
+
+ allow $1 trivnet1_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_trivnet1_server_packets',`
+ gen_require(`
+ type trivnet1_server_packet_t;
+ ')
+
+ dontaudit $1 trivnet1_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_trivnet1_server_packets',`
+ gen_require(`
+ type trivnet1_server_packet_t;
+ ')
+
+ allow $1 trivnet1_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_trivnet1_server_packets',`
+ gen_require(`
+ type trivnet1_server_packet_t;
+ ')
+
+ dontaudit $1 trivnet1_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_trivnet1_server_packets',`
+ corenet_send_trivnet1_server_packets($1)
+ corenet_receive_trivnet1_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive trivnet1_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_trivnet1_server_packets',`
+ corenet_dontaudit_send_trivnet1_server_packets($1)
+ corenet_dontaudit_receive_trivnet1_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to trivnet1_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_trivnet1_server_packets',`
+ gen_require(`
+ type trivnet1_server_packet_t;
+ ')
+
+ allow $1 trivnet1_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the ups port.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/corenetwork.te b/policy/modules/kernel/corenetwork.te
index a5276af..83cdee2 100644
--- a/policy/modules/kernel/corenetwork.te
+++ b/policy/modules/kernel/corenetwork.te
@@ -2,7 +2,7 @@
# This is a generated file! Instead of modifying this file, the
# corenetwork.te.in or corenetwork.te.m4 file should be modified.
#
-policy_module(corenetwork, 1.18.0)
+policy_module(corenetwork, 1.19.0)
########################################
#
@@ -115,6 +115,14 @@ typeattribute afs_vl_port_t unreserved_port_type;
portcon udp 7003 gen_context(system_u:object_r:afs_vl_port_t,s0)
+type afs3_callback_port_t, port_type, defined_port_type;
+type afs3_callback_client_packet_t, packet_type, client_packet_type;
+type afs3_callback_server_packet_t, packet_type, server_packet_type;
+typeattribute afs3_callback_port_t unreserved_port_type;
+portcon tcp 7001 gen_context(system_u:object_r:afs3_callback_port_t,s0)
+portcon udp 7001 gen_context(system_u:object_r:afs3_callback_port_t,s0)
+
+
type agentx_port_t, port_type, defined_port_type;
type agentx_client_packet_t, packet_type, client_packet_type;
type agentx_server_packet_t, packet_type, server_packet_type;
@@ -170,6 +178,23 @@ portcon tcp 3551 gen_context(system_u:object_r:apcupsd_port_t,s0)
portcon udp 3551 gen_context(system_u:object_r:apcupsd_port_t,s0)
+type apertus_ldp_port_t, port_type, defined_port_type;
+type apertus_ldp_client_packet_t, packet_type, client_packet_type;
+type apertus_ldp_server_packet_t, packet_type, server_packet_type;
+typeattribute apertus_ldp_port_t reserved_port_type;
+typeattribute apertus_ldp_port_t rpc_port_type;
+portcon tcp 539 gen_context(system_u:object_r:apertus_ldp_port_t,s0)
+portcon udp 539 gen_context(system_u:object_r:apertus_ldp_port_t,s0)
+
+
+type armtechdaemon_port_t, port_type, defined_port_type;
+type armtechdaemon_client_packet_t, packet_type, client_packet_type;
+type armtechdaemon_server_packet_t, packet_type, server_packet_type;
+typeattribute armtechdaemon_port_t unreserved_port_type;
+portcon tcp 9292 gen_context(system_u:object_r:armtechdaemon_port_t,s0)
+portcon udp 9292 gen_context(system_u:object_r:armtechdaemon_port_t,s0)
+
+
type asterisk_port_t, port_type, defined_port_type;
type asterisk_client_packet_t, packet_type, client_packet_type;
type asterisk_server_packet_t, packet_type, server_packet_type;
@@ -211,6 +236,14 @@ typeattribute boinc_port_t unreserved_port_type;
portcon tcp 31416 gen_context(system_u:object_r:boinc_port_t,s0)
+type boinc_client_port_t, port_type, defined_port_type;
+type boinc_client_client_packet_t, packet_type, client_packet_type;
+type boinc_client_server_packet_t, packet_type, server_packet_type;
+typeattribute boinc_client_port_t unreserved_port_type;
+portcon tcp 1043 gen_context(system_u:object_r:boinc_client_port_t,s0)
+portcon udp 1034 gen_context(system_u:object_r:boinc_client_port_t,s0)
+
+
type biff_port_t, port_type, defined_port_type;
type biff_client_packet_t, packet_type, client_packet_type;
type biff_server_packet_t, packet_type, server_packet_type;
@@ -255,6 +288,14 @@ portcon tcp 50006-50008 gen_context(system_u:object_r:cluster_port_t,s0)
portcon udp 50006-50008 gen_context(system_u:object_r:cluster_port_t,s0)
+type cma_port_t, port_type, defined_port_type;
+type cma_client_packet_t, packet_type, client_packet_type;
+type cma_server_packet_t, packet_type, server_packet_type;
+typeattribute cma_port_t unreserved_port_type;
+portcon tcp 1050 gen_context(system_u:object_r:cma_port_t,s0)
+portcon udp 1050 gen_context(system_u:object_r:cma_port_t,s0)
+
+
type cobbler_port_t, port_type, defined_port_type;
type cobbler_client_packet_t, packet_type, client_packet_type;
type cobbler_server_packet_t, packet_type, server_packet_type;
@@ -262,6 +303,22 @@ typeattribute cobbler_port_t unreserved_port_type;
portcon tcp 25151 gen_context(system_u:object_r:cobbler_port_t,s0)
+type commplex_link_port_t, port_type, defined_port_type;
+type commplex_link_client_packet_t, packet_type, client_packet_type;
+type commplex_link_server_packet_t, packet_type, server_packet_type;
+typeattribute commplex_link_port_t unreserved_port_type;
+portcon tcp 5001 gen_context(system_u:object_r:commplex_link_port_t,s0)
+portcon udp 5001 gen_context(system_u:object_r:commplex_link_port_t,s0)
+
+
+type commplex_main_port_t, port_type, defined_port_type;
+type commplex_main_client_packet_t, packet_type, client_packet_type;
+type commplex_main_server_packet_t, packet_type, server_packet_type;
+typeattribute commplex_main_port_t unreserved_port_type;
+portcon tcp 5000 gen_context(system_u:object_r:commplex_main_port_t,s0)
+portcon udp 5000 gen_context(system_u:object_r:commplex_main_port_t,s0)
+
+
type comsat_port_t, port_type, defined_port_type;
type comsat_client_packet_t, packet_type, client_packet_type;
type comsat_server_packet_t, packet_type, server_packet_type;
@@ -270,6 +327,38 @@ typeattribute comsat_port_t rpc_port_type;
portcon udp 512 gen_context(system_u:object_r:comsat_port_t,s0)
+type condor_port_t, port_type, defined_port_type;
+type condor_client_packet_t, packet_type, client_packet_type;
+type condor_server_packet_t, packet_type, server_packet_type;
+typeattribute condor_port_t unreserved_port_type;
+portcon tcp 9618 gen_context(system_u:object_r:condor_port_t,s0)
+portcon udp 9618 gen_context(system_u:object_r:condor_port_t,s0)
+
+
+type couchdb_port_t, port_type, defined_port_type;
+type couchdb_client_packet_t, packet_type, client_packet_type;
+type couchdb_server_packet_t, packet_type, server_packet_type;
+typeattribute couchdb_port_t unreserved_port_type;
+portcon tcp 5984 gen_context(system_u:object_r:couchdb_port_t,s0)
+portcon udp 5984 gen_context(system_u:object_r:couchdb_port_t,s0)
+
+
+type cslistener_port_t, port_type, defined_port_type;
+type cslistener_client_packet_t, packet_type, client_packet_type;
+type cslistener_server_packet_t, packet_type, server_packet_type;
+typeattribute cslistener_port_t unreserved_port_type;
+portcon tcp 9000 gen_context(system_u:object_r:cslistener_port_t,s0)
+portcon udp 9000 gen_context(system_u:object_r:cslistener_port_t,s0)
+
+
+type ctdb_port_t, port_type, defined_port_type;
+type ctdb_client_packet_t, packet_type, client_packet_type;
+type ctdb_server_packet_t, packet_type, server_packet_type;
+typeattribute ctdb_port_t unreserved_port_type;
+portcon tcp 4379 gen_context(system_u:object_r:ctdb_port_t,s0)
+portcon udp 4397 gen_context(system_u:object_r:ctdb_port_t,s0)
+
+
type cvs_port_t, port_type, defined_port_type;
type cvs_client_packet_t, packet_type, client_packet_type;
type cvs_server_packet_t, packet_type, server_packet_type;
@@ -328,6 +417,8 @@ portcon udp 68 gen_context(system_u:object_r:dhcpc_port_t,s0)
portcon tcp 68 gen_context(system_u:object_r:dhcpc_port_t,s0)
portcon udp 546 gen_context(system_u:object_r:dhcpc_port_t,s0)
portcon tcp 546 gen_context(system_u:object_r:dhcpc_port_t,s0)
+portcon udp 5546 gen_context(system_u:object_r:dhcpc_port_t,s0)
+portcon tcp 5546 gen_context(system_u:object_r:dhcpc_port_t,s0)
type dhcpd_port_t, port_type, defined_port_type;
@@ -365,8 +456,24 @@ type dns_port_t, port_type, defined_port_type;
type dns_client_packet_t, packet_type, client_packet_type;
type dns_server_packet_t, packet_type, server_packet_type;
typeattribute dns_port_t reserved_port_type;
-portcon udp 53 gen_context(system_u:object_r:dns_port_t,s0)
portcon tcp 53 gen_context(system_u:object_r:dns_port_t,s0)
+portcon udp 53 gen_context(system_u:object_r:dns_port_t,s0)
+
+
+type efs_port_t, port_type, defined_port_type;
+type efs_client_packet_t, packet_type, client_packet_type;
+type efs_server_packet_t, packet_type, server_packet_type;
+typeattribute efs_port_t reserved_port_type;
+typeattribute efs_port_t rpc_port_type;
+portcon tcp 520 gen_context(system_u:object_r:efs_port_t,s0)
+
+
+type embrace_dp_c_port_t, port_type, defined_port_type;
+type embrace_dp_c_client_packet_t, packet_type, client_packet_type;
+type embrace_dp_c_server_packet_t, packet_type, server_packet_type;
+typeattribute embrace_dp_c_port_t unreserved_port_type;
+portcon tcp 3198 gen_context(system_u:object_r:embrace_dp_c_port_t,s0)
+portcon udp 3198 gen_context(system_u:object_r:embrace_dp_c_port_t,s0)
type epmap_port_t, port_type, defined_port_type;
@@ -377,6 +484,14 @@ portcon tcp 135 gen_context(system_u:object_r:epmap_port_t,s0)
portcon udp 135 gen_context(system_u:object_r:epmap_port_t,s0)
+type epmd_port_t, port_type, defined_port_type;
+type epmd_client_packet_t, packet_type, client_packet_type;
+type epmd_server_packet_t, packet_type, server_packet_type;
+typeattribute epmd_port_t unreserved_port_type;
+portcon tcp 4369 gen_context(system_u:object_r:epmd_port_t,s0)
+portcon udp 4369 gen_context(system_u:object_r:epmd_port_t,s0)
+
+
type fingerd_port_t, port_type, defined_port_type;
type fingerd_client_packet_t, packet_type, client_packet_type;
type fingerd_server_packet_t, packet_type, server_packet_type;
@@ -411,6 +526,14 @@ portcon tcp 1721 gen_context(system_u:object_r:gatekeeper_port_t,s0)
portcon tcp 7000 gen_context(system_u:object_r:gatekeeper_port_t,s0)
+type gds_db_port_t, port_type, defined_port_type;
+type gds_db_client_packet_t, packet_type, client_packet_type;
+type gds_db_server_packet_t, packet_type, server_packet_type;
+typeattribute gds_db_port_t unreserved_port_type;
+portcon tcp 3050 gen_context(system_u:object_r:gds_db_port_t,s0)
+portcon udp 3050 gen_context(system_u:object_r:gds_db_port_t,s0)
+
+
type giftd_port_t, port_type, defined_port_type;
type giftd_client_packet_t, packet_type, client_packet_type;
type giftd_server_packet_t, packet_type, server_packet_type;
@@ -500,7 +623,6 @@ portcon tcp 9281 gen_context(system_u:object_r:hplip_port_t,s0)
portcon tcp 9282 gen_context(system_u:object_r:hplip_port_t,s0)
portcon tcp 9290 gen_context(system_u:object_r:hplip_port_t,s0)
portcon tcp 9291 gen_context(system_u:object_r:hplip_port_t,s0)
-portcon tcp 9292 gen_context(system_u:object_r:hplip_port_t,s0)
type http_port_t, port_type, defined_port_type;
@@ -576,6 +698,22 @@ typeattribute innd_port_t reserved_port_type;
portcon tcp 119 gen_context(system_u:object_r:innd_port_t,s0)
+type interwise_port_t, port_type, defined_port_type;
+type interwise_client_packet_t, packet_type, client_packet_type;
+type interwise_server_packet_t, packet_type, server_packet_type;
+typeattribute interwise_port_t unreserved_port_type;
+portcon tcp 7778 gen_context(system_u:object_r:interwise_port_t,s0)
+portcon udp 7778 gen_context(system_u:object_r:interwise_port_t,s0)
+
+
+type ionixnetmon_port_t, port_type, defined_port_type;
+type ionixnetmon_client_packet_t, packet_type, client_packet_type;
+type ionixnetmon_server_packet_t, packet_type, server_packet_type;
+typeattribute ionixnetmon_port_t unreserved_port_type;
+portcon tcp 7410 gen_context(system_u:object_r:ionixnetmon_port_t,s0)
+portcon udp 7410 gen_context(system_u:object_r:ionixnetmon_port_t,s0)
+
+
type ipmi_port_t, port_type, defined_port_type;
type ipmi_client_packet_t, packet_type, client_packet_type;
type ipmi_server_packet_t, packet_type, server_packet_type;
@@ -648,6 +786,14 @@ typeattribute jabber_interserver_port_t unreserved_port_type;
portcon tcp 5269 gen_context(system_u:object_r:jabber_interserver_port_t,s0)
+type jboss_iiop_port_t, port_type, defined_port_type;
+type jboss_iiop_client_packet_t, packet_type, client_packet_type;
+type jboss_iiop_server_packet_t, packet_type, server_packet_type;
+typeattribute jboss_iiop_port_t unreserved_port_type;
+portcon tcp 3528 gen_context(system_u:object_r:jboss_iiop_port_t,s0)
+portcon udp 3528 gen_context(system_u:object_r:jboss_iiop_port_t,s0)
+
+
type kerberos_port_t, port_type, defined_port_type;
type kerberos_client_packet_t, packet_type, client_packet_type;
type kerberos_server_packet_t, packet_type, server_packet_type;
@@ -701,6 +847,14 @@ portcon udp 517 gen_context(system_u:object_r:ktalkd_port_t,s0)
portcon udp 518 gen_context(system_u:object_r:ktalkd_port_t,s0)
+type l2tp_port_t, port_type, defined_port_type;
+type l2tp_client_packet_t, packet_type, client_packet_type;
+type l2tp_server_packet_t, packet_type, server_packet_type;
+typeattribute l2tp_port_t unreserved_port_type;
+portcon tcp 1701 gen_context(system_u:object_r:l2tp_port_t,s0)
+portcon udp 1701 gen_context(system_u:object_r:l2tp_port_t,s0)
+
+
type ldap_port_t, port_type, defined_port_type;
type ldap_client_packet_t, packet_type, client_packet_type;
type ldap_server_packet_t, packet_type, server_packet_type;
@@ -777,6 +931,22 @@ typeattribute monopd_port_t unreserved_port_type;
portcon tcp 1234 gen_context(system_u:object_r:monopd_port_t,s0)
+type mountd_port_t, port_type, defined_port_type;
+type mountd_client_packet_t, packet_type, client_packet_type;
+type mountd_server_packet_t, packet_type, server_packet_type;
+typeattribute mountd_port_t unreserved_port_type;
+portcon tcp 20048 gen_context(system_u:object_r:mountd_port_t,s0)
+portcon udp 20048 gen_context(system_u:object_r:mountd_port_t,s0)
+
+
+type movaz_ssc_port_t, port_type, defined_port_type;
+type movaz_ssc_client_packet_t, packet_type, client_packet_type;
+type movaz_ssc_server_packet_t, packet_type, server_packet_type;
+typeattribute movaz_ssc_port_t unreserved_port_type;
+portcon tcp 5252 gen_context(system_u:object_r:movaz_ssc_port_t,s0)
+portcon udp 5252 gen_context(system_u:object_r:movaz_ssc_port_t,s0)
+
+
type mpd_port_t, port_type, defined_port_type;
type mpd_client_packet_t, packet_type, client_packet_type;
type mpd_server_packet_t, packet_type, server_packet_type;
@@ -784,6 +954,14 @@ typeattribute mpd_port_t unreserved_port_type;
portcon tcp 6600 gen_context(system_u:object_r:mpd_port_t,s0)
+type msgsrvr_port_t, port_type, defined_port_type;
+type msgsrvr_client_packet_t, packet_type, client_packet_type;
+type msgsrvr_server_packet_t, packet_type, server_packet_type;
+typeattribute msgsrvr_port_t unreserved_port_type;
+portcon tcp 8787 gen_context(system_u:object_r:msgsrvr_port_t,s0)
+portcon udp 8787 gen_context(system_u:object_r:msgsrvr_port_t,s0)
+
+
type msnp_port_t, port_type, defined_port_type;
type msnp_client_packet_t, packet_type, client_packet_type;
type msnp_server_packet_t, packet_type, server_packet_type;
@@ -800,6 +978,14 @@ portcon tcp 1433-1434 gen_context(system_u:object_r:mssql_port_t,s0)
portcon udp 1433-1434 gen_context(system_u:object_r:mssql_port_t,s0)
+type ms_streaming_port_t, port_type, defined_port_type;
+type ms_streaming_client_packet_t, packet_type, client_packet_type;
+type ms_streaming_server_packet_t, packet_type, server_packet_type;
+typeattribute ms_streaming_port_t unreserved_port_type;
+portcon tcp 1755 gen_context(system_u:object_r:ms_streaming_port_t,s0)
+portcon udp 1755 gen_context(system_u:object_r:ms_streaming_port_t,s0)
+
+
type munin_port_t, port_type, defined_port_type;
type munin_client_packet_t, packet_type, client_packet_type;
type munin_server_packet_t, packet_type, server_packet_type;
@@ -808,6 +994,14 @@ portcon tcp 4949 gen_context(system_u:object_r:munin_port_t,s0)
portcon udp 4949 gen_context(system_u:object_r:munin_port_t,s0)
+type mxi_port_t, port_type, defined_port_type;
+type mxi_client_packet_t, packet_type, client_packet_type;
+type mxi_server_packet_t, packet_type, server_packet_type;
+typeattribute mxi_port_t unreserved_port_type;
+portcon tcp 8005 gen_context(system_u:object_r:mxi_port_t,s0)
+portcon udp 8005 gen_context(system_u:object_r:mxi_port_t,s0)
+
+
type mysqld_port_t, port_type, defined_port_type;
type mysqld_client_packet_t, packet_type, client_packet_type;
type mysqld_server_packet_t, packet_type, server_packet_type;
@@ -849,6 +1043,22 @@ portcon tcp 5405 gen_context(system_u:object_r:netsupport_port_t,s0)
portcon udp 5405 gen_context(system_u:object_r:netsupport_port_t,s0)
+type nfs_port_t, port_type, defined_port_type;
+type nfs_client_packet_t, packet_type, client_packet_type;
+type nfs_server_packet_t, packet_type, server_packet_type;
+typeattribute nfs_port_t unreserved_port_type;
+portcon tcp 2049 gen_context(system_u:object_r:nfs_port_t,s0)
+portcon udp 2049 gen_context(system_u:object_r:nfs_port_t,s0)
+
+
+type nfsrdma_port_t, port_type, defined_port_type;
+type nfsrdma_client_packet_t, packet_type, client_packet_type;
+type nfsrdma_server_packet_t, packet_type, server_packet_type;
+typeattribute nfsrdma_port_t unreserved_port_type;
+portcon tcp 20049 gen_context(system_u:object_r:nfsrdma_port_t,s0)
+portcon udp 20049 gen_context(system_u:object_r:nfsrdma_port_t,s0)
+
+
type nmbd_port_t, port_type, defined_port_type;
type nmbd_client_packet_t, packet_type, client_packet_type;
type nmbd_server_packet_t, packet_type, server_packet_type;
@@ -872,6 +1082,14 @@ typeattribute ntp_port_t reserved_port_type;
portcon udp 123 gen_context(system_u:object_r:ntp_port_t,s0)
+type oa_system_port_t, port_type, defined_port_type;
+type oa_system_client_packet_t, packet_type, client_packet_type;
+type oa_system_server_packet_t, packet_type, server_packet_type;
+typeattribute oa_system_port_t unreserved_port_type;
+portcon tcp 8022 gen_context(system_u:object_r:oa_system_port_t,s0)
+portcon udp 8022 gen_context(system_u:object_r:oa_system_port_t,s0)
+
+
type oracledb_port_t, port_type, defined_port_type;
type oracledb_client_packet_t, packet_type, client_packet_type;
type oracledb_server_packet_t, packet_type, server_packet_type;
@@ -891,6 +1109,14 @@ typeattribute ocsp_port_t unreserved_port_type;
portcon tcp 9080 gen_context(system_u:object_r:ocsp_port_t,s0)
+type openhpid_port_t, port_type, defined_port_type;
+type openhpid_client_packet_t, packet_type, client_packet_type;
+type openhpid_server_packet_t, packet_type, server_packet_type;
+typeattribute openhpid_port_t unreserved_port_type;
+portcon tcp 4743 gen_context(system_u:object_r:openhpid_port_t,s0)
+portcon udp 4743 gen_context(system_u:object_r:openhpid_port_t,s0)
+
+
type openvpn_port_t, port_type, defined_port_type;
type openvpn_client_packet_t, packet_type, client_packet_type;
type openvpn_server_packet_t, packet_type, server_packet_type;
@@ -899,6 +1125,14 @@ portcon tcp 1194 gen_context(system_u:object_r:openvpn_port_t,s0)
portcon udp 1194 gen_context(system_u:object_r:openvpn_port_t,s0)
+type pdps_port_t, port_type, defined_port_type;
+type pdps_client_packet_t, packet_type, client_packet_type;
+type pdps_server_packet_t, packet_type, server_packet_type;
+typeattribute pdps_port_t unreserved_port_type;
+portcon tcp 1314 gen_context(system_u:object_r:pdps_port_t,s0)
+portcon udp 1314 gen_context(system_u:object_r:pdps_port_t,s0)
+
+
type pegasus_http_port_t, port_type, defined_port_type;
type pegasus_http_client_packet_t, packet_type, client_packet_type;
type pegasus_http_server_packet_t, packet_type, server_packet_type;
@@ -928,6 +1162,14 @@ typeattribute pingd_port_t unreserved_port_type;
portcon tcp 9125 gen_context(system_u:object_r:pingd_port_t,s0)
+type pktcable_cops_port_t, port_type, defined_port_type;
+type pktcable_cops_client_packet_t, packet_type, client_packet_type;
+type pktcable_cops_server_packet_t, packet_type, server_packet_type;
+typeattribute pktcable_cops_port_t unreserved_port_type;
+portcon tcp 2126 gen_context(system_u:object_r:pktcable_cops_port_t,s0)
+portcon udp 2126 gen_context(system_u:object_r:pktcable_cops_port_t,s0)
+
+
type pop_port_t, port_type, defined_port_type;
type pop_client_packet_t, packet_type, client_packet_type;
type pop_server_packet_t, packet_type, server_packet_type;
@@ -972,6 +1214,14 @@ typeattribute postgrey_port_t unreserved_port_type;
portcon tcp 60000 gen_context(system_u:object_r:postgrey_port_t,s0)
+type pptp_port_t, port_type, defined_port_type;
+type pptp_client_packet_t, packet_type, client_packet_type;
+type pptp_server_packet_t, packet_type, server_packet_type;
+typeattribute pptp_port_t unreserved_port_type;
+portcon tcp 1723 gen_context(system_u:object_r:pptp_port_t,s0)
+portcon udp 1723 gen_context(system_u:object_r:pptp_port_t,s0)
+
+
type prelude_port_t, port_type, defined_port_type;
type prelude_client_packet_t, packet_type, client_packet_type;
type prelude_server_packet_t, packet_type, server_packet_type;
@@ -1017,6 +1267,13 @@ typeattribute puppet_port_t unreserved_port_type;
portcon tcp 8140 gen_context(system_u:object_r:puppet_port_t,s0)
+type puppetclient_port_t, port_type, defined_port_type;
+type puppetclient_client_packet_t, packet_type, client_packet_type;
+type puppetclient_server_packet_t, packet_type, server_packet_type;
+typeattribute puppetclient_port_t unreserved_port_type;
+portcon tcp 8139 gen_context(system_u:object_r:puppetclient_port_t,s0)
+
+
type pxe_port_t, port_type, defined_port_type;
type pxe_client_packet_t, packet_type, client_packet_type;
type pxe_server_packet_t, packet_type, server_packet_type;
@@ -1098,6 +1355,7 @@ type rndc_server_packet_t, packet_type, server_packet_type;
typeattribute rndc_port_t reserved_port_type;
typeattribute rndc_port_t rpc_port_type;
portcon tcp 953 gen_context(system_u:object_r:rndc_port_t,s0)
+portcon udp 953 gen_context(system_u:object_r:rndc_port_t,s0)
type router_port_t, port_type, defined_port_type;
@@ -1127,6 +1385,22 @@ portcon tcp 873 gen_context(system_u:object_r:rsync_port_t,s0)
portcon udp 873 gen_context(system_u:object_r:rsync_port_t,s0)
+type rtorrent_port_t, port_type, defined_port_type;
+type rtorrent_client_packet_t, packet_type, client_packet_type;
+type rtorrent_server_packet_t, packet_type, server_packet_type;
+typeattribute rtorrent_port_t unreserved_port_type;
+portcon udp 6881 gen_context(system_u:object_r:rtorrent_port_t,s0)
+
+
+type rtsp_port_t, port_type, defined_port_type;
+type rtsp_client_packet_t, packet_type, client_packet_type;
+type rtsp_server_packet_t, packet_type, server_packet_type;
+typeattribute rtsp_port_t reserved_port_type;
+typeattribute rtsp_port_t rpc_port_type;
+portcon tcp 554 gen_context(system_u:object_r:rtsp_port_t,s0)
+portcon udp 554 gen_context(system_u:object_r:rtsp_port_t,s0)
+
+
type rwho_port_t, port_type, defined_port_type;
type rwho_client_packet_t, packet_type, client_packet_type;
type rwho_server_packet_t, packet_type, server_packet_type;
@@ -1143,6 +1417,14 @@ portcon tcp 9875 gen_context(system_u:object_r:sap_port_t,s0)
portcon udp 9875 gen_context(system_u:object_r:sap_port_t,s0)
+type servistaitsm_port_t, port_type, defined_port_type;
+type servistaitsm_client_packet_t, packet_type, client_packet_type;
+type servistaitsm_server_packet_t, packet_type, server_packet_type;
+typeattribute servistaitsm_port_t unreserved_port_type;
+portcon tcp 3636 gen_context(system_u:object_r:servistaitsm_port_t,s0)
+portcon udp 3636 gen_context(system_u:object_r:servistaitsm_port_t,s0)
+
+
type sieve_port_t, port_type, defined_port_type;
type sieve_client_packet_t, packet_type, client_packet_type;
type sieve_server_packet_t, packet_type, server_packet_type;
@@ -1235,6 +1517,14 @@ portcon udp 4827 gen_context(system_u:object_r:squid_port_t,s0)
portcon tcp 4827 gen_context(system_u:object_r:squid_port_t,s0)
# snmp and htcp
+type ssdp_port_t, port_type, defined_port_type;
+type ssdp_client_packet_t, packet_type, client_packet_type;
+type ssdp_server_packet_t, packet_type, server_packet_type;
+typeattribute ssdp_port_t unreserved_port_type;
+portcon tcp 1900 gen_context(system_u:object_r:ssdp_port_t,s0)
+portcon udp 1900 gen_context(system_u:object_r:ssdp_port_t,s0)
+
+
type ssh_port_t, port_type, defined_port_type;
type ssh_client_packet_t, packet_type, client_packet_type;
type ssh_server_packet_t, packet_type, server_packet_type;
@@ -1247,6 +1537,22 @@ type stunnel_client_packet_t, packet_type, client_packet_type;
type stunnel_server_packet_t, packet_type, server_packet_type;
# no defined portcon
+type svn_port_t, port_type, defined_port_type;
+type svn_client_packet_t, packet_type, client_packet_type;
+type svn_server_packet_t, packet_type, server_packet_type;
+typeattribute svn_port_t unreserved_port_type;
+portcon tcp 3690 gen_context(system_u:object_r:svn_port_t,s0)
+portcon udp 3690 gen_context(system_u:object_r:svn_port_t,s0)
+
+
+type svrloc_port_t, port_type, defined_port_type;
+type svrloc_client_packet_t, packet_type, client_packet_type;
+type svrloc_server_packet_t, packet_type, server_packet_type;
+typeattribute svrloc_port_t reserved_port_type;
+portcon tcp 427 gen_context(system_u:object_r:svrloc_port_t,s0)
+portcon udp 427 gen_context(system_u:object_r:svrloc_port_t,s0)
+
+
type swat_port_t, port_type, defined_port_type;
type swat_client_packet_t, packet_type, client_packet_type;
type swat_server_packet_t, packet_type, server_packet_type;
@@ -1255,6 +1561,14 @@ typeattribute swat_port_t rpc_port_type;
portcon tcp 901 gen_context(system_u:object_r:swat_port_t,s0)
+type sype_transport_port_t, port_type, defined_port_type;
+type sype_transport_client_packet_t, packet_type, client_packet_type;
+type sype_transport_server_packet_t, packet_type, server_packet_type;
+typeattribute sype_transport_port_t unreserved_port_type;
+portcon tcp 9911 gen_context(system_u:object_r:sype_transport_port_t,s0)
+portcon udp 9911 gen_context(system_u:object_r:sype_transport_port_t,s0)
+
+
type syslogd_port_t, port_type, defined_port_type;
type syslogd_client_packet_t, packet_type, client_packet_type;
type syslogd_server_packet_t, packet_type, server_packet_type;
@@ -1263,6 +1577,14 @@ typeattribute syslogd_port_t rpc_port_type;
portcon udp 514 gen_context(system_u:object_r:syslogd_port_t,s0)
+type syslog_tls_port_t, port_type, defined_port_type;
+type syslog_tls_client_packet_t, packet_type, client_packet_type;
+type syslog_tls_server_packet_t, packet_type, server_packet_type;
+typeattribute syslog_tls_port_t unreserved_port_type;
+portcon tcp 6514 gen_context(system_u:object_r:syslog_tls_port_t,s0)
+portcon udp 6514 gen_context(system_u:object_r:syslog_tls_port_t,s0)
+
+
type tcs_port_t, port_type, defined_port_type;
type tcs_client_packet_t, packet_type, client_packet_type;
type tcs_server_packet_t, packet_type, server_packet_type;
@@ -1309,6 +1631,22 @@ typeattribute transproxy_port_t unreserved_port_type;
portcon tcp 8081 gen_context(system_u:object_r:transproxy_port_t,s0)
+type trisoap_port_t, port_type, defined_port_type;
+type trisoap_client_packet_t, packet_type, client_packet_type;
+type trisoap_server_packet_t, packet_type, server_packet_type;
+typeattribute trisoap_port_t unreserved_port_type;
+portcon tcp 10200 gen_context(system_u:object_r:trisoap_port_t,s0)
+portcon udp 10200 gen_context(system_u:object_r:trisoap_port_t,s0)
+
+
+type trivnet1_port_t, port_type, defined_port_type;
+type trivnet1_client_packet_t, packet_type, client_packet_type;
+type trivnet1_server_packet_t, packet_type, server_packet_type;
+typeattribute trivnet1_port_t unreserved_port_type;
+portcon tcp 8200 gen_context(system_u:object_r:trivnet1_port_t,s0)
+portcon udp 8200 gen_context(system_u:object_r:trivnet1_port_t,s0)
+
+
type ups_port_t, port_type, defined_port_type;
type ups_client_packet_t, packet_type, client_packet_type;
type ups_server_packet_t, packet_type, server_packet_type;
@@ -1346,6 +1684,14 @@ portcon tcp 16514 gen_context(system_u:object_r:virt_port_t,s0)
portcon udp 16514 gen_context(system_u:object_r:virt_port_t,s0)
+type virtual_places_port_t, port_type, defined_port_type;
+type virtual_places_client_packet_t, packet_type, client_packet_type;
+type virtual_places_server_packet_t, packet_type, server_packet_type;
+typeattribute virtual_places_port_t unreserved_port_type;
+portcon tcp 1533 gen_context(system_u:object_r:virtual_places_port_t,s0)
+portcon udp 1533 gen_context(system_u:object_r:virtual_places_port_t,s0)
+
+
type virt_migration_port_t, port_type, defined_port_type;
type virt_migration_client_packet_t, packet_type, client_packet_type;
type virt_migration_server_packet_t, packet_type, server_packet_type;
@@ -1367,14 +1713,46 @@ typeattribute wccp_port_t unreserved_port_type;
portcon udp 2048 gen_context(system_u:object_r:wccp_port_t,s0)
+type websm_port_t, port_type, defined_port_type;
+type websm_client_packet_t, packet_type, client_packet_type;
+type websm_server_packet_t, packet_type, server_packet_type;
+typeattribute websm_port_t unreserved_port_type;
+portcon tcp 9090 gen_context(system_u:object_r:websm_port_t,s0)
+portcon udp 9090 gen_context(system_u:object_r:websm_port_t,s0)
+
+
type whois_port_t, port_type, defined_port_type;
type whois_client_packet_t, packet_type, client_packet_type;
type whois_server_packet_t, packet_type, server_packet_type;
typeattribute whois_port_t reserved_port_type;
portcon tcp 43 gen_context(system_u:object_r:whois_port_t,s0)
portcon udp 43 gen_context(system_u:object_r:whois_port_t,s0)
-portcon tcp 4321 gen_context(system_u:object_r:whois_port_t,s0 )
-portcon udp 4321 gen_context(system_u:object_r:whois_port_t,s0 )
+portcon tcp 4321 gen_context(system_u:object_r:whois_port_t,s0)
+portcon udp 4321 gen_context(system_u:object_r:whois_port_t,s0)
+
+
+type winshadow_port_t, port_type, defined_port_type;
+type winshadow_client_packet_t, packet_type, client_packet_type;
+type winshadow_server_packet_t, packet_type, server_packet_type;
+typeattribute winshadow_port_t unreserved_port_type;
+portcon tcp 3161 gen_context(system_u:object_r:winshadow_port_t,s0)
+portcon udp 3261 gen_context(system_u:object_r:winshadow_port_t,s0)
+
+
+type wsdapi_port_t, port_type, defined_port_type;
+type wsdapi_client_packet_t, packet_type, client_packet_type;
+type wsdapi_server_packet_t, packet_type, server_packet_type;
+typeattribute wsdapi_port_t unreserved_port_type;
+portcon tcp 5357 gen_context(system_u:object_r:wsdapi_port_t,s0)
+portcon udp 5357 gen_context(system_u:object_r:wsdapi_port_t,s0)
+
+
+type wsicopy_port_t, port_type, defined_port_type;
+type wsicopy_client_packet_t, packet_type, client_packet_type;
+type wsicopy_server_packet_t, packet_type, server_packet_type;
+typeattribute wsicopy_port_t unreserved_port_type;
+portcon tcp 3378 gen_context(system_u:object_r:wsicopy_port_t,s0)
+portcon udp 3378 gen_context(system_u:object_r:wsicopy_port_t,s0)
type xdmcp_port_t, port_type, defined_port_type;
@@ -1459,6 +1837,14 @@ portcon udp 2600-2604 gen_context(system_u:object_r:zebra_port_t,s0)
portcon udp 2606 gen_context(system_u:object_r:zebra_port_t,s0)
+type zented_port_t, port_type, defined_port_type;
+type zented_client_packet_t, packet_type, client_packet_type;
+type zented_server_packet_t, packet_type, server_packet_type;
+typeattribute zented_port_t unreserved_port_type;
+portcon tcp 1229 gen_context(system_u:object_r:zented_port_t,s0)
+portcon udp 1229 gen_context(system_u:object_r:zented_port_t,s0)
+
+
type zope_port_t, port_type, defined_port_type;
type zope_client_packet_t, packet_type, client_packet_type;
type zope_server_packet_t, packet_type, server_packet_type;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-08-13 18:16 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-08-13 18:16 UTC (permalink / raw
To: gentoo-commits
commit: 52746711ccf455a026d467e6665bd1e4b2053544
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Aug 13 18:14:33 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Tue Aug 13 18:14:33 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=52746711
Fix bug #480870 - Mark f2fs as xattr-supporting filesystem
---
policy/modules/kernel/filesystem.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 1c66416..9949d77 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -26,6 +26,7 @@ fs_use_xattr ext2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext3 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext4 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr ext4dev gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr f2fs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr gfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr gfs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr gpfs gen_context(system_u:object_r:fs_t,s0);
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-05-16 9:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-05-16 9:06 UTC (permalink / raw
To: gentoo-commits
commit: 8c4542aad827ced701d681c1985bd0ddfe15d86f
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu May 9 12:46:33 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu May 16 09:01:47 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8c4542aa
Remove general unlabeled packet usage.
Back when the SECMARK implementation was new, the packet class was always
checked. Because of that, unlabeled_t packet rules proliferated refpolicy
since the common case was to have no SECMARK rules. Since then, the kernel
has been modified to only enforce the packet class if there are SECMARK
rules. Remove the unlabeled_t packet rules, since users of SECMARK will
likely want no unlabeled_t packet rules, and the common case users will
have no impact since the packet class isn't enforced on their systems.
To have partial SECMARK confinement, the following rule applies:
allow { domain -type_i_want_to_constrain_t } unlabeled_t:packet { send recv };
It seems like over-allowing, but if you have no SECMARK rules, it's the equivalent of:
allow * unlabeled_t:packet { send recv };
Signed-off-by: Chris PeBenito <cpebenito <AT> tresys.com>
---
policy/modules/kernel/kernel.if | 3 ---
policy/modules/kernel/kernel.te | 2 +-
2 files changed, 1 insertions(+), 4 deletions(-)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index ee01f48..54f1b0b 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2648,9 +2648,6 @@ interface(`kernel_sendrecv_unlabeled_association',`
')
allow $1 unlabeled_t:association { sendto recvfrom };
-
- # temporary hack until labeling on packets is supported
- allow $1 unlabeled_t:packet { send recv };
')
########################################
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 397a25e..dd7648a 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.17.0)
+policy_module(kernel, 1.17.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-05-01 19:32 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-05-01 19:32 UTC (permalink / raw
To: gentoo-commits
commit: 17ece7e8acbfed3ad56d7ab1e3270df54c4e5bd4
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed May 1 19:31:52 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed May 1 19:31:52 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=17ece7e8
Meh, cannot append at end, order is important
---
policy/modules/kernel/corenetwork.te.in | 5 +----
1 files changed, 1 insertions(+), 4 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index d712240..0bdd1d5 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -263,6 +263,7 @@ network_port(tor, tcp,6969,s0, tcp,9001,s0, tcp,9030,s0, tcp,9050,s0, tcp,9051,s
network_port(traceroute, udp,64000-64010,s0)
network_port(transproxy, tcp,8081,s0)
network_port(trisoap, tcp,10200,s0, udp,10200,s0)
+network_port(trivnet1, tcp, 8200, s0, udp, 8200, s0)
network_port(ups, tcp,3493,s0)
network_port(utcpserver) # no defined portcon
network_port(uucpd, tcp,540,s0)
@@ -350,7 +351,3 @@ allow corenet_unconfined_type port_type:udp_socket { send_msg recv_msg };
# Bind to any network address.
allow corenet_unconfined_type port_type:{ tcp_socket udp_socket rawip_socket } name_bind;
allow corenet_unconfined_type node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
-
-ifdef(`distro_gentoo',`
-network_port(trivnet1, tcp,8200,s0, udp,8200,s0)
-')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-05-01 18:42 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-05-01 18:42 UTC (permalink / raw
To: gentoo-commits
commit: 7359fd58dfeb8f6e3b07b7f71d9e379d68acc255
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed May 1 18:40:44 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed May 1 18:40:44 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=7359fd58
Add trivnet1 port declaration
---
policy/modules/kernel/corenetwork.te.in | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 886aafb..d712240 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -350,3 +350,7 @@ allow corenet_unconfined_type port_type:udp_socket { send_msg recv_msg };
# Bind to any network address.
allow corenet_unconfined_type port_type:{ tcp_socket udp_socket rawip_socket } name_bind;
allow corenet_unconfined_type node_type:{ tcp_socket udp_socket rawip_socket } node_bind;
+
+ifdef(`distro_gentoo',`
+network_port(trivnet1, tcp,8200,s0, udp,8200,s0)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-04-11 18:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-04-11 18:04 UTC (permalink / raw
To: gentoo-commits
commit: 77049dec6323dcf7a72d44ff6b1b1775c1d41baf
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Apr 11 18:03:55 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Apr 11 18:03:55 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=77049dec
Undo storage_dev_filetrans_fixed_disk
The call to storage_dev_filetrans_fixed_disk will fail since this only works on
block devices, whereas device-mapper is a character device.
---
policy/modules/kernel/kernel.te | 2 --
1 files changed, 0 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 4a7650e..3f93458 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -419,6 +419,4 @@ ifdef(`distro_gentoo',`
allow kernel_t unlabeled_t:dir search_dir_perms;
dev_setattr_generic_chr_files(kernel_t)
-
- storage_dev_filetrans_fixed_disk(kernel_t, "device-mapper")
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-04-11 17:30 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-04-11 17:30 UTC (permalink / raw
To: gentoo-commits
commit: ba9c3d24cb1f513c43de495b0cdae9cfd519f19f
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Apr 11 17:27:43 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Apr 11 17:27:43 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ba9c3d24
Partial fix bug 463690 - Kernel creates device-mapper
In the initramfs, processes run as kernel_t. When vgscan runs and creates device
nodes, it also creates /dev/device-mapper. This block device should be of type
fixed_disk_device_t and it currently is (was) device_t.
Add in a storage_dev_filetrans_fixed_disk call for this specific device.
---
policy/modules/kernel/kernel.te | 2 ++
policy/modules/kernel/storage.if | 7 ++++++-
2 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 3f93458..4a7650e 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -419,4 +419,6 @@ ifdef(`distro_gentoo',`
allow kernel_t unlabeled_t:dir search_dir_perms;
dev_setattr_generic_chr_files(kernel_t)
+
+ storage_dev_filetrans_fixed_disk(kernel_t, "device-mapper")
')
diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
index 1700ef2..64c4cd0 100644
--- a/policy/modules/kernel/storage.if
+++ b/policy/modules/kernel/storage.if
@@ -260,13 +260,18 @@ interface(`storage_manage_fixed_disk',`
## Domain allowed access.
## </summary>
## </param>
+## <param name="filename" optional="true">
+## <summary>
+## Optional filename of the block device to be created
+## </summary>
+## </param>
#
interface(`storage_dev_filetrans_fixed_disk',`
gen_require(`
type fixed_disk_device_t;
')
- dev_filetrans($1, fixed_disk_device_t, blk_file)
+ dev_filetrans($1, fixed_disk_device_t, blk_file, $2)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-03-11 18:53 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-03-11 18:53 UTC (permalink / raw
To: gentoo-commits
commit: 855bd03f6bb088afb1fc0907c44664b70a7ad471
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Mar 11 18:51:19 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Mar 11 18:51:19 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=855bd03f
Fix bug #460326 - Use bin_t for notification daemon
The xfce4 notification daemon should be bin_t, so that the session dbus can
execute it with the proper transition back to the user domain.
---
policy/modules/kernel/corecommands.fc | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index affd731..0b6bbcc 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -411,3 +411,7 @@ ifdef(`distro_suse', `
ifdef(`distro_suse',`
/var/lib/samba/bin/.+ gen_context(system_u:object_r:bin_t,s0)
')
+
+ifdef(`distro_gentoo',`
+/usr/lib/xfce4/notifyd/xfce4-notifyd -- gen_context(system_u:object_r:bin_t,s0)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-03-10 15:29 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-03-10 15:29 UTC (permalink / raw
To: gentoo-commits
commit: bb602fb22cf1956526947e64375765b21d4dd145
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sun Mar 10 15:26:20 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sun Mar 10 15:26:20 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=bb602fb2
Fix bug #456914 - Support cpu_online_t for cpu/online sysfs info
In glibc, get_nprocs() reads /sys/devices/system/cpu/online. As potentially
every domain can call this method, we don't want to provide read access on
sysfs_t (or proc_t as fallbacks for /proc/stat and /proc/cpuinfo) for each
domain.
Instead, create a cpu_online_t type for just this purpose, and allow all domains
read access on this type.
---
policy/modules/kernel/devices.fc | 4 +++
policy/modules/kernel/devices.if | 45 ++++++++++++++++++++++++++++++++++++++
policy/modules/kernel/devices.te | 7 ++++++
policy/modules/kernel/domain.te | 2 +
4 files changed, 58 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index b31c054..5bf5ef2 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -207,3 +207,7 @@ ifdef(`distro_redhat',`
/var/named/chroot/dev/random -c gen_context(system_u:object_r:random_device_t,s0)
/var/named/chroot/dev/zero -c gen_context(system_u:object_r:zero_device_t,s0)
')
+
+ifdef(`distro_gentoo',`
+/sys/devices/system/cpu/online -- gen_context(system_u:object_r:cpu_online_t,s0)
+')
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 8d2504b..58ab7e9 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4926,3 +4926,48 @@ interface(`dev_unconfined',`
typeattribute $1 devices_unconfined_type;
')
+
+# We cannot use ifdef distro_gentoo for interfaces
+
+########################################
+## <summary>
+## Read cpu online hardware state information.
+## </summary>
+## <desc>
+## <p>
+## Allow the specified domain to read /sys/devices/system/cpu/online file.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_read_cpu_online',`
+ gen_require(`
+ type cpu_online_t;
+ ')
+
+ dev_search_sysfs($1)
+ read_files_pattern($1, cpu_online_t, cpu_online_t)
+')
+
+########################################
+## <summary>
+## Relabel cpu online hardware state information.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_relabel_cpu_online',`
+ gen_require(`
+ type cpu_online_t;
+ ')
+
+ dev_search_sysfs($1)
+ allow $1 cpu_online_t:file relabel_file_perms;
+')
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 6529bd9..47c108b 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -321,3 +321,10 @@ files_associate_tmp(device_node)
allow devices_unconfined_type self:capability sys_rawio;
allow devices_unconfined_type device_node:{ blk_file chr_file } *;
allow devices_unconfined_type mtrr_device_t:file *;
+
+ifdef(`distro_gentoo',`
+ # Support access to /sys/devices/system/cpu/online
+ type cpu_online_t;
+ files_type(cpu_online_t)
+ dev_associate_sysfs(cpu_online_t)
+')
diff --git a/policy/modules/kernel/domain.te b/policy/modules/kernel/domain.te
index cf04cb5..ea5cdee 100644
--- a/policy/modules/kernel/domain.te
+++ b/policy/modules/kernel/domain.te
@@ -96,6 +96,8 @@ kernel_dontaudit_link_key(domain)
# create child processes in the domain
allow domain self:process { fork sigchld };
+# glibc get_nprocs requires read access to /sys/devices/system/cpu/online
+dev_read_cpu_online(domain)
# Use trusted objects in /dev
dev_rw_null(domain)
dev_rw_zero(domain)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-18 18:11 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-18 18:11 UTC (permalink / raw
To: gentoo-commits
commit: 186676363b168ff8499df5d6aa906ab3b78ec515
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Feb 18 18:09:46 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 18 18:09:46 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=18667636
Fix bug #457618 - Fix bootup cgroup mounting
During bootup, the cgroup files are not properly added to the cgroup
directories. It seems that kernel_t needs search privileges on unlabeled_t
directories.
---
policy/modules/kernel/kernel.te | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 342936f..3f93458 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -416,7 +416,7 @@ ifdef(`distro_gentoo',`
#
# Local kernel_t policy
#
- dontaudit kernel_t unlabeled_t:dir search;
+ allow kernel_t unlabeled_t:dir search_dir_perms;
dev_setattr_generic_chr_files(kernel_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: b49af4542ca368e72f97c59b45c1494a0a100299
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Tue Jan 15 10:23:39 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:10:08 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b49af454
Label var_lock_t as a mountpoint
In Debian, /var/lock is a symlink to /var/run/lock which is a tmpfs
mount.
---
policy/modules/kernel/files.te | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 148d87a..4a59c76 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -173,6 +173,7 @@ files_mountpoint(var_lib_t)
#
type var_lock_t;
files_lock_file(var_lock_t)
+files_mountpoint(var_lock_t)
#
# var_run_t is the type of /var/run, usually
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: 2334a9705fccc41f317e955df1ae14e546f2f80c
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Sat Jan 12 21:32:31 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:12:19 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=2334a970
Label nut drivers that are installed in /lib/nut on Debian as bin_t
---
policy/modules/kernel/corecommands.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 56ae6cc..affd731 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -135,6 +135,7 @@ ifdef(`distro_debian',`
# /lib
#
+/lib/nut/.* -- gen_context(system_u:object_r:bin_t,s0)
/lib/readahead(/.*)? gen_context(system_u:object_r:bin_t,s0)
/lib/security/pam_krb5/pam_krb5_storetmp -- gen_context(system_u:object_r:bin_t,s0)
/lib/systemd/systemd.* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: 0f765e27c8df952caf61a40716c286df308b8272
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Mon Jan 14 13:29:04 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:12:17 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0f765e27
Label executables under /usr/lib/gnome-settings-daemon/ as bin_t
On Debian, part of gnome-settings-daemon is installed in that
directory
---
policy/modules/kernel/corecommands.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 93ddbc2..56ae6cc 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -216,6 +216,7 @@ ifdef(`distro_gentoo',`
/usr/lib/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gimp/.*/plug-ins(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/gnome-settings-daemon/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gvfs/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ipsec/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/kde4/libexec/.* -- gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: 0e9ef8a0e0042fcfb3460d3a2306f23b03e83e5a
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Sat Jan 12 21:32:23 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:08:05 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0e9ef8a0
Label executables in /usr/lib/NetworkManager/ as bin_t
---
policy/modules/kernel/corecommands.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index de94bd0..93ddbc2 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -226,6 +226,7 @@ ifdef(`distro_gentoo',`
/usr/lib/misc/sftp-server -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nagios/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/netsaint/plugins(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/NetworkManager/nm\-.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/news/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/nspluginwrapper/np.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/portage/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: ffdb9096a75c3a6eca4a35ba3b127cc10f24eb72
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Mon Jan 14 13:32:11 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:08:00 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=ffdb9096
Label /var/run/motd.dynamic as initrc_var_run_t
---
policy/modules/kernel/files.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 554f157..1a83f34 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -269,4 +269,5 @@ ifndef(`distro_redhat',`
ifdef(`distro_debian',`
/var/run/motd -- gen_context(system_u:object_r:initrc_var_run_t,s0)
+/var/run/motd\.dynamic -- gen_context(system_u:object_r:initrc_var_run_t,s0)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2013-02-04 19:17 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2013-02-04 19:17 UTC (permalink / raw
To: gentoo-commits
commit: 241fd4fca2fb468863010e636116e9abbf4216c1
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Sat Jan 12 21:32:19 2013 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Feb 4 19:07:58 2013 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=241fd4fc
Label /var/run/shm as tmpfs_t for Debian
In Debian, /dev/shm is a symlink to /var/run/shm. Label that mountpoint
the same way.
---
policy/modules/kernel/filesystem.fc | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/filesystem.fc b/policy/modules/kernel/filesystem.fc
index cda5588..3d67e80 100644
--- a/policy/modules/kernel/filesystem.fc
+++ b/policy/modules/kernel/filesystem.fc
@@ -14,3 +14,8 @@
# for systemd systems:
/sys/fs/cgroup -d gen_context(system_u:object_r:cgroup_t,s0)
/sys/fs/cgroup/.* <<none>>
+
+ifdef(`distro_debian',`
+/var/run/shm -d gen_context(system_u:object_r:tmpfs_t,s0)
+/var/run/shm/.* <<none>>
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-12-29 18:24 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-12-29 18:24 UTC (permalink / raw
To: gentoo-commits
commit: c0a7407cd23661aaac7c33501ef18f87812d6c95
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Dec 29 17:39:02 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat Dec 29 17:39:02 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c0a7407c
Move gentoo specifics downwards
---
policy/modules/kernel/kernel.te | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 754e0e9..342936f 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -224,7 +224,6 @@ allow kernel_t sysctl_t:dir list_dir_perms;
# Other possible mount points for the root fs are in files
allow kernel_t unlabeled_t:dir mounton;
-dontaudit kernel_t unlabeled_t:dir search;
# Kernel-generated traffic e.g., TCP resets on
# connections with invalidated labels:
allow kernel_t unlabeled_t:packet send;
@@ -254,7 +253,6 @@ dev_delete_generic_dirs(kernel_t)
dev_create_generic_blk_files(kernel_t)
dev_delete_generic_blk_files(kernel_t)
dev_create_generic_chr_files(kernel_t)
-dev_setattr_generic_chr_files(kernel_t)
dev_delete_generic_chr_files(kernel_t)
dev_mounton(kernel_t)
@@ -412,3 +410,13 @@ allow kern_unconfined unlabeled_t:filesystem *;
allow kern_unconfined unlabeled_t:association *;
allow kern_unconfined unlabeled_t:packet *;
allow kern_unconfined unlabeled_t:process ~{ transition dyntransition execmem execstack execheap };
+
+ifdef(`distro_gentoo',`
+ #####################################
+ #
+ # Local kernel_t policy
+ #
+ dontaudit kernel_t unlabeled_t:dir search;
+
+ dev_setattr_generic_chr_files(kernel_t)
+')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-12-17 16:56 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-12-17 16:56 UTC (permalink / raw
To: gentoo-commits
commit: 0d66e8d5a77b19989c6de8e67c5de9cdb72af117
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Dec 17 14:16:56 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Dec 17 14:16:56 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0d66e8d5
Adding recent build of corenetwork.if (from corenetwork.if.in) as it is used by parsing scripts
---
policy/modules/kernel/corenetwork.if |49163 ++++++++++++++++++++++++----------
1 files changed, 34992 insertions(+), 14171 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.if b/policy/modules/kernel/corenetwork.if
index 07c2bad..89c4c59 100644
--- a/policy/modules/kernel/corenetwork.if
+++ b/policy/modules/kernel/corenetwork.if
@@ -5357,6 +5357,449 @@ interface(`corenet_relabelto_afs_vl_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ dontaudit $1 afs3_callback_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ dontaudit $1 afs3_callback_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_afs3_callback_port',`
+ corenet_udp_send_afs3_callback_port($1)
+ corenet_udp_receive_afs3_callback_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_afs3_callback_port',`
+ corenet_dontaudit_udp_send_afs3_callback_port($1)
+ corenet_dontaudit_udp_receive_afs3_callback_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the afs3_callback port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_afs3_callback_port',`
+ gen_require(`
+ type afs3_callback_port_t;
+ ')
+
+ allow $1 afs3_callback_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_afs3_callback_client_packets',`
+ gen_require(`
+ type afs3_callback_client_packet_t;
+ ')
+
+ allow $1 afs3_callback_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_afs3_callback_client_packets',`
+ gen_require(`
+ type afs3_callback_client_packet_t;
+ ')
+
+ dontaudit $1 afs3_callback_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_afs3_callback_client_packets',`
+ gen_require(`
+ type afs3_callback_client_packet_t;
+ ')
+
+ allow $1 afs3_callback_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_afs3_callback_client_packets',`
+ gen_require(`
+ type afs3_callback_client_packet_t;
+ ')
+
+ dontaudit $1 afs3_callback_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_afs3_callback_client_packets',`
+ corenet_send_afs3_callback_client_packets($1)
+ corenet_receive_afs3_callback_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive afs3_callback_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_afs3_callback_client_packets',`
+ corenet_dontaudit_send_afs3_callback_client_packets($1)
+ corenet_dontaudit_receive_afs3_callback_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to afs3_callback_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_afs3_callback_client_packets',`
+ gen_require(`
+ type afs3_callback_client_packet_t;
+ ')
+
+ allow $1 afs3_callback_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_afs3_callback_server_packets',`
+ gen_require(`
+ type afs3_callback_server_packet_t;
+ ')
+
+ allow $1 afs3_callback_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_afs3_callback_server_packets',`
+ gen_require(`
+ type afs3_callback_server_packet_t;
+ ')
+
+ dontaudit $1 afs3_callback_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_afs3_callback_server_packets',`
+ gen_require(`
+ type afs3_callback_server_packet_t;
+ ')
+
+ allow $1 afs3_callback_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_afs3_callback_server_packets',`
+ gen_require(`
+ type afs3_callback_server_packet_t;
+ ')
+
+ dontaudit $1 afs3_callback_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_afs3_callback_server_packets',`
+ corenet_send_afs3_callback_server_packets($1)
+ corenet_receive_afs3_callback_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive afs3_callback_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_afs3_callback_server_packets',`
+ corenet_dontaudit_send_afs3_callback_server_packets($1)
+ corenet_dontaudit_receive_afs3_callback_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to afs3_callback_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_afs3_callback_server_packets',`
+ gen_require(`
+ type afs3_callback_server_packet_t;
+ ')
+
+ allow $1 afs3_callback_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the agentx port.
## </summary>
## <param name="domain">
@@ -8458,7 +8901,7 @@ interface(`corenet_relabelto_apcupsd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the asterisk port.
+## Send and receive TCP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8467,17 +8910,17 @@ interface(`corenet_relabelto_apcupsd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_asterisk_port',`
+interface(`corenet_tcp_sendrecv_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 apertus_ldp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the asterisk port.
+## Send UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8486,17 +8929,17 @@ interface(`corenet_tcp_sendrecv_asterisk_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_asterisk_port',`
+interface(`corenet_udp_send_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:udp_socket send_msg;
+ allow $1 apertus_ldp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the asterisk port.
+## Do not audit attempts to send UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8505,17 +8948,17 @@ interface(`corenet_udp_send_asterisk_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_asterisk_port',`
+interface(`corenet_dontaudit_udp_send_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- dontaudit $1 asterisk_port_t:udp_socket send_msg;
+ dontaudit $1 apertus_ldp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the asterisk port.
+## Receive UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8524,17 +8967,17 @@ interface(`corenet_dontaudit_udp_send_asterisk_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_asterisk_port',`
+interface(`corenet_udp_receive_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:udp_socket recv_msg;
+ allow $1 apertus_ldp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the asterisk port.
+## Do not audit attempts to receive UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8543,17 +8986,17 @@ interface(`corenet_udp_receive_asterisk_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_asterisk_port',`
+interface(`corenet_dontaudit_udp_receive_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- dontaudit $1 asterisk_port_t:udp_socket recv_msg;
+ dontaudit $1 apertus_ldp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the asterisk port.
+## Send and receive UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8562,15 +9005,15 @@ interface(`corenet_dontaudit_udp_receive_asterisk_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_asterisk_port',`
- corenet_udp_send_asterisk_port($1)
- corenet_udp_receive_asterisk_port($1)
+interface(`corenet_udp_sendrecv_apertus_ldp_port',`
+ corenet_udp_send_apertus_ldp_port($1)
+ corenet_udp_receive_apertus_ldp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the asterisk port.
+## UDP traffic on the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8579,14 +9022,14 @@ interface(`corenet_udp_sendrecv_asterisk_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_asterisk_port',`
- corenet_dontaudit_udp_send_asterisk_port($1)
- corenet_dontaudit_udp_receive_asterisk_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_apertus_ldp_port',`
+ corenet_dontaudit_udp_send_apertus_ldp_port($1)
+ corenet_dontaudit_udp_receive_apertus_ldp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the asterisk port.
+## Bind TCP sockets to the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8595,18 +9038,18 @@ interface(`corenet_dontaudit_udp_sendrecv_asterisk_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_asterisk_port',`
+interface(`corenet_tcp_bind_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:tcp_socket name_bind;
-
+ allow $1 apertus_ldp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the asterisk port.
+## Bind UDP sockets to the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8615,18 +9058,18 @@ interface(`corenet_tcp_bind_asterisk_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_asterisk_port',`
+interface(`corenet_udp_bind_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:udp_socket name_bind;
-
+ allow $1 apertus_ldp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the asterisk port.
+## Make a TCP connection to the apertus_ldp port.
## </summary>
## <param name="domain">
## <summary>
@@ -8634,18 +9077,18 @@ interface(`corenet_udp_bind_asterisk_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_asterisk_port',`
+interface(`corenet_tcp_connect_apertus_ldp_port',`
gen_require(`
- type asterisk_port_t;
+ type apertus_ldp_port_t;
')
- allow $1 asterisk_port_t:tcp_socket name_connect;
+ allow $1 apertus_ldp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send asterisk_client packets.
+## Send apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8654,17 +9097,17 @@ interface(`corenet_tcp_connect_asterisk_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_asterisk_client_packets',`
+interface(`corenet_send_apertus_ldp_client_packets',`
gen_require(`
- type asterisk_client_packet_t;
+ type apertus_ldp_client_packet_t;
')
- allow $1 asterisk_client_packet_t:packet send;
+ allow $1 apertus_ldp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send asterisk_client packets.
+## Do not audit attempts to send apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8673,17 +9116,17 @@ interface(`corenet_send_asterisk_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_asterisk_client_packets',`
+interface(`corenet_dontaudit_send_apertus_ldp_client_packets',`
gen_require(`
- type asterisk_client_packet_t;
+ type apertus_ldp_client_packet_t;
')
- dontaudit $1 asterisk_client_packet_t:packet send;
+ dontaudit $1 apertus_ldp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive asterisk_client packets.
+## Receive apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8692,17 +9135,17 @@ interface(`corenet_dontaudit_send_asterisk_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_asterisk_client_packets',`
+interface(`corenet_receive_apertus_ldp_client_packets',`
gen_require(`
- type asterisk_client_packet_t;
+ type apertus_ldp_client_packet_t;
')
- allow $1 asterisk_client_packet_t:packet recv;
+ allow $1 apertus_ldp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive asterisk_client packets.
+## Do not audit attempts to receive apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8711,17 +9154,17 @@ interface(`corenet_receive_asterisk_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_asterisk_client_packets',`
+interface(`corenet_dontaudit_receive_apertus_ldp_client_packets',`
gen_require(`
- type asterisk_client_packet_t;
+ type apertus_ldp_client_packet_t;
')
- dontaudit $1 asterisk_client_packet_t:packet recv;
+ dontaudit $1 apertus_ldp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive asterisk_client packets.
+## Send and receive apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8730,14 +9173,14 @@ interface(`corenet_dontaudit_receive_asterisk_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_asterisk_client_packets',`
- corenet_send_asterisk_client_packets($1)
- corenet_receive_asterisk_client_packets($1)
+interface(`corenet_sendrecv_apertus_ldp_client_packets',`
+ corenet_send_apertus_ldp_client_packets($1)
+ corenet_receive_apertus_ldp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive asterisk_client packets.
+## Do not audit attempts to send and receive apertus_ldp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8746,14 +9189,14 @@ interface(`corenet_sendrecv_asterisk_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_asterisk_client_packets',`
- corenet_dontaudit_send_asterisk_client_packets($1)
- corenet_dontaudit_receive_asterisk_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_apertus_ldp_client_packets',`
+ corenet_dontaudit_send_apertus_ldp_client_packets($1)
+ corenet_dontaudit_receive_apertus_ldp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to asterisk_client the packet type.
+## Relabel packets to apertus_ldp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -8761,18 +9204,18 @@ interface(`corenet_dontaudit_sendrecv_asterisk_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_asterisk_client_packets',`
+interface(`corenet_relabelto_apertus_ldp_client_packets',`
gen_require(`
- type asterisk_client_packet_t;
+ type apertus_ldp_client_packet_t;
')
- allow $1 asterisk_client_packet_t:packet relabelto;
+ allow $1 apertus_ldp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send asterisk_server packets.
+## Send apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8781,17 +9224,17 @@ interface(`corenet_relabelto_asterisk_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_asterisk_server_packets',`
+interface(`corenet_send_apertus_ldp_server_packets',`
gen_require(`
- type asterisk_server_packet_t;
+ type apertus_ldp_server_packet_t;
')
- allow $1 asterisk_server_packet_t:packet send;
+ allow $1 apertus_ldp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send asterisk_server packets.
+## Do not audit attempts to send apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8800,17 +9243,17 @@ interface(`corenet_send_asterisk_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_asterisk_server_packets',`
+interface(`corenet_dontaudit_send_apertus_ldp_server_packets',`
gen_require(`
- type asterisk_server_packet_t;
+ type apertus_ldp_server_packet_t;
')
- dontaudit $1 asterisk_server_packet_t:packet send;
+ dontaudit $1 apertus_ldp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive asterisk_server packets.
+## Receive apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8819,17 +9262,17 @@ interface(`corenet_dontaudit_send_asterisk_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_asterisk_server_packets',`
+interface(`corenet_receive_apertus_ldp_server_packets',`
gen_require(`
- type asterisk_server_packet_t;
+ type apertus_ldp_server_packet_t;
')
- allow $1 asterisk_server_packet_t:packet recv;
+ allow $1 apertus_ldp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive asterisk_server packets.
+## Do not audit attempts to receive apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8838,17 +9281,17 @@ interface(`corenet_receive_asterisk_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_asterisk_server_packets',`
+interface(`corenet_dontaudit_receive_apertus_ldp_server_packets',`
gen_require(`
- type asterisk_server_packet_t;
+ type apertus_ldp_server_packet_t;
')
- dontaudit $1 asterisk_server_packet_t:packet recv;
+ dontaudit $1 apertus_ldp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive asterisk_server packets.
+## Send and receive apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8857,14 +9300,14 @@ interface(`corenet_dontaudit_receive_asterisk_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_asterisk_server_packets',`
- corenet_send_asterisk_server_packets($1)
- corenet_receive_asterisk_server_packets($1)
+interface(`corenet_sendrecv_apertus_ldp_server_packets',`
+ corenet_send_apertus_ldp_server_packets($1)
+ corenet_receive_apertus_ldp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive asterisk_server packets.
+## Do not audit attempts to send and receive apertus_ldp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -8873,14 +9316,14 @@ interface(`corenet_sendrecv_asterisk_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_asterisk_server_packets',`
- corenet_dontaudit_send_asterisk_server_packets($1)
- corenet_dontaudit_receive_asterisk_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_apertus_ldp_server_packets',`
+ corenet_dontaudit_send_apertus_ldp_server_packets($1)
+ corenet_dontaudit_receive_apertus_ldp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to asterisk_server the packet type.
+## Relabel packets to apertus_ldp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -8888,12 +9331,12 @@ interface(`corenet_dontaudit_sendrecv_asterisk_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_asterisk_server_packets',`
+interface(`corenet_relabelto_apertus_ldp_server_packets',`
gen_require(`
- type asterisk_server_packet_t;
+ type apertus_ldp_server_packet_t;
')
- allow $1 asterisk_server_packet_t:packet relabelto;
+ allow $1 apertus_ldp_server_packet_t:packet relabelto;
')
@@ -8901,7 +9344,7 @@ interface(`corenet_relabelto_asterisk_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the audit port.
+## Send and receive TCP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -8910,17 +9353,17 @@ interface(`corenet_relabelto_asterisk_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_audit_port',`
+interface(`corenet_tcp_sendrecv_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 armtechdaemon_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the audit port.
+## Send UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -8929,17 +9372,17 @@ interface(`corenet_tcp_sendrecv_audit_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_audit_port',`
+interface(`corenet_udp_send_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:udp_socket send_msg;
+ allow $1 armtechdaemon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the audit port.
+## Do not audit attempts to send UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -8948,17 +9391,17 @@ interface(`corenet_udp_send_audit_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_audit_port',`
+interface(`corenet_dontaudit_udp_send_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- dontaudit $1 audit_port_t:udp_socket send_msg;
+ dontaudit $1 armtechdaemon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the audit port.
+## Receive UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -8967,17 +9410,17 @@ interface(`corenet_dontaudit_udp_send_audit_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_audit_port',`
+interface(`corenet_udp_receive_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:udp_socket recv_msg;
+ allow $1 armtechdaemon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the audit port.
+## Do not audit attempts to receive UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -8986,17 +9429,17 @@ interface(`corenet_udp_receive_audit_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_audit_port',`
+interface(`corenet_dontaudit_udp_receive_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- dontaudit $1 audit_port_t:udp_socket recv_msg;
+ dontaudit $1 armtechdaemon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the audit port.
+## Send and receive UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -9005,15 +9448,15 @@ interface(`corenet_dontaudit_udp_receive_audit_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_audit_port',`
- corenet_udp_send_audit_port($1)
- corenet_udp_receive_audit_port($1)
+interface(`corenet_udp_sendrecv_armtechdaemon_port',`
+ corenet_udp_send_armtechdaemon_port($1)
+ corenet_udp_receive_armtechdaemon_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the audit port.
+## UDP traffic on the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -9022,14 +9465,14 @@ interface(`corenet_udp_sendrecv_audit_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_audit_port',`
- corenet_dontaudit_udp_send_audit_port($1)
- corenet_dontaudit_udp_receive_audit_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_armtechdaemon_port',`
+ corenet_dontaudit_udp_send_armtechdaemon_port($1)
+ corenet_dontaudit_udp_receive_armtechdaemon_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the audit port.
+## Bind TCP sockets to the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -9038,18 +9481,18 @@ interface(`corenet_dontaudit_udp_sendrecv_audit_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_audit_port',`
+interface(`corenet_tcp_bind_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 armtechdaemon_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the audit port.
+## Bind UDP sockets to the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -9058,18 +9501,18 @@ interface(`corenet_tcp_bind_audit_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_audit_port',`
+interface(`corenet_udp_bind_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 armtechdaemon_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the audit port.
+## Make a TCP connection to the armtechdaemon port.
## </summary>
## <param name="domain">
## <summary>
@@ -9077,18 +9520,18 @@ interface(`corenet_udp_bind_audit_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_audit_port',`
+interface(`corenet_tcp_connect_armtechdaemon_port',`
gen_require(`
- type audit_port_t;
+ type armtechdaemon_port_t;
')
- allow $1 audit_port_t:tcp_socket name_connect;
+ allow $1 armtechdaemon_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send audit_client packets.
+## Send armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9097,17 +9540,17 @@ interface(`corenet_tcp_connect_audit_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_audit_client_packets',`
+interface(`corenet_send_armtechdaemon_client_packets',`
gen_require(`
- type audit_client_packet_t;
+ type armtechdaemon_client_packet_t;
')
- allow $1 audit_client_packet_t:packet send;
+ allow $1 armtechdaemon_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send audit_client packets.
+## Do not audit attempts to send armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9116,17 +9559,17 @@ interface(`corenet_send_audit_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_audit_client_packets',`
+interface(`corenet_dontaudit_send_armtechdaemon_client_packets',`
gen_require(`
- type audit_client_packet_t;
+ type armtechdaemon_client_packet_t;
')
- dontaudit $1 audit_client_packet_t:packet send;
+ dontaudit $1 armtechdaemon_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive audit_client packets.
+## Receive armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9135,17 +9578,17 @@ interface(`corenet_dontaudit_send_audit_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_audit_client_packets',`
+interface(`corenet_receive_armtechdaemon_client_packets',`
gen_require(`
- type audit_client_packet_t;
+ type armtechdaemon_client_packet_t;
')
- allow $1 audit_client_packet_t:packet recv;
+ allow $1 armtechdaemon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive audit_client packets.
+## Do not audit attempts to receive armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9154,17 +9597,17 @@ interface(`corenet_receive_audit_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_audit_client_packets',`
+interface(`corenet_dontaudit_receive_armtechdaemon_client_packets',`
gen_require(`
- type audit_client_packet_t;
+ type armtechdaemon_client_packet_t;
')
- dontaudit $1 audit_client_packet_t:packet recv;
+ dontaudit $1 armtechdaemon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive audit_client packets.
+## Send and receive armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9173,14 +9616,14 @@ interface(`corenet_dontaudit_receive_audit_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_audit_client_packets',`
- corenet_send_audit_client_packets($1)
- corenet_receive_audit_client_packets($1)
+interface(`corenet_sendrecv_armtechdaemon_client_packets',`
+ corenet_send_armtechdaemon_client_packets($1)
+ corenet_receive_armtechdaemon_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive audit_client packets.
+## Do not audit attempts to send and receive armtechdaemon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9189,14 +9632,14 @@ interface(`corenet_sendrecv_audit_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_audit_client_packets',`
- corenet_dontaudit_send_audit_client_packets($1)
- corenet_dontaudit_receive_audit_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_armtechdaemon_client_packets',`
+ corenet_dontaudit_send_armtechdaemon_client_packets($1)
+ corenet_dontaudit_receive_armtechdaemon_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to audit_client the packet type.
+## Relabel packets to armtechdaemon_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -9204,18 +9647,18 @@ interface(`corenet_dontaudit_sendrecv_audit_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_audit_client_packets',`
+interface(`corenet_relabelto_armtechdaemon_client_packets',`
gen_require(`
- type audit_client_packet_t;
+ type armtechdaemon_client_packet_t;
')
- allow $1 audit_client_packet_t:packet relabelto;
+ allow $1 armtechdaemon_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send audit_server packets.
+## Send armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9224,17 +9667,17 @@ interface(`corenet_relabelto_audit_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_audit_server_packets',`
+interface(`corenet_send_armtechdaemon_server_packets',`
gen_require(`
- type audit_server_packet_t;
+ type armtechdaemon_server_packet_t;
')
- allow $1 audit_server_packet_t:packet send;
+ allow $1 armtechdaemon_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send audit_server packets.
+## Do not audit attempts to send armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9243,17 +9686,17 @@ interface(`corenet_send_audit_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_audit_server_packets',`
+interface(`corenet_dontaudit_send_armtechdaemon_server_packets',`
gen_require(`
- type audit_server_packet_t;
+ type armtechdaemon_server_packet_t;
')
- dontaudit $1 audit_server_packet_t:packet send;
+ dontaudit $1 armtechdaemon_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive audit_server packets.
+## Receive armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9262,17 +9705,17 @@ interface(`corenet_dontaudit_send_audit_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_audit_server_packets',`
+interface(`corenet_receive_armtechdaemon_server_packets',`
gen_require(`
- type audit_server_packet_t;
+ type armtechdaemon_server_packet_t;
')
- allow $1 audit_server_packet_t:packet recv;
+ allow $1 armtechdaemon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive audit_server packets.
+## Do not audit attempts to receive armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9281,17 +9724,17 @@ interface(`corenet_receive_audit_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_audit_server_packets',`
+interface(`corenet_dontaudit_receive_armtechdaemon_server_packets',`
gen_require(`
- type audit_server_packet_t;
+ type armtechdaemon_server_packet_t;
')
- dontaudit $1 audit_server_packet_t:packet recv;
+ dontaudit $1 armtechdaemon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive audit_server packets.
+## Send and receive armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9300,14 +9743,14 @@ interface(`corenet_dontaudit_receive_audit_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_audit_server_packets',`
- corenet_send_audit_server_packets($1)
- corenet_receive_audit_server_packets($1)
+interface(`corenet_sendrecv_armtechdaemon_server_packets',`
+ corenet_send_armtechdaemon_server_packets($1)
+ corenet_receive_armtechdaemon_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive audit_server packets.
+## Do not audit attempts to send and receive armtechdaemon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9316,14 +9759,14 @@ interface(`corenet_sendrecv_audit_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_audit_server_packets',`
- corenet_dontaudit_send_audit_server_packets($1)
- corenet_dontaudit_receive_audit_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_armtechdaemon_server_packets',`
+ corenet_dontaudit_send_armtechdaemon_server_packets($1)
+ corenet_dontaudit_receive_armtechdaemon_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to audit_server the packet type.
+## Relabel packets to armtechdaemon_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -9331,12 +9774,12 @@ interface(`corenet_dontaudit_sendrecv_audit_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_audit_server_packets',`
+interface(`corenet_relabelto_armtechdaemon_server_packets',`
gen_require(`
- type audit_server_packet_t;
+ type armtechdaemon_server_packet_t;
')
- allow $1 audit_server_packet_t:packet relabelto;
+ allow $1 armtechdaemon_server_packet_t:packet relabelto;
')
@@ -9344,7 +9787,7 @@ interface(`corenet_relabelto_audit_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the auth port.
+## Send and receive TCP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9353,17 +9796,17 @@ interface(`corenet_relabelto_audit_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_auth_port',`
+interface(`corenet_tcp_sendrecv_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 asterisk_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the auth port.
+## Send UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9372,17 +9815,17 @@ interface(`corenet_tcp_sendrecv_auth_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_auth_port',`
+interface(`corenet_udp_send_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:udp_socket send_msg;
+ allow $1 asterisk_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the auth port.
+## Do not audit attempts to send UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9391,17 +9834,17 @@ interface(`corenet_udp_send_auth_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_auth_port',`
+interface(`corenet_dontaudit_udp_send_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- dontaudit $1 auth_port_t:udp_socket send_msg;
+ dontaudit $1 asterisk_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the auth port.
+## Receive UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9410,17 +9853,17 @@ interface(`corenet_dontaudit_udp_send_auth_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_auth_port',`
+interface(`corenet_udp_receive_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:udp_socket recv_msg;
+ allow $1 asterisk_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the auth port.
+## Do not audit attempts to receive UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9429,17 +9872,17 @@ interface(`corenet_udp_receive_auth_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_auth_port',`
+interface(`corenet_dontaudit_udp_receive_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- dontaudit $1 auth_port_t:udp_socket recv_msg;
+ dontaudit $1 asterisk_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the auth port.
+## Send and receive UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9448,15 +9891,15 @@ interface(`corenet_dontaudit_udp_receive_auth_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_auth_port',`
- corenet_udp_send_auth_port($1)
- corenet_udp_receive_auth_port($1)
+interface(`corenet_udp_sendrecv_asterisk_port',`
+ corenet_udp_send_asterisk_port($1)
+ corenet_udp_receive_asterisk_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the auth port.
+## UDP traffic on the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9465,14 +9908,14 @@ interface(`corenet_udp_sendrecv_auth_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_auth_port',`
- corenet_dontaudit_udp_send_auth_port($1)
- corenet_dontaudit_udp_receive_auth_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_asterisk_port',`
+ corenet_dontaudit_udp_send_asterisk_port($1)
+ corenet_dontaudit_udp_receive_asterisk_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the auth port.
+## Bind TCP sockets to the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9481,18 +9924,18 @@ interface(`corenet_dontaudit_udp_sendrecv_auth_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_auth_port',`
+interface(`corenet_tcp_bind_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 asterisk_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the auth port.
+## Bind UDP sockets to the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9501,18 +9944,18 @@ interface(`corenet_tcp_bind_auth_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_auth_port',`
+interface(`corenet_udp_bind_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 asterisk_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the auth port.
+## Make a TCP connection to the asterisk port.
## </summary>
## <param name="domain">
## <summary>
@@ -9520,18 +9963,18 @@ interface(`corenet_udp_bind_auth_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_auth_port',`
+interface(`corenet_tcp_connect_asterisk_port',`
gen_require(`
- type auth_port_t;
+ type asterisk_port_t;
')
- allow $1 auth_port_t:tcp_socket name_connect;
+ allow $1 asterisk_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send auth_client packets.
+## Send asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9540,17 +9983,17 @@ interface(`corenet_tcp_connect_auth_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_auth_client_packets',`
+interface(`corenet_send_asterisk_client_packets',`
gen_require(`
- type auth_client_packet_t;
+ type asterisk_client_packet_t;
')
- allow $1 auth_client_packet_t:packet send;
+ allow $1 asterisk_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send auth_client packets.
+## Do not audit attempts to send asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9559,17 +10002,17 @@ interface(`corenet_send_auth_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_auth_client_packets',`
+interface(`corenet_dontaudit_send_asterisk_client_packets',`
gen_require(`
- type auth_client_packet_t;
+ type asterisk_client_packet_t;
')
- dontaudit $1 auth_client_packet_t:packet send;
+ dontaudit $1 asterisk_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive auth_client packets.
+## Receive asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9578,17 +10021,17 @@ interface(`corenet_dontaudit_send_auth_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_auth_client_packets',`
+interface(`corenet_receive_asterisk_client_packets',`
gen_require(`
- type auth_client_packet_t;
+ type asterisk_client_packet_t;
')
- allow $1 auth_client_packet_t:packet recv;
+ allow $1 asterisk_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive auth_client packets.
+## Do not audit attempts to receive asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9597,17 +10040,17 @@ interface(`corenet_receive_auth_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_auth_client_packets',`
+interface(`corenet_dontaudit_receive_asterisk_client_packets',`
gen_require(`
- type auth_client_packet_t;
+ type asterisk_client_packet_t;
')
- dontaudit $1 auth_client_packet_t:packet recv;
+ dontaudit $1 asterisk_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive auth_client packets.
+## Send and receive asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9616,14 +10059,14 @@ interface(`corenet_dontaudit_receive_auth_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_auth_client_packets',`
- corenet_send_auth_client_packets($1)
- corenet_receive_auth_client_packets($1)
+interface(`corenet_sendrecv_asterisk_client_packets',`
+ corenet_send_asterisk_client_packets($1)
+ corenet_receive_asterisk_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive auth_client packets.
+## Do not audit attempts to send and receive asterisk_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9632,14 +10075,14 @@ interface(`corenet_sendrecv_auth_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_auth_client_packets',`
- corenet_dontaudit_send_auth_client_packets($1)
- corenet_dontaudit_receive_auth_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_asterisk_client_packets',`
+ corenet_dontaudit_send_asterisk_client_packets($1)
+ corenet_dontaudit_receive_asterisk_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to auth_client the packet type.
+## Relabel packets to asterisk_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -9647,18 +10090,18 @@ interface(`corenet_dontaudit_sendrecv_auth_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_auth_client_packets',`
+interface(`corenet_relabelto_asterisk_client_packets',`
gen_require(`
- type auth_client_packet_t;
+ type asterisk_client_packet_t;
')
- allow $1 auth_client_packet_t:packet relabelto;
+ allow $1 asterisk_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send auth_server packets.
+## Send asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9667,17 +10110,17 @@ interface(`corenet_relabelto_auth_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_auth_server_packets',`
+interface(`corenet_send_asterisk_server_packets',`
gen_require(`
- type auth_server_packet_t;
+ type asterisk_server_packet_t;
')
- allow $1 auth_server_packet_t:packet send;
+ allow $1 asterisk_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send auth_server packets.
+## Do not audit attempts to send asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9686,17 +10129,17 @@ interface(`corenet_send_auth_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_auth_server_packets',`
+interface(`corenet_dontaudit_send_asterisk_server_packets',`
gen_require(`
- type auth_server_packet_t;
+ type asterisk_server_packet_t;
')
- dontaudit $1 auth_server_packet_t:packet send;
+ dontaudit $1 asterisk_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive auth_server packets.
+## Receive asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9705,17 +10148,17 @@ interface(`corenet_dontaudit_send_auth_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_auth_server_packets',`
+interface(`corenet_receive_asterisk_server_packets',`
gen_require(`
- type auth_server_packet_t;
+ type asterisk_server_packet_t;
')
- allow $1 auth_server_packet_t:packet recv;
+ allow $1 asterisk_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive auth_server packets.
+## Do not audit attempts to receive asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9724,17 +10167,17 @@ interface(`corenet_receive_auth_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_auth_server_packets',`
+interface(`corenet_dontaudit_receive_asterisk_server_packets',`
gen_require(`
- type auth_server_packet_t;
+ type asterisk_server_packet_t;
')
- dontaudit $1 auth_server_packet_t:packet recv;
+ dontaudit $1 asterisk_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive auth_server packets.
+## Send and receive asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9743,14 +10186,14 @@ interface(`corenet_dontaudit_receive_auth_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_auth_server_packets',`
- corenet_send_auth_server_packets($1)
- corenet_receive_auth_server_packets($1)
+interface(`corenet_sendrecv_asterisk_server_packets',`
+ corenet_send_asterisk_server_packets($1)
+ corenet_receive_asterisk_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive auth_server packets.
+## Do not audit attempts to send and receive asterisk_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9759,14 +10202,14 @@ interface(`corenet_sendrecv_auth_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_auth_server_packets',`
- corenet_dontaudit_send_auth_server_packets($1)
- corenet_dontaudit_receive_auth_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_asterisk_server_packets',`
+ corenet_dontaudit_send_asterisk_server_packets($1)
+ corenet_dontaudit_receive_asterisk_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to auth_server the packet type.
+## Relabel packets to asterisk_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -9774,12 +10217,12 @@ interface(`corenet_dontaudit_sendrecv_auth_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_auth_server_packets',`
+interface(`corenet_relabelto_asterisk_server_packets',`
gen_require(`
- type auth_server_packet_t;
+ type asterisk_server_packet_t;
')
- allow $1 auth_server_packet_t:packet relabelto;
+ allow $1 asterisk_server_packet_t:packet relabelto;
')
@@ -9787,7 +10230,7 @@ interface(`corenet_relabelto_auth_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the bgp port.
+## Send and receive TCP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9796,17 +10239,17 @@ interface(`corenet_relabelto_auth_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_bgp_port',`
+interface(`corenet_tcp_sendrecv_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 audit_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the bgp port.
+## Send UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9815,17 +10258,17 @@ interface(`corenet_tcp_sendrecv_bgp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_bgp_port',`
+interface(`corenet_udp_send_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:udp_socket send_msg;
+ allow $1 audit_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the bgp port.
+## Do not audit attempts to send UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9834,17 +10277,17 @@ interface(`corenet_udp_send_bgp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_bgp_port',`
+interface(`corenet_dontaudit_udp_send_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- dontaudit $1 bgp_port_t:udp_socket send_msg;
+ dontaudit $1 audit_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the bgp port.
+## Receive UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9853,17 +10296,17 @@ interface(`corenet_dontaudit_udp_send_bgp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_bgp_port',`
+interface(`corenet_udp_receive_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:udp_socket recv_msg;
+ allow $1 audit_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the bgp port.
+## Do not audit attempts to receive UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9872,17 +10315,17 @@ interface(`corenet_udp_receive_bgp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_bgp_port',`
+interface(`corenet_dontaudit_udp_receive_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- dontaudit $1 bgp_port_t:udp_socket recv_msg;
+ dontaudit $1 audit_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the bgp port.
+## Send and receive UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9891,15 +10334,15 @@ interface(`corenet_dontaudit_udp_receive_bgp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_bgp_port',`
- corenet_udp_send_bgp_port($1)
- corenet_udp_receive_bgp_port($1)
+interface(`corenet_udp_sendrecv_audit_port',`
+ corenet_udp_send_audit_port($1)
+ corenet_udp_receive_audit_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the bgp port.
+## UDP traffic on the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9908,14 +10351,14 @@ interface(`corenet_udp_sendrecv_bgp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_bgp_port',`
- corenet_dontaudit_udp_send_bgp_port($1)
- corenet_dontaudit_udp_receive_bgp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_audit_port',`
+ corenet_dontaudit_udp_send_audit_port($1)
+ corenet_dontaudit_udp_receive_audit_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the bgp port.
+## Bind TCP sockets to the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9924,18 +10367,18 @@ interface(`corenet_dontaudit_udp_sendrecv_bgp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_bgp_port',`
+interface(`corenet_tcp_bind_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:tcp_socket name_bind;
+ allow $1 audit_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the bgp port.
+## Bind UDP sockets to the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9944,18 +10387,18 @@ interface(`corenet_tcp_bind_bgp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_bgp_port',`
+interface(`corenet_udp_bind_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:udp_socket name_bind;
+ allow $1 audit_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the bgp port.
+## Make a TCP connection to the audit port.
## </summary>
## <param name="domain">
## <summary>
@@ -9963,18 +10406,18 @@ interface(`corenet_udp_bind_bgp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_bgp_port',`
+interface(`corenet_tcp_connect_audit_port',`
gen_require(`
- type bgp_port_t;
+ type audit_port_t;
')
- allow $1 bgp_port_t:tcp_socket name_connect;
+ allow $1 audit_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send bgp_client packets.
+## Send audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -9983,17 +10426,17 @@ interface(`corenet_tcp_connect_bgp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_bgp_client_packets',`
+interface(`corenet_send_audit_client_packets',`
gen_require(`
- type bgp_client_packet_t;
+ type audit_client_packet_t;
')
- allow $1 bgp_client_packet_t:packet send;
+ allow $1 audit_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send bgp_client packets.
+## Do not audit attempts to send audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10002,17 +10445,17 @@ interface(`corenet_send_bgp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_bgp_client_packets',`
+interface(`corenet_dontaudit_send_audit_client_packets',`
gen_require(`
- type bgp_client_packet_t;
+ type audit_client_packet_t;
')
- dontaudit $1 bgp_client_packet_t:packet send;
+ dontaudit $1 audit_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive bgp_client packets.
+## Receive audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10021,17 +10464,17 @@ interface(`corenet_dontaudit_send_bgp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_bgp_client_packets',`
+interface(`corenet_receive_audit_client_packets',`
gen_require(`
- type bgp_client_packet_t;
+ type audit_client_packet_t;
')
- allow $1 bgp_client_packet_t:packet recv;
+ allow $1 audit_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive bgp_client packets.
+## Do not audit attempts to receive audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10040,17 +10483,17 @@ interface(`corenet_receive_bgp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_bgp_client_packets',`
+interface(`corenet_dontaudit_receive_audit_client_packets',`
gen_require(`
- type bgp_client_packet_t;
+ type audit_client_packet_t;
')
- dontaudit $1 bgp_client_packet_t:packet recv;
+ dontaudit $1 audit_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive bgp_client packets.
+## Send and receive audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10059,14 +10502,14 @@ interface(`corenet_dontaudit_receive_bgp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_bgp_client_packets',`
- corenet_send_bgp_client_packets($1)
- corenet_receive_bgp_client_packets($1)
+interface(`corenet_sendrecv_audit_client_packets',`
+ corenet_send_audit_client_packets($1)
+ corenet_receive_audit_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive bgp_client packets.
+## Do not audit attempts to send and receive audit_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10075,14 +10518,14 @@ interface(`corenet_sendrecv_bgp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_bgp_client_packets',`
- corenet_dontaudit_send_bgp_client_packets($1)
- corenet_dontaudit_receive_bgp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_audit_client_packets',`
+ corenet_dontaudit_send_audit_client_packets($1)
+ corenet_dontaudit_receive_audit_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to bgp_client the packet type.
+## Relabel packets to audit_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -10090,18 +10533,18 @@ interface(`corenet_dontaudit_sendrecv_bgp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_bgp_client_packets',`
+interface(`corenet_relabelto_audit_client_packets',`
gen_require(`
- type bgp_client_packet_t;
+ type audit_client_packet_t;
')
- allow $1 bgp_client_packet_t:packet relabelto;
+ allow $1 audit_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send bgp_server packets.
+## Send audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10110,17 +10553,17 @@ interface(`corenet_relabelto_bgp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_bgp_server_packets',`
+interface(`corenet_send_audit_server_packets',`
gen_require(`
- type bgp_server_packet_t;
+ type audit_server_packet_t;
')
- allow $1 bgp_server_packet_t:packet send;
+ allow $1 audit_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send bgp_server packets.
+## Do not audit attempts to send audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10129,17 +10572,17 @@ interface(`corenet_send_bgp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_bgp_server_packets',`
+interface(`corenet_dontaudit_send_audit_server_packets',`
gen_require(`
- type bgp_server_packet_t;
+ type audit_server_packet_t;
')
- dontaudit $1 bgp_server_packet_t:packet send;
+ dontaudit $1 audit_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive bgp_server packets.
+## Receive audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10148,17 +10591,17 @@ interface(`corenet_dontaudit_send_bgp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_bgp_server_packets',`
+interface(`corenet_receive_audit_server_packets',`
gen_require(`
- type bgp_server_packet_t;
+ type audit_server_packet_t;
')
- allow $1 bgp_server_packet_t:packet recv;
+ allow $1 audit_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive bgp_server packets.
+## Do not audit attempts to receive audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10167,17 +10610,17 @@ interface(`corenet_receive_bgp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_bgp_server_packets',`
+interface(`corenet_dontaudit_receive_audit_server_packets',`
gen_require(`
- type bgp_server_packet_t;
+ type audit_server_packet_t;
')
- dontaudit $1 bgp_server_packet_t:packet recv;
+ dontaudit $1 audit_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive bgp_server packets.
+## Send and receive audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10186,14 +10629,14 @@ interface(`corenet_dontaudit_receive_bgp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_bgp_server_packets',`
- corenet_send_bgp_server_packets($1)
- corenet_receive_bgp_server_packets($1)
+interface(`corenet_sendrecv_audit_server_packets',`
+ corenet_send_audit_server_packets($1)
+ corenet_receive_audit_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive bgp_server packets.
+## Do not audit attempts to send and receive audit_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10202,14 +10645,14 @@ interface(`corenet_sendrecv_bgp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_bgp_server_packets',`
- corenet_dontaudit_send_bgp_server_packets($1)
- corenet_dontaudit_receive_bgp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_audit_server_packets',`
+ corenet_dontaudit_send_audit_server_packets($1)
+ corenet_dontaudit_receive_audit_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to bgp_server the packet type.
+## Relabel packets to audit_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -10217,12 +10660,12 @@ interface(`corenet_dontaudit_sendrecv_bgp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_bgp_server_packets',`
+interface(`corenet_relabelto_audit_server_packets',`
gen_require(`
- type bgp_server_packet_t;
+ type audit_server_packet_t;
')
- allow $1 bgp_server_packet_t:packet relabelto;
+ allow $1 audit_server_packet_t:packet relabelto;
')
@@ -10230,7 +10673,7 @@ interface(`corenet_relabelto_bgp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the boinc port.
+## Send and receive TCP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10239,17 +10682,17 @@ interface(`corenet_relabelto_bgp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_boinc_port',`
+interface(`corenet_tcp_sendrecv_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 auth_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the boinc port.
+## Send UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10258,17 +10701,17 @@ interface(`corenet_tcp_sendrecv_boinc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_boinc_port',`
+interface(`corenet_udp_send_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:udp_socket send_msg;
+ allow $1 auth_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the boinc port.
+## Do not audit attempts to send UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10277,17 +10720,17 @@ interface(`corenet_udp_send_boinc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_boinc_port',`
+interface(`corenet_dontaudit_udp_send_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- dontaudit $1 boinc_port_t:udp_socket send_msg;
+ dontaudit $1 auth_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the boinc port.
+## Receive UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10296,17 +10739,17 @@ interface(`corenet_dontaudit_udp_send_boinc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_boinc_port',`
+interface(`corenet_udp_receive_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:udp_socket recv_msg;
+ allow $1 auth_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the boinc port.
+## Do not audit attempts to receive UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10315,17 +10758,17 @@ interface(`corenet_udp_receive_boinc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_boinc_port',`
+interface(`corenet_dontaudit_udp_receive_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- dontaudit $1 boinc_port_t:udp_socket recv_msg;
+ dontaudit $1 auth_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the boinc port.
+## Send and receive UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10334,15 +10777,15 @@ interface(`corenet_dontaudit_udp_receive_boinc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_boinc_port',`
- corenet_udp_send_boinc_port($1)
- corenet_udp_receive_boinc_port($1)
+interface(`corenet_udp_sendrecv_auth_port',`
+ corenet_udp_send_auth_port($1)
+ corenet_udp_receive_auth_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the boinc port.
+## UDP traffic on the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10351,14 +10794,14 @@ interface(`corenet_udp_sendrecv_boinc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_boinc_port',`
- corenet_dontaudit_udp_send_boinc_port($1)
- corenet_dontaudit_udp_receive_boinc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_auth_port',`
+ corenet_dontaudit_udp_send_auth_port($1)
+ corenet_dontaudit_udp_receive_auth_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the boinc port.
+## Bind TCP sockets to the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10367,18 +10810,18 @@ interface(`corenet_dontaudit_udp_sendrecv_boinc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_boinc_port',`
+interface(`corenet_tcp_bind_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:tcp_socket name_bind;
-
+ allow $1 auth_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the boinc port.
+## Bind UDP sockets to the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10387,18 +10830,18 @@ interface(`corenet_tcp_bind_boinc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_boinc_port',`
+interface(`corenet_udp_bind_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:udp_socket name_bind;
-
+ allow $1 auth_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the boinc port.
+## Make a TCP connection to the auth port.
## </summary>
## <param name="domain">
## <summary>
@@ -10406,18 +10849,18 @@ interface(`corenet_udp_bind_boinc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_boinc_port',`
+interface(`corenet_tcp_connect_auth_port',`
gen_require(`
- type boinc_port_t;
+ type auth_port_t;
')
- allow $1 boinc_port_t:tcp_socket name_connect;
+ allow $1 auth_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send boinc_client packets.
+## Send auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10426,17 +10869,17 @@ interface(`corenet_tcp_connect_boinc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_boinc_client_packets',`
+interface(`corenet_send_auth_client_packets',`
gen_require(`
- type boinc_client_packet_t;
+ type auth_client_packet_t;
')
- allow $1 boinc_client_packet_t:packet send;
+ allow $1 auth_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send boinc_client packets.
+## Do not audit attempts to send auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10445,17 +10888,17 @@ interface(`corenet_send_boinc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_boinc_client_packets',`
+interface(`corenet_dontaudit_send_auth_client_packets',`
gen_require(`
- type boinc_client_packet_t;
+ type auth_client_packet_t;
')
- dontaudit $1 boinc_client_packet_t:packet send;
+ dontaudit $1 auth_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive boinc_client packets.
+## Receive auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10464,17 +10907,17 @@ interface(`corenet_dontaudit_send_boinc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_boinc_client_packets',`
+interface(`corenet_receive_auth_client_packets',`
gen_require(`
- type boinc_client_packet_t;
+ type auth_client_packet_t;
')
- allow $1 boinc_client_packet_t:packet recv;
+ allow $1 auth_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive boinc_client packets.
+## Do not audit attempts to receive auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10483,17 +10926,17 @@ interface(`corenet_receive_boinc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_boinc_client_packets',`
+interface(`corenet_dontaudit_receive_auth_client_packets',`
gen_require(`
- type boinc_client_packet_t;
+ type auth_client_packet_t;
')
- dontaudit $1 boinc_client_packet_t:packet recv;
+ dontaudit $1 auth_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive boinc_client packets.
+## Send and receive auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10502,14 +10945,14 @@ interface(`corenet_dontaudit_receive_boinc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_boinc_client_packets',`
- corenet_send_boinc_client_packets($1)
- corenet_receive_boinc_client_packets($1)
+interface(`corenet_sendrecv_auth_client_packets',`
+ corenet_send_auth_client_packets($1)
+ corenet_receive_auth_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive boinc_client packets.
+## Do not audit attempts to send and receive auth_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10518,14 +10961,14 @@ interface(`corenet_sendrecv_boinc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_boinc_client_packets',`
- corenet_dontaudit_send_boinc_client_packets($1)
- corenet_dontaudit_receive_boinc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_auth_client_packets',`
+ corenet_dontaudit_send_auth_client_packets($1)
+ corenet_dontaudit_receive_auth_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to boinc_client the packet type.
+## Relabel packets to auth_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -10533,18 +10976,18 @@ interface(`corenet_dontaudit_sendrecv_boinc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_boinc_client_packets',`
+interface(`corenet_relabelto_auth_client_packets',`
gen_require(`
- type boinc_client_packet_t;
+ type auth_client_packet_t;
')
- allow $1 boinc_client_packet_t:packet relabelto;
+ allow $1 auth_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send boinc_server packets.
+## Send auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10553,17 +10996,17 @@ interface(`corenet_relabelto_boinc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_boinc_server_packets',`
+interface(`corenet_send_auth_server_packets',`
gen_require(`
- type boinc_server_packet_t;
+ type auth_server_packet_t;
')
- allow $1 boinc_server_packet_t:packet send;
+ allow $1 auth_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send boinc_server packets.
+## Do not audit attempts to send auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10572,17 +11015,17 @@ interface(`corenet_send_boinc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_boinc_server_packets',`
+interface(`corenet_dontaudit_send_auth_server_packets',`
gen_require(`
- type boinc_server_packet_t;
+ type auth_server_packet_t;
')
- dontaudit $1 boinc_server_packet_t:packet send;
+ dontaudit $1 auth_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive boinc_server packets.
+## Receive auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10591,17 +11034,17 @@ interface(`corenet_dontaudit_send_boinc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_boinc_server_packets',`
+interface(`corenet_receive_auth_server_packets',`
gen_require(`
- type boinc_server_packet_t;
+ type auth_server_packet_t;
')
- allow $1 boinc_server_packet_t:packet recv;
+ allow $1 auth_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive boinc_server packets.
+## Do not audit attempts to receive auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10610,17 +11053,17 @@ interface(`corenet_receive_boinc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_boinc_server_packets',`
+interface(`corenet_dontaudit_receive_auth_server_packets',`
gen_require(`
- type boinc_server_packet_t;
+ type auth_server_packet_t;
')
- dontaudit $1 boinc_server_packet_t:packet recv;
+ dontaudit $1 auth_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive boinc_server packets.
+## Send and receive auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10629,14 +11072,14 @@ interface(`corenet_dontaudit_receive_boinc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_boinc_server_packets',`
- corenet_send_boinc_server_packets($1)
- corenet_receive_boinc_server_packets($1)
+interface(`corenet_sendrecv_auth_server_packets',`
+ corenet_send_auth_server_packets($1)
+ corenet_receive_auth_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive boinc_server packets.
+## Do not audit attempts to send and receive auth_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10645,14 +11088,14 @@ interface(`corenet_sendrecv_boinc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_boinc_server_packets',`
- corenet_dontaudit_send_boinc_server_packets($1)
- corenet_dontaudit_receive_boinc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_auth_server_packets',`
+ corenet_dontaudit_send_auth_server_packets($1)
+ corenet_dontaudit_receive_auth_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to boinc_server the packet type.
+## Relabel packets to auth_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -10660,12 +11103,12 @@ interface(`corenet_dontaudit_sendrecv_boinc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_boinc_server_packets',`
+interface(`corenet_relabelto_auth_server_packets',`
gen_require(`
- type boinc_server_packet_t;
+ type auth_server_packet_t;
')
- allow $1 boinc_server_packet_t:packet relabelto;
+ allow $1 auth_server_packet_t:packet relabelto;
')
@@ -10673,7 +11116,7 @@ interface(`corenet_relabelto_boinc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the biff port.
+## Send and receive TCP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10682,17 +11125,17 @@ interface(`corenet_relabelto_boinc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_biff_port',`
+interface(`corenet_tcp_sendrecv_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 bgp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the biff port.
+## Send UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10701,17 +11144,17 @@ interface(`corenet_tcp_sendrecv_biff_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_biff_port',`
+interface(`corenet_udp_send_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:udp_socket send_msg;
+ allow $1 bgp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the biff port.
+## Do not audit attempts to send UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10720,17 +11163,17 @@ interface(`corenet_udp_send_biff_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_biff_port',`
+interface(`corenet_dontaudit_udp_send_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- dontaudit $1 biff_port_t:udp_socket send_msg;
+ dontaudit $1 bgp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the biff port.
+## Receive UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10739,17 +11182,17 @@ interface(`corenet_dontaudit_udp_send_biff_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_biff_port',`
+interface(`corenet_udp_receive_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:udp_socket recv_msg;
+ allow $1 bgp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the biff port.
+## Do not audit attempts to receive UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10758,17 +11201,17 @@ interface(`corenet_udp_receive_biff_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_biff_port',`
+interface(`corenet_dontaudit_udp_receive_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- dontaudit $1 biff_port_t:udp_socket recv_msg;
+ dontaudit $1 bgp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the biff port.
+## Send and receive UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10777,15 +11220,15 @@ interface(`corenet_dontaudit_udp_receive_biff_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_biff_port',`
- corenet_udp_send_biff_port($1)
- corenet_udp_receive_biff_port($1)
+interface(`corenet_udp_sendrecv_bgp_port',`
+ corenet_udp_send_bgp_port($1)
+ corenet_udp_receive_bgp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the biff port.
+## UDP traffic on the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10794,14 +11237,14 @@ interface(`corenet_udp_sendrecv_biff_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_biff_port',`
- corenet_dontaudit_udp_send_biff_port($1)
- corenet_dontaudit_udp_receive_biff_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_bgp_port',`
+ corenet_dontaudit_udp_send_bgp_port($1)
+ corenet_dontaudit_udp_receive_bgp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the biff port.
+## Bind TCP sockets to the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10810,18 +11253,18 @@ interface(`corenet_dontaudit_udp_sendrecv_biff_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_biff_port',`
+interface(`corenet_tcp_bind_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:tcp_socket name_bind;
-
+ allow $1 bgp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the biff port.
+## Bind UDP sockets to the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10830,18 +11273,18 @@ interface(`corenet_tcp_bind_biff_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_biff_port',`
+interface(`corenet_udp_bind_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:udp_socket name_bind;
-
+ allow $1 bgp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the biff port.
+## Make a TCP connection to the bgp port.
## </summary>
## <param name="domain">
## <summary>
@@ -10849,18 +11292,18 @@ interface(`corenet_udp_bind_biff_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_biff_port',`
+interface(`corenet_tcp_connect_bgp_port',`
gen_require(`
- type biff_port_t;
+ type bgp_port_t;
')
- allow $1 biff_port_t:tcp_socket name_connect;
+ allow $1 bgp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send biff_client packets.
+## Send bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10869,17 +11312,17 @@ interface(`corenet_tcp_connect_biff_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_biff_client_packets',`
+interface(`corenet_send_bgp_client_packets',`
gen_require(`
- type biff_client_packet_t;
+ type bgp_client_packet_t;
')
- allow $1 biff_client_packet_t:packet send;
+ allow $1 bgp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send biff_client packets.
+## Do not audit attempts to send bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10888,17 +11331,17 @@ interface(`corenet_send_biff_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_biff_client_packets',`
+interface(`corenet_dontaudit_send_bgp_client_packets',`
gen_require(`
- type biff_client_packet_t;
+ type bgp_client_packet_t;
')
- dontaudit $1 biff_client_packet_t:packet send;
+ dontaudit $1 bgp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive biff_client packets.
+## Receive bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10907,17 +11350,17 @@ interface(`corenet_dontaudit_send_biff_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_biff_client_packets',`
+interface(`corenet_receive_bgp_client_packets',`
gen_require(`
- type biff_client_packet_t;
+ type bgp_client_packet_t;
')
- allow $1 biff_client_packet_t:packet recv;
+ allow $1 bgp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive biff_client packets.
+## Do not audit attempts to receive bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10926,17 +11369,17 @@ interface(`corenet_receive_biff_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_biff_client_packets',`
+interface(`corenet_dontaudit_receive_bgp_client_packets',`
gen_require(`
- type biff_client_packet_t;
+ type bgp_client_packet_t;
')
- dontaudit $1 biff_client_packet_t:packet recv;
+ dontaudit $1 bgp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive biff_client packets.
+## Send and receive bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10945,14 +11388,14 @@ interface(`corenet_dontaudit_receive_biff_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_biff_client_packets',`
- corenet_send_biff_client_packets($1)
- corenet_receive_biff_client_packets($1)
+interface(`corenet_sendrecv_bgp_client_packets',`
+ corenet_send_bgp_client_packets($1)
+ corenet_receive_bgp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive biff_client packets.
+## Do not audit attempts to send and receive bgp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10961,14 +11404,14 @@ interface(`corenet_sendrecv_biff_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_biff_client_packets',`
- corenet_dontaudit_send_biff_client_packets($1)
- corenet_dontaudit_receive_biff_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_bgp_client_packets',`
+ corenet_dontaudit_send_bgp_client_packets($1)
+ corenet_dontaudit_receive_bgp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to biff_client the packet type.
+## Relabel packets to bgp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -10976,18 +11419,18 @@ interface(`corenet_dontaudit_sendrecv_biff_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_biff_client_packets',`
+interface(`corenet_relabelto_bgp_client_packets',`
gen_require(`
- type biff_client_packet_t;
+ type bgp_client_packet_t;
')
- allow $1 biff_client_packet_t:packet relabelto;
+ allow $1 bgp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send biff_server packets.
+## Send bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -10996,17 +11439,17 @@ interface(`corenet_relabelto_biff_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_biff_server_packets',`
+interface(`corenet_send_bgp_server_packets',`
gen_require(`
- type biff_server_packet_t;
+ type bgp_server_packet_t;
')
- allow $1 biff_server_packet_t:packet send;
+ allow $1 bgp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send biff_server packets.
+## Do not audit attempts to send bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11015,17 +11458,17 @@ interface(`corenet_send_biff_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_biff_server_packets',`
+interface(`corenet_dontaudit_send_bgp_server_packets',`
gen_require(`
- type biff_server_packet_t;
+ type bgp_server_packet_t;
')
- dontaudit $1 biff_server_packet_t:packet send;
+ dontaudit $1 bgp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive biff_server packets.
+## Receive bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11034,17 +11477,17 @@ interface(`corenet_dontaudit_send_biff_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_biff_server_packets',`
+interface(`corenet_receive_bgp_server_packets',`
gen_require(`
- type biff_server_packet_t;
+ type bgp_server_packet_t;
')
- allow $1 biff_server_packet_t:packet recv;
+ allow $1 bgp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive biff_server packets.
+## Do not audit attempts to receive bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11053,17 +11496,17 @@ interface(`corenet_receive_biff_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_biff_server_packets',`
+interface(`corenet_dontaudit_receive_bgp_server_packets',`
gen_require(`
- type biff_server_packet_t;
+ type bgp_server_packet_t;
')
- dontaudit $1 biff_server_packet_t:packet recv;
+ dontaudit $1 bgp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive biff_server packets.
+## Send and receive bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11072,14 +11515,14 @@ interface(`corenet_dontaudit_receive_biff_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_biff_server_packets',`
- corenet_send_biff_server_packets($1)
- corenet_receive_biff_server_packets($1)
+interface(`corenet_sendrecv_bgp_server_packets',`
+ corenet_send_bgp_server_packets($1)
+ corenet_receive_bgp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive biff_server packets.
+## Do not audit attempts to send and receive bgp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11088,14 +11531,14 @@ interface(`corenet_sendrecv_biff_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_biff_server_packets',`
- corenet_dontaudit_send_biff_server_packets($1)
- corenet_dontaudit_receive_biff_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_bgp_server_packets',`
+ corenet_dontaudit_send_bgp_server_packets($1)
+ corenet_dontaudit_receive_bgp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to biff_server the packet type.
+## Relabel packets to bgp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -11103,20 +11546,20 @@ interface(`corenet_dontaudit_sendrecv_biff_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_biff_server_packets',`
+interface(`corenet_relabelto_bgp_server_packets',`
gen_require(`
- type biff_server_packet_t;
+ type bgp_server_packet_t;
')
- allow $1 biff_server_packet_t:packet relabelto;
+ allow $1 bgp_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the certmaster port.
+## Send and receive TCP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11125,17 +11568,17 @@ interface(`corenet_relabelto_biff_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_certmaster_port',`
+interface(`corenet_tcp_sendrecv_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 boinc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the certmaster port.
+## Send UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11144,17 +11587,17 @@ interface(`corenet_tcp_sendrecv_certmaster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_certmaster_port',`
+interface(`corenet_udp_send_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:udp_socket send_msg;
+ allow $1 boinc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the certmaster port.
+## Do not audit attempts to send UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11163,17 +11606,17 @@ interface(`corenet_udp_send_certmaster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_certmaster_port',`
+interface(`corenet_dontaudit_udp_send_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- dontaudit $1 certmaster_port_t:udp_socket send_msg;
+ dontaudit $1 boinc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the certmaster port.
+## Receive UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11182,17 +11625,17 @@ interface(`corenet_dontaudit_udp_send_certmaster_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_certmaster_port',`
+interface(`corenet_udp_receive_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:udp_socket recv_msg;
+ allow $1 boinc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the certmaster port.
+## Do not audit attempts to receive UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11201,17 +11644,17 @@ interface(`corenet_udp_receive_certmaster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_certmaster_port',`
+interface(`corenet_dontaudit_udp_receive_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- dontaudit $1 certmaster_port_t:udp_socket recv_msg;
+ dontaudit $1 boinc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the certmaster port.
+## Send and receive UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11220,15 +11663,15 @@ interface(`corenet_dontaudit_udp_receive_certmaster_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_certmaster_port',`
- corenet_udp_send_certmaster_port($1)
- corenet_udp_receive_certmaster_port($1)
+interface(`corenet_udp_sendrecv_boinc_port',`
+ corenet_udp_send_boinc_port($1)
+ corenet_udp_receive_boinc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the certmaster port.
+## UDP traffic on the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11237,14 +11680,14 @@ interface(`corenet_udp_sendrecv_certmaster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_certmaster_port',`
- corenet_dontaudit_udp_send_certmaster_port($1)
- corenet_dontaudit_udp_receive_certmaster_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_boinc_port',`
+ corenet_dontaudit_udp_send_boinc_port($1)
+ corenet_dontaudit_udp_receive_boinc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the certmaster port.
+## Bind TCP sockets to the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11253,18 +11696,18 @@ interface(`corenet_dontaudit_udp_sendrecv_certmaster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_certmaster_port',`
+interface(`corenet_tcp_bind_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:tcp_socket name_bind;
+ allow $1 boinc_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the certmaster port.
+## Bind UDP sockets to the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11273,18 +11716,18 @@ interface(`corenet_tcp_bind_certmaster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_certmaster_port',`
+interface(`corenet_udp_bind_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:udp_socket name_bind;
+ allow $1 boinc_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the certmaster port.
+## Make a TCP connection to the boinc port.
## </summary>
## <param name="domain">
## <summary>
@@ -11292,18 +11735,18 @@ interface(`corenet_udp_bind_certmaster_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_certmaster_port',`
+interface(`corenet_tcp_connect_boinc_port',`
gen_require(`
- type certmaster_port_t;
+ type boinc_port_t;
')
- allow $1 certmaster_port_t:tcp_socket name_connect;
+ allow $1 boinc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send certmaster_client packets.
+## Send boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11312,17 +11755,17 @@ interface(`corenet_tcp_connect_certmaster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_certmaster_client_packets',`
+interface(`corenet_send_boinc_client_packets',`
gen_require(`
- type certmaster_client_packet_t;
+ type boinc_client_packet_t;
')
- allow $1 certmaster_client_packet_t:packet send;
+ allow $1 boinc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send certmaster_client packets.
+## Do not audit attempts to send boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11331,17 +11774,17 @@ interface(`corenet_send_certmaster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_certmaster_client_packets',`
+interface(`corenet_dontaudit_send_boinc_client_packets',`
gen_require(`
- type certmaster_client_packet_t;
+ type boinc_client_packet_t;
')
- dontaudit $1 certmaster_client_packet_t:packet send;
+ dontaudit $1 boinc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive certmaster_client packets.
+## Receive boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11350,17 +11793,17 @@ interface(`corenet_dontaudit_send_certmaster_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_certmaster_client_packets',`
+interface(`corenet_receive_boinc_client_packets',`
gen_require(`
- type certmaster_client_packet_t;
+ type boinc_client_packet_t;
')
- allow $1 certmaster_client_packet_t:packet recv;
+ allow $1 boinc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive certmaster_client packets.
+## Do not audit attempts to receive boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11369,17 +11812,17 @@ interface(`corenet_receive_certmaster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_certmaster_client_packets',`
+interface(`corenet_dontaudit_receive_boinc_client_packets',`
gen_require(`
- type certmaster_client_packet_t;
+ type boinc_client_packet_t;
')
- dontaudit $1 certmaster_client_packet_t:packet recv;
+ dontaudit $1 boinc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive certmaster_client packets.
+## Send and receive boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11388,14 +11831,14 @@ interface(`corenet_dontaudit_receive_certmaster_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_certmaster_client_packets',`
- corenet_send_certmaster_client_packets($1)
- corenet_receive_certmaster_client_packets($1)
+interface(`corenet_sendrecv_boinc_client_packets',`
+ corenet_send_boinc_client_packets($1)
+ corenet_receive_boinc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive certmaster_client packets.
+## Do not audit attempts to send and receive boinc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11404,14 +11847,14 @@ interface(`corenet_sendrecv_certmaster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_certmaster_client_packets',`
- corenet_dontaudit_send_certmaster_client_packets($1)
- corenet_dontaudit_receive_certmaster_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_boinc_client_packets',`
+ corenet_dontaudit_send_boinc_client_packets($1)
+ corenet_dontaudit_receive_boinc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to certmaster_client the packet type.
+## Relabel packets to boinc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -11419,18 +11862,18 @@ interface(`corenet_dontaudit_sendrecv_certmaster_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_certmaster_client_packets',`
+interface(`corenet_relabelto_boinc_client_packets',`
gen_require(`
- type certmaster_client_packet_t;
+ type boinc_client_packet_t;
')
- allow $1 certmaster_client_packet_t:packet relabelto;
+ allow $1 boinc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send certmaster_server packets.
+## Send boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11439,17 +11882,17 @@ interface(`corenet_relabelto_certmaster_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_certmaster_server_packets',`
+interface(`corenet_send_boinc_server_packets',`
gen_require(`
- type certmaster_server_packet_t;
+ type boinc_server_packet_t;
')
- allow $1 certmaster_server_packet_t:packet send;
+ allow $1 boinc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send certmaster_server packets.
+## Do not audit attempts to send boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11458,17 +11901,17 @@ interface(`corenet_send_certmaster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_certmaster_server_packets',`
+interface(`corenet_dontaudit_send_boinc_server_packets',`
gen_require(`
- type certmaster_server_packet_t;
+ type boinc_server_packet_t;
')
- dontaudit $1 certmaster_server_packet_t:packet send;
+ dontaudit $1 boinc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive certmaster_server packets.
+## Receive boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11477,17 +11920,17 @@ interface(`corenet_dontaudit_send_certmaster_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_certmaster_server_packets',`
+interface(`corenet_receive_boinc_server_packets',`
gen_require(`
- type certmaster_server_packet_t;
+ type boinc_server_packet_t;
')
- allow $1 certmaster_server_packet_t:packet recv;
+ allow $1 boinc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive certmaster_server packets.
+## Do not audit attempts to receive boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11496,17 +11939,17 @@ interface(`corenet_receive_certmaster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_certmaster_server_packets',`
+interface(`corenet_dontaudit_receive_boinc_server_packets',`
gen_require(`
- type certmaster_server_packet_t;
+ type boinc_server_packet_t;
')
- dontaudit $1 certmaster_server_packet_t:packet recv;
+ dontaudit $1 boinc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive certmaster_server packets.
+## Send and receive boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11515,14 +11958,14 @@ interface(`corenet_dontaudit_receive_certmaster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_certmaster_server_packets',`
- corenet_send_certmaster_server_packets($1)
- corenet_receive_certmaster_server_packets($1)
+interface(`corenet_sendrecv_boinc_server_packets',`
+ corenet_send_boinc_server_packets($1)
+ corenet_receive_boinc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive certmaster_server packets.
+## Do not audit attempts to send and receive boinc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11531,14 +11974,14 @@ interface(`corenet_sendrecv_certmaster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_certmaster_server_packets',`
- corenet_dontaudit_send_certmaster_server_packets($1)
- corenet_dontaudit_receive_certmaster_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_boinc_server_packets',`
+ corenet_dontaudit_send_boinc_server_packets($1)
+ corenet_dontaudit_receive_boinc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to certmaster_server the packet type.
+## Relabel packets to boinc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -11546,12 +11989,12 @@ interface(`corenet_dontaudit_sendrecv_certmaster_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_certmaster_server_packets',`
+interface(`corenet_relabelto_boinc_server_packets',`
gen_require(`
- type certmaster_server_packet_t;
+ type boinc_server_packet_t;
')
- allow $1 certmaster_server_packet_t:packet relabelto;
+ allow $1 boinc_server_packet_t:packet relabelto;
')
@@ -11559,7 +12002,7 @@ interface(`corenet_relabelto_certmaster_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the chronyd port.
+## Send and receive TCP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11568,17 +12011,17 @@ interface(`corenet_relabelto_certmaster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_chronyd_port',`
+interface(`corenet_tcp_sendrecv_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 boinc_client_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the chronyd port.
+## Send UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11587,17 +12030,17 @@ interface(`corenet_tcp_sendrecv_chronyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_chronyd_port',`
+interface(`corenet_udp_send_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:udp_socket send_msg;
+ allow $1 boinc_client_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the chronyd port.
+## Do not audit attempts to send UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11606,17 +12049,17 @@ interface(`corenet_udp_send_chronyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_chronyd_port',`
+interface(`corenet_dontaudit_udp_send_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- dontaudit $1 chronyd_port_t:udp_socket send_msg;
+ dontaudit $1 boinc_client_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the chronyd port.
+## Receive UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11625,17 +12068,17 @@ interface(`corenet_dontaudit_udp_send_chronyd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_chronyd_port',`
+interface(`corenet_udp_receive_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:udp_socket recv_msg;
+ allow $1 boinc_client_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the chronyd port.
+## Do not audit attempts to receive UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11644,17 +12087,17 @@ interface(`corenet_udp_receive_chronyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_chronyd_port',`
+interface(`corenet_dontaudit_udp_receive_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- dontaudit $1 chronyd_port_t:udp_socket recv_msg;
+ dontaudit $1 boinc_client_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the chronyd port.
+## Send and receive UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11663,15 +12106,15 @@ interface(`corenet_dontaudit_udp_receive_chronyd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_chronyd_port',`
- corenet_udp_send_chronyd_port($1)
- corenet_udp_receive_chronyd_port($1)
+interface(`corenet_udp_sendrecv_boinc_client_port',`
+ corenet_udp_send_boinc_client_port($1)
+ corenet_udp_receive_boinc_client_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the chronyd port.
+## UDP traffic on the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11680,14 +12123,14 @@ interface(`corenet_udp_sendrecv_chronyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_chronyd_port',`
- corenet_dontaudit_udp_send_chronyd_port($1)
- corenet_dontaudit_udp_receive_chronyd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_boinc_client_port',`
+ corenet_dontaudit_udp_send_boinc_client_port($1)
+ corenet_dontaudit_udp_receive_boinc_client_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the chronyd port.
+## Bind TCP sockets to the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11696,18 +12139,18 @@ interface(`corenet_dontaudit_udp_sendrecv_chronyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_chronyd_port',`
+interface(`corenet_tcp_bind_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 boinc_client_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the chronyd port.
+## Bind UDP sockets to the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11716,18 +12159,18 @@ interface(`corenet_tcp_bind_chronyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_chronyd_port',`
+interface(`corenet_udp_bind_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 boinc_client_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the chronyd port.
+## Make a TCP connection to the boinc_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -11735,18 +12178,18 @@ interface(`corenet_udp_bind_chronyd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_chronyd_port',`
+interface(`corenet_tcp_connect_boinc_client_port',`
gen_require(`
- type chronyd_port_t;
+ type boinc_client_port_t;
')
- allow $1 chronyd_port_t:tcp_socket name_connect;
+ allow $1 boinc_client_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send chronyd_client packets.
+## Send boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11755,17 +12198,17 @@ interface(`corenet_tcp_connect_chronyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_chronyd_client_packets',`
+interface(`corenet_send_boinc_client_client_packets',`
gen_require(`
- type chronyd_client_packet_t;
+ type boinc_client_client_packet_t;
')
- allow $1 chronyd_client_packet_t:packet send;
+ allow $1 boinc_client_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send chronyd_client packets.
+## Do not audit attempts to send boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11774,17 +12217,17 @@ interface(`corenet_send_chronyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_chronyd_client_packets',`
+interface(`corenet_dontaudit_send_boinc_client_client_packets',`
gen_require(`
- type chronyd_client_packet_t;
+ type boinc_client_client_packet_t;
')
- dontaudit $1 chronyd_client_packet_t:packet send;
+ dontaudit $1 boinc_client_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive chronyd_client packets.
+## Receive boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11793,17 +12236,17 @@ interface(`corenet_dontaudit_send_chronyd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_chronyd_client_packets',`
+interface(`corenet_receive_boinc_client_client_packets',`
gen_require(`
- type chronyd_client_packet_t;
+ type boinc_client_client_packet_t;
')
- allow $1 chronyd_client_packet_t:packet recv;
+ allow $1 boinc_client_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive chronyd_client packets.
+## Do not audit attempts to receive boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11812,17 +12255,17 @@ interface(`corenet_receive_chronyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_chronyd_client_packets',`
+interface(`corenet_dontaudit_receive_boinc_client_client_packets',`
gen_require(`
- type chronyd_client_packet_t;
+ type boinc_client_client_packet_t;
')
- dontaudit $1 chronyd_client_packet_t:packet recv;
+ dontaudit $1 boinc_client_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive chronyd_client packets.
+## Send and receive boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11831,14 +12274,14 @@ interface(`corenet_dontaudit_receive_chronyd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_chronyd_client_packets',`
- corenet_send_chronyd_client_packets($1)
- corenet_receive_chronyd_client_packets($1)
+interface(`corenet_sendrecv_boinc_client_client_packets',`
+ corenet_send_boinc_client_client_packets($1)
+ corenet_receive_boinc_client_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive chronyd_client packets.
+## Do not audit attempts to send and receive boinc_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11847,14 +12290,14 @@ interface(`corenet_sendrecv_chronyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_chronyd_client_packets',`
- corenet_dontaudit_send_chronyd_client_packets($1)
- corenet_dontaudit_receive_chronyd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_boinc_client_client_packets',`
+ corenet_dontaudit_send_boinc_client_client_packets($1)
+ corenet_dontaudit_receive_boinc_client_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to chronyd_client the packet type.
+## Relabel packets to boinc_client_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -11862,18 +12305,18 @@ interface(`corenet_dontaudit_sendrecv_chronyd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_chronyd_client_packets',`
+interface(`corenet_relabelto_boinc_client_client_packets',`
gen_require(`
- type chronyd_client_packet_t;
+ type boinc_client_client_packet_t;
')
- allow $1 chronyd_client_packet_t:packet relabelto;
+ allow $1 boinc_client_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send chronyd_server packets.
+## Send boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11882,17 +12325,17 @@ interface(`corenet_relabelto_chronyd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_chronyd_server_packets',`
+interface(`corenet_send_boinc_client_server_packets',`
gen_require(`
- type chronyd_server_packet_t;
+ type boinc_client_server_packet_t;
')
- allow $1 chronyd_server_packet_t:packet send;
+ allow $1 boinc_client_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send chronyd_server packets.
+## Do not audit attempts to send boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11901,17 +12344,17 @@ interface(`corenet_send_chronyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_chronyd_server_packets',`
+interface(`corenet_dontaudit_send_boinc_client_server_packets',`
gen_require(`
- type chronyd_server_packet_t;
+ type boinc_client_server_packet_t;
')
- dontaudit $1 chronyd_server_packet_t:packet send;
+ dontaudit $1 boinc_client_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive chronyd_server packets.
+## Receive boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11920,17 +12363,17 @@ interface(`corenet_dontaudit_send_chronyd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_chronyd_server_packets',`
+interface(`corenet_receive_boinc_client_server_packets',`
gen_require(`
- type chronyd_server_packet_t;
+ type boinc_client_server_packet_t;
')
- allow $1 chronyd_server_packet_t:packet recv;
+ allow $1 boinc_client_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive chronyd_server packets.
+## Do not audit attempts to receive boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11939,17 +12382,17 @@ interface(`corenet_receive_chronyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_chronyd_server_packets',`
+interface(`corenet_dontaudit_receive_boinc_client_server_packets',`
gen_require(`
- type chronyd_server_packet_t;
+ type boinc_client_server_packet_t;
')
- dontaudit $1 chronyd_server_packet_t:packet recv;
+ dontaudit $1 boinc_client_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive chronyd_server packets.
+## Send and receive boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11958,14 +12401,14 @@ interface(`corenet_dontaudit_receive_chronyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_chronyd_server_packets',`
- corenet_send_chronyd_server_packets($1)
- corenet_receive_chronyd_server_packets($1)
+interface(`corenet_sendrecv_boinc_client_server_packets',`
+ corenet_send_boinc_client_server_packets($1)
+ corenet_receive_boinc_client_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive chronyd_server packets.
+## Do not audit attempts to send and receive boinc_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -11974,14 +12417,14 @@ interface(`corenet_sendrecv_chronyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_chronyd_server_packets',`
- corenet_dontaudit_send_chronyd_server_packets($1)
- corenet_dontaudit_receive_chronyd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_boinc_client_server_packets',`
+ corenet_dontaudit_send_boinc_client_server_packets($1)
+ corenet_dontaudit_receive_boinc_client_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to chronyd_server the packet type.
+## Relabel packets to boinc_client_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -11989,12 +12432,12 @@ interface(`corenet_dontaudit_sendrecv_chronyd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_chronyd_server_packets',`
+interface(`corenet_relabelto_boinc_client_server_packets',`
gen_require(`
- type chronyd_server_packet_t;
+ type boinc_client_server_packet_t;
')
- allow $1 chronyd_server_packet_t:packet relabelto;
+ allow $1 boinc_client_server_packet_t:packet relabelto;
')
@@ -12002,7 +12445,7 @@ interface(`corenet_relabelto_chronyd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the clamd port.
+## Send and receive TCP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12011,17 +12454,17 @@ interface(`corenet_relabelto_chronyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_clamd_port',`
+interface(`corenet_tcp_sendrecv_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 biff_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the clamd port.
+## Send UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12030,17 +12473,17 @@ interface(`corenet_tcp_sendrecv_clamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_clamd_port',`
+interface(`corenet_udp_send_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:udp_socket send_msg;
+ allow $1 biff_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the clamd port.
+## Do not audit attempts to send UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12049,17 +12492,17 @@ interface(`corenet_udp_send_clamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_clamd_port',`
+interface(`corenet_dontaudit_udp_send_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- dontaudit $1 clamd_port_t:udp_socket send_msg;
+ dontaudit $1 biff_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the clamd port.
+## Receive UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12068,17 +12511,17 @@ interface(`corenet_dontaudit_udp_send_clamd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_clamd_port',`
+interface(`corenet_udp_receive_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:udp_socket recv_msg;
+ allow $1 biff_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the clamd port.
+## Do not audit attempts to receive UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12087,17 +12530,17 @@ interface(`corenet_udp_receive_clamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_clamd_port',`
+interface(`corenet_dontaudit_udp_receive_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- dontaudit $1 clamd_port_t:udp_socket recv_msg;
+ dontaudit $1 biff_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the clamd port.
+## Send and receive UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12106,15 +12549,15 @@ interface(`corenet_dontaudit_udp_receive_clamd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_clamd_port',`
- corenet_udp_send_clamd_port($1)
- corenet_udp_receive_clamd_port($1)
+interface(`corenet_udp_sendrecv_biff_port',`
+ corenet_udp_send_biff_port($1)
+ corenet_udp_receive_biff_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the clamd port.
+## UDP traffic on the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12123,14 +12566,14 @@ interface(`corenet_udp_sendrecv_clamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_clamd_port',`
- corenet_dontaudit_udp_send_clamd_port($1)
- corenet_dontaudit_udp_receive_clamd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_biff_port',`
+ corenet_dontaudit_udp_send_biff_port($1)
+ corenet_dontaudit_udp_receive_biff_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the clamd port.
+## Bind TCP sockets to the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12139,18 +12582,18 @@ interface(`corenet_dontaudit_udp_sendrecv_clamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_clamd_port',`
+interface(`corenet_tcp_bind_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:tcp_socket name_bind;
+ allow $1 biff_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the clamd port.
+## Bind UDP sockets to the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12159,18 +12602,18 @@ interface(`corenet_tcp_bind_clamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_clamd_port',`
+interface(`corenet_udp_bind_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:udp_socket name_bind;
+ allow $1 biff_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the clamd port.
+## Make a TCP connection to the biff port.
## </summary>
## <param name="domain">
## <summary>
@@ -12178,18 +12621,18 @@ interface(`corenet_udp_bind_clamd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_clamd_port',`
+interface(`corenet_tcp_connect_biff_port',`
gen_require(`
- type clamd_port_t;
+ type biff_port_t;
')
- allow $1 clamd_port_t:tcp_socket name_connect;
+ allow $1 biff_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send clamd_client packets.
+## Send biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12198,17 +12641,17 @@ interface(`corenet_tcp_connect_clamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_clamd_client_packets',`
+interface(`corenet_send_biff_client_packets',`
gen_require(`
- type clamd_client_packet_t;
+ type biff_client_packet_t;
')
- allow $1 clamd_client_packet_t:packet send;
+ allow $1 biff_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send clamd_client packets.
+## Do not audit attempts to send biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12217,17 +12660,17 @@ interface(`corenet_send_clamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_clamd_client_packets',`
+interface(`corenet_dontaudit_send_biff_client_packets',`
gen_require(`
- type clamd_client_packet_t;
+ type biff_client_packet_t;
')
- dontaudit $1 clamd_client_packet_t:packet send;
+ dontaudit $1 biff_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive clamd_client packets.
+## Receive biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12236,17 +12679,17 @@ interface(`corenet_dontaudit_send_clamd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_clamd_client_packets',`
+interface(`corenet_receive_biff_client_packets',`
gen_require(`
- type clamd_client_packet_t;
+ type biff_client_packet_t;
')
- allow $1 clamd_client_packet_t:packet recv;
+ allow $1 biff_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive clamd_client packets.
+## Do not audit attempts to receive biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12255,17 +12698,17 @@ interface(`corenet_receive_clamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_clamd_client_packets',`
+interface(`corenet_dontaudit_receive_biff_client_packets',`
gen_require(`
- type clamd_client_packet_t;
+ type biff_client_packet_t;
')
- dontaudit $1 clamd_client_packet_t:packet recv;
+ dontaudit $1 biff_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive clamd_client packets.
+## Send and receive biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12274,14 +12717,14 @@ interface(`corenet_dontaudit_receive_clamd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_clamd_client_packets',`
- corenet_send_clamd_client_packets($1)
- corenet_receive_clamd_client_packets($1)
+interface(`corenet_sendrecv_biff_client_packets',`
+ corenet_send_biff_client_packets($1)
+ corenet_receive_biff_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive clamd_client packets.
+## Do not audit attempts to send and receive biff_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12290,14 +12733,14 @@ interface(`corenet_sendrecv_clamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_clamd_client_packets',`
- corenet_dontaudit_send_clamd_client_packets($1)
- corenet_dontaudit_receive_clamd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_biff_client_packets',`
+ corenet_dontaudit_send_biff_client_packets($1)
+ corenet_dontaudit_receive_biff_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to clamd_client the packet type.
+## Relabel packets to biff_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -12305,18 +12748,18 @@ interface(`corenet_dontaudit_sendrecv_clamd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_clamd_client_packets',`
+interface(`corenet_relabelto_biff_client_packets',`
gen_require(`
- type clamd_client_packet_t;
+ type biff_client_packet_t;
')
- allow $1 clamd_client_packet_t:packet relabelto;
+ allow $1 biff_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send clamd_server packets.
+## Send biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12325,17 +12768,17 @@ interface(`corenet_relabelto_clamd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_clamd_server_packets',`
+interface(`corenet_send_biff_server_packets',`
gen_require(`
- type clamd_server_packet_t;
+ type biff_server_packet_t;
')
- allow $1 clamd_server_packet_t:packet send;
+ allow $1 biff_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send clamd_server packets.
+## Do not audit attempts to send biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12344,17 +12787,17 @@ interface(`corenet_send_clamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_clamd_server_packets',`
+interface(`corenet_dontaudit_send_biff_server_packets',`
gen_require(`
- type clamd_server_packet_t;
+ type biff_server_packet_t;
')
- dontaudit $1 clamd_server_packet_t:packet send;
+ dontaudit $1 biff_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive clamd_server packets.
+## Receive biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12363,17 +12806,17 @@ interface(`corenet_dontaudit_send_clamd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_clamd_server_packets',`
+interface(`corenet_receive_biff_server_packets',`
gen_require(`
- type clamd_server_packet_t;
+ type biff_server_packet_t;
')
- allow $1 clamd_server_packet_t:packet recv;
+ allow $1 biff_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive clamd_server packets.
+## Do not audit attempts to receive biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12382,17 +12825,17 @@ interface(`corenet_receive_clamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_clamd_server_packets',`
+interface(`corenet_dontaudit_receive_biff_server_packets',`
gen_require(`
- type clamd_server_packet_t;
+ type biff_server_packet_t;
')
- dontaudit $1 clamd_server_packet_t:packet recv;
+ dontaudit $1 biff_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive clamd_server packets.
+## Send and receive biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12401,14 +12844,14 @@ interface(`corenet_dontaudit_receive_clamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_clamd_server_packets',`
- corenet_send_clamd_server_packets($1)
- corenet_receive_clamd_server_packets($1)
+interface(`corenet_sendrecv_biff_server_packets',`
+ corenet_send_biff_server_packets($1)
+ corenet_receive_biff_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive clamd_server packets.
+## Do not audit attempts to send and receive biff_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12417,14 +12860,14 @@ interface(`corenet_sendrecv_clamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_clamd_server_packets',`
- corenet_dontaudit_send_clamd_server_packets($1)
- corenet_dontaudit_receive_clamd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_biff_server_packets',`
+ corenet_dontaudit_send_biff_server_packets($1)
+ corenet_dontaudit_receive_biff_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to clamd_server the packet type.
+## Relabel packets to biff_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -12432,20 +12875,20 @@ interface(`corenet_dontaudit_sendrecv_clamd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_clamd_server_packets',`
+interface(`corenet_relabelto_biff_server_packets',`
gen_require(`
- type clamd_server_packet_t;
+ type biff_server_packet_t;
')
- allow $1 clamd_server_packet_t:packet relabelto;
+ allow $1 biff_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the clockspeed port.
+## Send and receive TCP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12454,17 +12897,17 @@ interface(`corenet_relabelto_clamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_clockspeed_port',`
+interface(`corenet_tcp_sendrecv_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 certmaster_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the clockspeed port.
+## Send UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12473,17 +12916,17 @@ interface(`corenet_tcp_sendrecv_clockspeed_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_clockspeed_port',`
+interface(`corenet_udp_send_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:udp_socket send_msg;
+ allow $1 certmaster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the clockspeed port.
+## Do not audit attempts to send UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12492,17 +12935,17 @@ interface(`corenet_udp_send_clockspeed_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_clockspeed_port',`
+interface(`corenet_dontaudit_udp_send_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- dontaudit $1 clockspeed_port_t:udp_socket send_msg;
+ dontaudit $1 certmaster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the clockspeed port.
+## Receive UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12511,17 +12954,17 @@ interface(`corenet_dontaudit_udp_send_clockspeed_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_clockspeed_port',`
+interface(`corenet_udp_receive_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:udp_socket recv_msg;
+ allow $1 certmaster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the clockspeed port.
+## Do not audit attempts to receive UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12530,17 +12973,17 @@ interface(`corenet_udp_receive_clockspeed_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_clockspeed_port',`
+interface(`corenet_dontaudit_udp_receive_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- dontaudit $1 clockspeed_port_t:udp_socket recv_msg;
+ dontaudit $1 certmaster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the clockspeed port.
+## Send and receive UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12549,15 +12992,15 @@ interface(`corenet_dontaudit_udp_receive_clockspeed_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_clockspeed_port',`
- corenet_udp_send_clockspeed_port($1)
- corenet_udp_receive_clockspeed_port($1)
+interface(`corenet_udp_sendrecv_certmaster_port',`
+ corenet_udp_send_certmaster_port($1)
+ corenet_udp_receive_certmaster_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the clockspeed port.
+## UDP traffic on the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12566,14 +13009,14 @@ interface(`corenet_udp_sendrecv_clockspeed_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_clockspeed_port',`
- corenet_dontaudit_udp_send_clockspeed_port($1)
- corenet_dontaudit_udp_receive_clockspeed_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_certmaster_port',`
+ corenet_dontaudit_udp_send_certmaster_port($1)
+ corenet_dontaudit_udp_receive_certmaster_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the clockspeed port.
+## Bind TCP sockets to the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12582,18 +13025,18 @@ interface(`corenet_dontaudit_udp_sendrecv_clockspeed_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_clockspeed_port',`
+interface(`corenet_tcp_bind_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:tcp_socket name_bind;
+ allow $1 certmaster_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the clockspeed port.
+## Bind UDP sockets to the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12602,18 +13045,18 @@ interface(`corenet_tcp_bind_clockspeed_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_clockspeed_port',`
+interface(`corenet_udp_bind_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:udp_socket name_bind;
+ allow $1 certmaster_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the clockspeed port.
+## Make a TCP connection to the certmaster port.
## </summary>
## <param name="domain">
## <summary>
@@ -12621,18 +13064,18 @@ interface(`corenet_udp_bind_clockspeed_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_clockspeed_port',`
+interface(`corenet_tcp_connect_certmaster_port',`
gen_require(`
- type clockspeed_port_t;
+ type certmaster_port_t;
')
- allow $1 clockspeed_port_t:tcp_socket name_connect;
+ allow $1 certmaster_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send clockspeed_client packets.
+## Send certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12641,17 +13084,17 @@ interface(`corenet_tcp_connect_clockspeed_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_clockspeed_client_packets',`
+interface(`corenet_send_certmaster_client_packets',`
gen_require(`
- type clockspeed_client_packet_t;
+ type certmaster_client_packet_t;
')
- allow $1 clockspeed_client_packet_t:packet send;
+ allow $1 certmaster_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send clockspeed_client packets.
+## Do not audit attempts to send certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12660,17 +13103,17 @@ interface(`corenet_send_clockspeed_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_clockspeed_client_packets',`
+interface(`corenet_dontaudit_send_certmaster_client_packets',`
gen_require(`
- type clockspeed_client_packet_t;
+ type certmaster_client_packet_t;
')
- dontaudit $1 clockspeed_client_packet_t:packet send;
+ dontaudit $1 certmaster_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive clockspeed_client packets.
+## Receive certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12679,17 +13122,17 @@ interface(`corenet_dontaudit_send_clockspeed_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_clockspeed_client_packets',`
+interface(`corenet_receive_certmaster_client_packets',`
gen_require(`
- type clockspeed_client_packet_t;
+ type certmaster_client_packet_t;
')
- allow $1 clockspeed_client_packet_t:packet recv;
+ allow $1 certmaster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive clockspeed_client packets.
+## Do not audit attempts to receive certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12698,17 +13141,17 @@ interface(`corenet_receive_clockspeed_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_clockspeed_client_packets',`
+interface(`corenet_dontaudit_receive_certmaster_client_packets',`
gen_require(`
- type clockspeed_client_packet_t;
+ type certmaster_client_packet_t;
')
- dontaudit $1 clockspeed_client_packet_t:packet recv;
+ dontaudit $1 certmaster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive clockspeed_client packets.
+## Send and receive certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12717,14 +13160,14 @@ interface(`corenet_dontaudit_receive_clockspeed_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_clockspeed_client_packets',`
- corenet_send_clockspeed_client_packets($1)
- corenet_receive_clockspeed_client_packets($1)
+interface(`corenet_sendrecv_certmaster_client_packets',`
+ corenet_send_certmaster_client_packets($1)
+ corenet_receive_certmaster_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive clockspeed_client packets.
+## Do not audit attempts to send and receive certmaster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12733,14 +13176,14 @@ interface(`corenet_sendrecv_clockspeed_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_clockspeed_client_packets',`
- corenet_dontaudit_send_clockspeed_client_packets($1)
- corenet_dontaudit_receive_clockspeed_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_certmaster_client_packets',`
+ corenet_dontaudit_send_certmaster_client_packets($1)
+ corenet_dontaudit_receive_certmaster_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to clockspeed_client the packet type.
+## Relabel packets to certmaster_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -12748,18 +13191,18 @@ interface(`corenet_dontaudit_sendrecv_clockspeed_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_clockspeed_client_packets',`
+interface(`corenet_relabelto_certmaster_client_packets',`
gen_require(`
- type clockspeed_client_packet_t;
+ type certmaster_client_packet_t;
')
- allow $1 clockspeed_client_packet_t:packet relabelto;
+ allow $1 certmaster_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send clockspeed_server packets.
+## Send certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12768,17 +13211,17 @@ interface(`corenet_relabelto_clockspeed_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_clockspeed_server_packets',`
+interface(`corenet_send_certmaster_server_packets',`
gen_require(`
- type clockspeed_server_packet_t;
+ type certmaster_server_packet_t;
')
- allow $1 clockspeed_server_packet_t:packet send;
+ allow $1 certmaster_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send clockspeed_server packets.
+## Do not audit attempts to send certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12787,17 +13230,17 @@ interface(`corenet_send_clockspeed_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_clockspeed_server_packets',`
+interface(`corenet_dontaudit_send_certmaster_server_packets',`
gen_require(`
- type clockspeed_server_packet_t;
+ type certmaster_server_packet_t;
')
- dontaudit $1 clockspeed_server_packet_t:packet send;
+ dontaudit $1 certmaster_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive clockspeed_server packets.
+## Receive certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12806,17 +13249,17 @@ interface(`corenet_dontaudit_send_clockspeed_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_clockspeed_server_packets',`
+interface(`corenet_receive_certmaster_server_packets',`
gen_require(`
- type clockspeed_server_packet_t;
+ type certmaster_server_packet_t;
')
- allow $1 clockspeed_server_packet_t:packet recv;
+ allow $1 certmaster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive clockspeed_server packets.
+## Do not audit attempts to receive certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12825,17 +13268,17 @@ interface(`corenet_receive_clockspeed_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_clockspeed_server_packets',`
+interface(`corenet_dontaudit_receive_certmaster_server_packets',`
gen_require(`
- type clockspeed_server_packet_t;
+ type certmaster_server_packet_t;
')
- dontaudit $1 clockspeed_server_packet_t:packet recv;
+ dontaudit $1 certmaster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive clockspeed_server packets.
+## Send and receive certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12844,14 +13287,14 @@ interface(`corenet_dontaudit_receive_clockspeed_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_clockspeed_server_packets',`
- corenet_send_clockspeed_server_packets($1)
- corenet_receive_clockspeed_server_packets($1)
+interface(`corenet_sendrecv_certmaster_server_packets',`
+ corenet_send_certmaster_server_packets($1)
+ corenet_receive_certmaster_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive clockspeed_server packets.
+## Do not audit attempts to send and receive certmaster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -12860,14 +13303,14 @@ interface(`corenet_sendrecv_clockspeed_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_clockspeed_server_packets',`
- corenet_dontaudit_send_clockspeed_server_packets($1)
- corenet_dontaudit_receive_clockspeed_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_certmaster_server_packets',`
+ corenet_dontaudit_send_certmaster_server_packets($1)
+ corenet_dontaudit_receive_certmaster_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to clockspeed_server the packet type.
+## Relabel packets to certmaster_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -12875,12 +13318,12 @@ interface(`corenet_dontaudit_sendrecv_clockspeed_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_clockspeed_server_packets',`
+interface(`corenet_relabelto_certmaster_server_packets',`
gen_require(`
- type clockspeed_server_packet_t;
+ type certmaster_server_packet_t;
')
- allow $1 clockspeed_server_packet_t:packet relabelto;
+ allow $1 certmaster_server_packet_t:packet relabelto;
')
@@ -12888,7 +13331,7 @@ interface(`corenet_relabelto_clockspeed_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the cluster port.
+## Send and receive TCP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12897,17 +13340,17 @@ interface(`corenet_relabelto_clockspeed_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_cluster_port',`
+interface(`corenet_tcp_sendrecv_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 chronyd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the cluster port.
+## Send UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12916,17 +13359,17 @@ interface(`corenet_tcp_sendrecv_cluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_cluster_port',`
+interface(`corenet_udp_send_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:udp_socket send_msg;
+ allow $1 chronyd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the cluster port.
+## Do not audit attempts to send UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12935,17 +13378,17 @@ interface(`corenet_udp_send_cluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_cluster_port',`
+interface(`corenet_dontaudit_udp_send_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- dontaudit $1 cluster_port_t:udp_socket send_msg;
+ dontaudit $1 chronyd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the cluster port.
+## Receive UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12954,17 +13397,17 @@ interface(`corenet_dontaudit_udp_send_cluster_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_cluster_port',`
+interface(`corenet_udp_receive_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:udp_socket recv_msg;
+ allow $1 chronyd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the cluster port.
+## Do not audit attempts to receive UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12973,17 +13416,17 @@ interface(`corenet_udp_receive_cluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_cluster_port',`
+interface(`corenet_dontaudit_udp_receive_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- dontaudit $1 cluster_port_t:udp_socket recv_msg;
+ dontaudit $1 chronyd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the cluster port.
+## Send and receive UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -12992,15 +13435,15 @@ interface(`corenet_dontaudit_udp_receive_cluster_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_cluster_port',`
- corenet_udp_send_cluster_port($1)
- corenet_udp_receive_cluster_port($1)
+interface(`corenet_udp_sendrecv_chronyd_port',`
+ corenet_udp_send_chronyd_port($1)
+ corenet_udp_receive_chronyd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the cluster port.
+## UDP traffic on the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13009,14 +13452,14 @@ interface(`corenet_udp_sendrecv_cluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_cluster_port',`
- corenet_dontaudit_udp_send_cluster_port($1)
- corenet_dontaudit_udp_receive_cluster_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_chronyd_port',`
+ corenet_dontaudit_udp_send_chronyd_port($1)
+ corenet_dontaudit_udp_receive_chronyd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the cluster port.
+## Bind TCP sockets to the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13025,18 +13468,18 @@ interface(`corenet_dontaudit_udp_sendrecv_cluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_cluster_port',`
+interface(`corenet_tcp_bind_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:tcp_socket name_bind;
+ allow $1 chronyd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the cluster port.
+## Bind UDP sockets to the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13045,18 +13488,18 @@ interface(`corenet_tcp_bind_cluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_cluster_port',`
+interface(`corenet_udp_bind_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:udp_socket name_bind;
+ allow $1 chronyd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the cluster port.
+## Make a TCP connection to the chronyd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13064,18 +13507,18 @@ interface(`corenet_udp_bind_cluster_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_cluster_port',`
+interface(`corenet_tcp_connect_chronyd_port',`
gen_require(`
- type cluster_port_t;
+ type chronyd_port_t;
')
- allow $1 cluster_port_t:tcp_socket name_connect;
+ allow $1 chronyd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send cluster_client packets.
+## Send chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13084,17 +13527,17 @@ interface(`corenet_tcp_connect_cluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cluster_client_packets',`
+interface(`corenet_send_chronyd_client_packets',`
gen_require(`
- type cluster_client_packet_t;
+ type chronyd_client_packet_t;
')
- allow $1 cluster_client_packet_t:packet send;
+ allow $1 chronyd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cluster_client packets.
+## Do not audit attempts to send chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13103,17 +13546,17 @@ interface(`corenet_send_cluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cluster_client_packets',`
+interface(`corenet_dontaudit_send_chronyd_client_packets',`
gen_require(`
- type cluster_client_packet_t;
+ type chronyd_client_packet_t;
')
- dontaudit $1 cluster_client_packet_t:packet send;
+ dontaudit $1 chronyd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive cluster_client packets.
+## Receive chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13122,17 +13565,17 @@ interface(`corenet_dontaudit_send_cluster_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cluster_client_packets',`
+interface(`corenet_receive_chronyd_client_packets',`
gen_require(`
- type cluster_client_packet_t;
+ type chronyd_client_packet_t;
')
- allow $1 cluster_client_packet_t:packet recv;
+ allow $1 chronyd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cluster_client packets.
+## Do not audit attempts to receive chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13141,17 +13584,17 @@ interface(`corenet_receive_cluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cluster_client_packets',`
+interface(`corenet_dontaudit_receive_chronyd_client_packets',`
gen_require(`
- type cluster_client_packet_t;
+ type chronyd_client_packet_t;
')
- dontaudit $1 cluster_client_packet_t:packet recv;
+ dontaudit $1 chronyd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cluster_client packets.
+## Send and receive chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13160,14 +13603,14 @@ interface(`corenet_dontaudit_receive_cluster_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cluster_client_packets',`
- corenet_send_cluster_client_packets($1)
- corenet_receive_cluster_client_packets($1)
+interface(`corenet_sendrecv_chronyd_client_packets',`
+ corenet_send_chronyd_client_packets($1)
+ corenet_receive_chronyd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cluster_client packets.
+## Do not audit attempts to send and receive chronyd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13176,14 +13619,14 @@ interface(`corenet_sendrecv_cluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cluster_client_packets',`
- corenet_dontaudit_send_cluster_client_packets($1)
- corenet_dontaudit_receive_cluster_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_chronyd_client_packets',`
+ corenet_dontaudit_send_chronyd_client_packets($1)
+ corenet_dontaudit_receive_chronyd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to cluster_client the packet type.
+## Relabel packets to chronyd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -13191,18 +13634,18 @@ interface(`corenet_dontaudit_sendrecv_cluster_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cluster_client_packets',`
+interface(`corenet_relabelto_chronyd_client_packets',`
gen_require(`
- type cluster_client_packet_t;
+ type chronyd_client_packet_t;
')
- allow $1 cluster_client_packet_t:packet relabelto;
+ allow $1 chronyd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send cluster_server packets.
+## Send chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13211,17 +13654,17 @@ interface(`corenet_relabelto_cluster_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cluster_server_packets',`
+interface(`corenet_send_chronyd_server_packets',`
gen_require(`
- type cluster_server_packet_t;
+ type chronyd_server_packet_t;
')
- allow $1 cluster_server_packet_t:packet send;
+ allow $1 chronyd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cluster_server packets.
+## Do not audit attempts to send chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13230,17 +13673,17 @@ interface(`corenet_send_cluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cluster_server_packets',`
+interface(`corenet_dontaudit_send_chronyd_server_packets',`
gen_require(`
- type cluster_server_packet_t;
+ type chronyd_server_packet_t;
')
- dontaudit $1 cluster_server_packet_t:packet send;
+ dontaudit $1 chronyd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive cluster_server packets.
+## Receive chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13249,17 +13692,17 @@ interface(`corenet_dontaudit_send_cluster_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cluster_server_packets',`
+interface(`corenet_receive_chronyd_server_packets',`
gen_require(`
- type cluster_server_packet_t;
+ type chronyd_server_packet_t;
')
- allow $1 cluster_server_packet_t:packet recv;
+ allow $1 chronyd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cluster_server packets.
+## Do not audit attempts to receive chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13268,17 +13711,17 @@ interface(`corenet_receive_cluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cluster_server_packets',`
+interface(`corenet_dontaudit_receive_chronyd_server_packets',`
gen_require(`
- type cluster_server_packet_t;
+ type chronyd_server_packet_t;
')
- dontaudit $1 cluster_server_packet_t:packet recv;
+ dontaudit $1 chronyd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cluster_server packets.
+## Send and receive chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13287,14 +13730,14 @@ interface(`corenet_dontaudit_receive_cluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cluster_server_packets',`
- corenet_send_cluster_server_packets($1)
- corenet_receive_cluster_server_packets($1)
+interface(`corenet_sendrecv_chronyd_server_packets',`
+ corenet_send_chronyd_server_packets($1)
+ corenet_receive_chronyd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cluster_server packets.
+## Do not audit attempts to send and receive chronyd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13303,14 +13746,14 @@ interface(`corenet_sendrecv_cluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cluster_server_packets',`
- corenet_dontaudit_send_cluster_server_packets($1)
- corenet_dontaudit_receive_cluster_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_chronyd_server_packets',`
+ corenet_dontaudit_send_chronyd_server_packets($1)
+ corenet_dontaudit_receive_chronyd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to cluster_server the packet type.
+## Relabel packets to chronyd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -13318,12 +13761,12 @@ interface(`corenet_dontaudit_sendrecv_cluster_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cluster_server_packets',`
+interface(`corenet_relabelto_chronyd_server_packets',`
gen_require(`
- type cluster_server_packet_t;
+ type chronyd_server_packet_t;
')
- allow $1 cluster_server_packet_t:packet relabelto;
+ allow $1 chronyd_server_packet_t:packet relabelto;
')
@@ -13331,7 +13774,7 @@ interface(`corenet_relabelto_cluster_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the cobbler port.
+## Send and receive TCP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13340,17 +13783,17 @@ interface(`corenet_relabelto_cluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_cobbler_port',`
+interface(`corenet_tcp_sendrecv_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 clamd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the cobbler port.
+## Send UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13359,17 +13802,17 @@ interface(`corenet_tcp_sendrecv_cobbler_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_cobbler_port',`
+interface(`corenet_udp_send_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:udp_socket send_msg;
+ allow $1 clamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the cobbler port.
+## Do not audit attempts to send UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13378,17 +13821,17 @@ interface(`corenet_udp_send_cobbler_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_cobbler_port',`
+interface(`corenet_dontaudit_udp_send_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- dontaudit $1 cobbler_port_t:udp_socket send_msg;
+ dontaudit $1 clamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the cobbler port.
+## Receive UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13397,17 +13840,17 @@ interface(`corenet_dontaudit_udp_send_cobbler_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_cobbler_port',`
+interface(`corenet_udp_receive_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:udp_socket recv_msg;
+ allow $1 clamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the cobbler port.
+## Do not audit attempts to receive UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13416,17 +13859,17 @@ interface(`corenet_udp_receive_cobbler_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_cobbler_port',`
+interface(`corenet_dontaudit_udp_receive_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- dontaudit $1 cobbler_port_t:udp_socket recv_msg;
+ dontaudit $1 clamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the cobbler port.
+## Send and receive UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13435,15 +13878,15 @@ interface(`corenet_dontaudit_udp_receive_cobbler_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_cobbler_port',`
- corenet_udp_send_cobbler_port($1)
- corenet_udp_receive_cobbler_port($1)
+interface(`corenet_udp_sendrecv_clamd_port',`
+ corenet_udp_send_clamd_port($1)
+ corenet_udp_receive_clamd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the cobbler port.
+## UDP traffic on the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13452,14 +13895,14 @@ interface(`corenet_udp_sendrecv_cobbler_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_cobbler_port',`
- corenet_dontaudit_udp_send_cobbler_port($1)
- corenet_dontaudit_udp_receive_cobbler_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_clamd_port',`
+ corenet_dontaudit_udp_send_clamd_port($1)
+ corenet_dontaudit_udp_receive_clamd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the cobbler port.
+## Bind TCP sockets to the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13468,18 +13911,18 @@ interface(`corenet_dontaudit_udp_sendrecv_cobbler_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_cobbler_port',`
+interface(`corenet_tcp_bind_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:tcp_socket name_bind;
+ allow $1 clamd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the cobbler port.
+## Bind UDP sockets to the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13488,18 +13931,18 @@ interface(`corenet_tcp_bind_cobbler_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_cobbler_port',`
+interface(`corenet_udp_bind_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:udp_socket name_bind;
+ allow $1 clamd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the cobbler port.
+## Make a TCP connection to the clamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -13507,18 +13950,18 @@ interface(`corenet_udp_bind_cobbler_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_cobbler_port',`
+interface(`corenet_tcp_connect_clamd_port',`
gen_require(`
- type cobbler_port_t;
+ type clamd_port_t;
')
- allow $1 cobbler_port_t:tcp_socket name_connect;
+ allow $1 clamd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send cobbler_client packets.
+## Send clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13527,17 +13970,17 @@ interface(`corenet_tcp_connect_cobbler_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cobbler_client_packets',`
+interface(`corenet_send_clamd_client_packets',`
gen_require(`
- type cobbler_client_packet_t;
+ type clamd_client_packet_t;
')
- allow $1 cobbler_client_packet_t:packet send;
+ allow $1 clamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cobbler_client packets.
+## Do not audit attempts to send clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13546,17 +13989,17 @@ interface(`corenet_send_cobbler_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cobbler_client_packets',`
+interface(`corenet_dontaudit_send_clamd_client_packets',`
gen_require(`
- type cobbler_client_packet_t;
+ type clamd_client_packet_t;
')
- dontaudit $1 cobbler_client_packet_t:packet send;
+ dontaudit $1 clamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive cobbler_client packets.
+## Receive clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13565,17 +14008,17 @@ interface(`corenet_dontaudit_send_cobbler_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cobbler_client_packets',`
+interface(`corenet_receive_clamd_client_packets',`
gen_require(`
- type cobbler_client_packet_t;
+ type clamd_client_packet_t;
')
- allow $1 cobbler_client_packet_t:packet recv;
+ allow $1 clamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cobbler_client packets.
+## Do not audit attempts to receive clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13584,17 +14027,17 @@ interface(`corenet_receive_cobbler_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cobbler_client_packets',`
+interface(`corenet_dontaudit_receive_clamd_client_packets',`
gen_require(`
- type cobbler_client_packet_t;
+ type clamd_client_packet_t;
')
- dontaudit $1 cobbler_client_packet_t:packet recv;
+ dontaudit $1 clamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cobbler_client packets.
+## Send and receive clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13603,14 +14046,14 @@ interface(`corenet_dontaudit_receive_cobbler_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cobbler_client_packets',`
- corenet_send_cobbler_client_packets($1)
- corenet_receive_cobbler_client_packets($1)
+interface(`corenet_sendrecv_clamd_client_packets',`
+ corenet_send_clamd_client_packets($1)
+ corenet_receive_clamd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cobbler_client packets.
+## Do not audit attempts to send and receive clamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13619,14 +14062,14 @@ interface(`corenet_sendrecv_cobbler_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cobbler_client_packets',`
- corenet_dontaudit_send_cobbler_client_packets($1)
- corenet_dontaudit_receive_cobbler_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_clamd_client_packets',`
+ corenet_dontaudit_send_clamd_client_packets($1)
+ corenet_dontaudit_receive_clamd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to cobbler_client the packet type.
+## Relabel packets to clamd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -13634,18 +14077,18 @@ interface(`corenet_dontaudit_sendrecv_cobbler_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cobbler_client_packets',`
+interface(`corenet_relabelto_clamd_client_packets',`
gen_require(`
- type cobbler_client_packet_t;
+ type clamd_client_packet_t;
')
- allow $1 cobbler_client_packet_t:packet relabelto;
+ allow $1 clamd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send cobbler_server packets.
+## Send clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13654,17 +14097,17 @@ interface(`corenet_relabelto_cobbler_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cobbler_server_packets',`
+interface(`corenet_send_clamd_server_packets',`
gen_require(`
- type cobbler_server_packet_t;
+ type clamd_server_packet_t;
')
- allow $1 cobbler_server_packet_t:packet send;
+ allow $1 clamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cobbler_server packets.
+## Do not audit attempts to send clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13673,17 +14116,17 @@ interface(`corenet_send_cobbler_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cobbler_server_packets',`
+interface(`corenet_dontaudit_send_clamd_server_packets',`
gen_require(`
- type cobbler_server_packet_t;
+ type clamd_server_packet_t;
')
- dontaudit $1 cobbler_server_packet_t:packet send;
+ dontaudit $1 clamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive cobbler_server packets.
+## Receive clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13692,17 +14135,17 @@ interface(`corenet_dontaudit_send_cobbler_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cobbler_server_packets',`
+interface(`corenet_receive_clamd_server_packets',`
gen_require(`
- type cobbler_server_packet_t;
+ type clamd_server_packet_t;
')
- allow $1 cobbler_server_packet_t:packet recv;
+ allow $1 clamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cobbler_server packets.
+## Do not audit attempts to receive clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13711,17 +14154,17 @@ interface(`corenet_receive_cobbler_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cobbler_server_packets',`
+interface(`corenet_dontaudit_receive_clamd_server_packets',`
gen_require(`
- type cobbler_server_packet_t;
+ type clamd_server_packet_t;
')
- dontaudit $1 cobbler_server_packet_t:packet recv;
+ dontaudit $1 clamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cobbler_server packets.
+## Send and receive clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13730,14 +14173,14 @@ interface(`corenet_dontaudit_receive_cobbler_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cobbler_server_packets',`
- corenet_send_cobbler_server_packets($1)
- corenet_receive_cobbler_server_packets($1)
+interface(`corenet_sendrecv_clamd_server_packets',`
+ corenet_send_clamd_server_packets($1)
+ corenet_receive_clamd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cobbler_server packets.
+## Do not audit attempts to send and receive clamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13746,14 +14189,14 @@ interface(`corenet_sendrecv_cobbler_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cobbler_server_packets',`
- corenet_dontaudit_send_cobbler_server_packets($1)
- corenet_dontaudit_receive_cobbler_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_clamd_server_packets',`
+ corenet_dontaudit_send_clamd_server_packets($1)
+ corenet_dontaudit_receive_clamd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to cobbler_server the packet type.
+## Relabel packets to clamd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -13761,12 +14204,12 @@ interface(`corenet_dontaudit_sendrecv_cobbler_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cobbler_server_packets',`
+interface(`corenet_relabelto_clamd_server_packets',`
gen_require(`
- type cobbler_server_packet_t;
+ type clamd_server_packet_t;
')
- allow $1 cobbler_server_packet_t:packet relabelto;
+ allow $1 clamd_server_packet_t:packet relabelto;
')
@@ -13774,7 +14217,7 @@ interface(`corenet_relabelto_cobbler_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the comsat port.
+## Send and receive TCP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13783,17 +14226,17 @@ interface(`corenet_relabelto_cobbler_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_comsat_port',`
+interface(`corenet_tcp_sendrecv_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 clockspeed_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the comsat port.
+## Send UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13802,17 +14245,17 @@ interface(`corenet_tcp_sendrecv_comsat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_comsat_port',`
+interface(`corenet_udp_send_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:udp_socket send_msg;
+ allow $1 clockspeed_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the comsat port.
+## Do not audit attempts to send UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13821,17 +14264,17 @@ interface(`corenet_udp_send_comsat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_comsat_port',`
+interface(`corenet_dontaudit_udp_send_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- dontaudit $1 comsat_port_t:udp_socket send_msg;
+ dontaudit $1 clockspeed_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the comsat port.
+## Receive UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13840,17 +14283,17 @@ interface(`corenet_dontaudit_udp_send_comsat_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_comsat_port',`
+interface(`corenet_udp_receive_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:udp_socket recv_msg;
+ allow $1 clockspeed_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the comsat port.
+## Do not audit attempts to receive UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13859,17 +14302,17 @@ interface(`corenet_udp_receive_comsat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_comsat_port',`
+interface(`corenet_dontaudit_udp_receive_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- dontaudit $1 comsat_port_t:udp_socket recv_msg;
+ dontaudit $1 clockspeed_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the comsat port.
+## Send and receive UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13878,15 +14321,15 @@ interface(`corenet_dontaudit_udp_receive_comsat_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_comsat_port',`
- corenet_udp_send_comsat_port($1)
- corenet_udp_receive_comsat_port($1)
+interface(`corenet_udp_sendrecv_clockspeed_port',`
+ corenet_udp_send_clockspeed_port($1)
+ corenet_udp_receive_clockspeed_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the comsat port.
+## UDP traffic on the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13895,14 +14338,14 @@ interface(`corenet_udp_sendrecv_comsat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_comsat_port',`
- corenet_dontaudit_udp_send_comsat_port($1)
- corenet_dontaudit_udp_receive_comsat_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_clockspeed_port',`
+ corenet_dontaudit_udp_send_clockspeed_port($1)
+ corenet_dontaudit_udp_receive_clockspeed_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the comsat port.
+## Bind TCP sockets to the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13911,18 +14354,18 @@ interface(`corenet_dontaudit_udp_sendrecv_comsat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_comsat_port',`
+interface(`corenet_tcp_bind_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 clockspeed_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the comsat port.
+## Bind UDP sockets to the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13931,18 +14374,18 @@ interface(`corenet_tcp_bind_comsat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_comsat_port',`
+interface(`corenet_udp_bind_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 clockspeed_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the comsat port.
+## Make a TCP connection to the clockspeed port.
## </summary>
## <param name="domain">
## <summary>
@@ -13950,18 +14393,18 @@ interface(`corenet_udp_bind_comsat_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_comsat_port',`
+interface(`corenet_tcp_connect_clockspeed_port',`
gen_require(`
- type comsat_port_t;
+ type clockspeed_port_t;
')
- allow $1 comsat_port_t:tcp_socket name_connect;
+ allow $1 clockspeed_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send comsat_client packets.
+## Send clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13970,17 +14413,17 @@ interface(`corenet_tcp_connect_comsat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_comsat_client_packets',`
+interface(`corenet_send_clockspeed_client_packets',`
gen_require(`
- type comsat_client_packet_t;
+ type clockspeed_client_packet_t;
')
- allow $1 comsat_client_packet_t:packet send;
+ allow $1 clockspeed_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send comsat_client packets.
+## Do not audit attempts to send clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -13989,17 +14432,17 @@ interface(`corenet_send_comsat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_comsat_client_packets',`
+interface(`corenet_dontaudit_send_clockspeed_client_packets',`
gen_require(`
- type comsat_client_packet_t;
+ type clockspeed_client_packet_t;
')
- dontaudit $1 comsat_client_packet_t:packet send;
+ dontaudit $1 clockspeed_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive comsat_client packets.
+## Receive clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14008,17 +14451,17 @@ interface(`corenet_dontaudit_send_comsat_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_comsat_client_packets',`
+interface(`corenet_receive_clockspeed_client_packets',`
gen_require(`
- type comsat_client_packet_t;
+ type clockspeed_client_packet_t;
')
- allow $1 comsat_client_packet_t:packet recv;
+ allow $1 clockspeed_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive comsat_client packets.
+## Do not audit attempts to receive clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14027,17 +14470,17 @@ interface(`corenet_receive_comsat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_comsat_client_packets',`
+interface(`corenet_dontaudit_receive_clockspeed_client_packets',`
gen_require(`
- type comsat_client_packet_t;
+ type clockspeed_client_packet_t;
')
- dontaudit $1 comsat_client_packet_t:packet recv;
+ dontaudit $1 clockspeed_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive comsat_client packets.
+## Send and receive clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14046,14 +14489,14 @@ interface(`corenet_dontaudit_receive_comsat_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_comsat_client_packets',`
- corenet_send_comsat_client_packets($1)
- corenet_receive_comsat_client_packets($1)
+interface(`corenet_sendrecv_clockspeed_client_packets',`
+ corenet_send_clockspeed_client_packets($1)
+ corenet_receive_clockspeed_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive comsat_client packets.
+## Do not audit attempts to send and receive clockspeed_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14062,14 +14505,14 @@ interface(`corenet_sendrecv_comsat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_comsat_client_packets',`
- corenet_dontaudit_send_comsat_client_packets($1)
- corenet_dontaudit_receive_comsat_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_clockspeed_client_packets',`
+ corenet_dontaudit_send_clockspeed_client_packets($1)
+ corenet_dontaudit_receive_clockspeed_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to comsat_client the packet type.
+## Relabel packets to clockspeed_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -14077,18 +14520,18 @@ interface(`corenet_dontaudit_sendrecv_comsat_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_comsat_client_packets',`
+interface(`corenet_relabelto_clockspeed_client_packets',`
gen_require(`
- type comsat_client_packet_t;
+ type clockspeed_client_packet_t;
')
- allow $1 comsat_client_packet_t:packet relabelto;
+ allow $1 clockspeed_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send comsat_server packets.
+## Send clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14097,17 +14540,17 @@ interface(`corenet_relabelto_comsat_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_comsat_server_packets',`
+interface(`corenet_send_clockspeed_server_packets',`
gen_require(`
- type comsat_server_packet_t;
+ type clockspeed_server_packet_t;
')
- allow $1 comsat_server_packet_t:packet send;
+ allow $1 clockspeed_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send comsat_server packets.
+## Do not audit attempts to send clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14116,17 +14559,17 @@ interface(`corenet_send_comsat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_comsat_server_packets',`
+interface(`corenet_dontaudit_send_clockspeed_server_packets',`
gen_require(`
- type comsat_server_packet_t;
+ type clockspeed_server_packet_t;
')
- dontaudit $1 comsat_server_packet_t:packet send;
+ dontaudit $1 clockspeed_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive comsat_server packets.
+## Receive clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14135,17 +14578,17 @@ interface(`corenet_dontaudit_send_comsat_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_comsat_server_packets',`
+interface(`corenet_receive_clockspeed_server_packets',`
gen_require(`
- type comsat_server_packet_t;
+ type clockspeed_server_packet_t;
')
- allow $1 comsat_server_packet_t:packet recv;
+ allow $1 clockspeed_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive comsat_server packets.
+## Do not audit attempts to receive clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14154,17 +14597,17 @@ interface(`corenet_receive_comsat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_comsat_server_packets',`
+interface(`corenet_dontaudit_receive_clockspeed_server_packets',`
gen_require(`
- type comsat_server_packet_t;
+ type clockspeed_server_packet_t;
')
- dontaudit $1 comsat_server_packet_t:packet recv;
+ dontaudit $1 clockspeed_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive comsat_server packets.
+## Send and receive clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14173,14 +14616,14 @@ interface(`corenet_dontaudit_receive_comsat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_comsat_server_packets',`
- corenet_send_comsat_server_packets($1)
- corenet_receive_comsat_server_packets($1)
+interface(`corenet_sendrecv_clockspeed_server_packets',`
+ corenet_send_clockspeed_server_packets($1)
+ corenet_receive_clockspeed_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive comsat_server packets.
+## Do not audit attempts to send and receive clockspeed_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14189,14 +14632,14 @@ interface(`corenet_sendrecv_comsat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_comsat_server_packets',`
- corenet_dontaudit_send_comsat_server_packets($1)
- corenet_dontaudit_receive_comsat_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_clockspeed_server_packets',`
+ corenet_dontaudit_send_clockspeed_server_packets($1)
+ corenet_dontaudit_receive_clockspeed_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to comsat_server the packet type.
+## Relabel packets to clockspeed_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -14204,12 +14647,12 @@ interface(`corenet_dontaudit_sendrecv_comsat_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_comsat_server_packets',`
+interface(`corenet_relabelto_clockspeed_server_packets',`
gen_require(`
- type comsat_server_packet_t;
+ type clockspeed_server_packet_t;
')
- allow $1 comsat_server_packet_t:packet relabelto;
+ allow $1 clockspeed_server_packet_t:packet relabelto;
')
@@ -14217,7 +14660,7 @@ interface(`corenet_relabelto_comsat_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the cvs port.
+## Send and receive TCP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14226,17 +14669,17 @@ interface(`corenet_relabelto_comsat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_cvs_port',`
+interface(`corenet_tcp_sendrecv_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cluster_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the cvs port.
+## Send UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14245,17 +14688,17 @@ interface(`corenet_tcp_sendrecv_cvs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_cvs_port',`
+interface(`corenet_udp_send_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:udp_socket send_msg;
+ allow $1 cluster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the cvs port.
+## Do not audit attempts to send UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14264,17 +14707,17 @@ interface(`corenet_udp_send_cvs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_cvs_port',`
+interface(`corenet_dontaudit_udp_send_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- dontaudit $1 cvs_port_t:udp_socket send_msg;
+ dontaudit $1 cluster_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the cvs port.
+## Receive UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14283,17 +14726,17 @@ interface(`corenet_dontaudit_udp_send_cvs_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_cvs_port',`
+interface(`corenet_udp_receive_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:udp_socket recv_msg;
+ allow $1 cluster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the cvs port.
+## Do not audit attempts to receive UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14302,17 +14745,17 @@ interface(`corenet_udp_receive_cvs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_cvs_port',`
+interface(`corenet_dontaudit_udp_receive_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- dontaudit $1 cvs_port_t:udp_socket recv_msg;
+ dontaudit $1 cluster_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the cvs port.
+## Send and receive UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14321,15 +14764,15 @@ interface(`corenet_dontaudit_udp_receive_cvs_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_cvs_port',`
- corenet_udp_send_cvs_port($1)
- corenet_udp_receive_cvs_port($1)
+interface(`corenet_udp_sendrecv_cluster_port',`
+ corenet_udp_send_cluster_port($1)
+ corenet_udp_receive_cluster_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the cvs port.
+## UDP traffic on the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14338,14 +14781,14 @@ interface(`corenet_udp_sendrecv_cvs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_cvs_port',`
- corenet_dontaudit_udp_send_cvs_port($1)
- corenet_dontaudit_udp_receive_cvs_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cluster_port',`
+ corenet_dontaudit_udp_send_cluster_port($1)
+ corenet_dontaudit_udp_receive_cluster_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the cvs port.
+## Bind TCP sockets to the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14354,18 +14797,18 @@ interface(`corenet_dontaudit_udp_sendrecv_cvs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_cvs_port',`
+interface(`corenet_tcp_bind_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:tcp_socket name_bind;
-
+ allow $1 cluster_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the cvs port.
+## Bind UDP sockets to the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14374,18 +14817,18 @@ interface(`corenet_tcp_bind_cvs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_cvs_port',`
+interface(`corenet_udp_bind_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:udp_socket name_bind;
-
+ allow $1 cluster_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the cvs port.
+## Make a TCP connection to the cluster port.
## </summary>
## <param name="domain">
## <summary>
@@ -14393,18 +14836,18 @@ interface(`corenet_udp_bind_cvs_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_cvs_port',`
+interface(`corenet_tcp_connect_cluster_port',`
gen_require(`
- type cvs_port_t;
+ type cluster_port_t;
')
- allow $1 cvs_port_t:tcp_socket name_connect;
+ allow $1 cluster_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send cvs_client packets.
+## Send cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14413,17 +14856,17 @@ interface(`corenet_tcp_connect_cvs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cvs_client_packets',`
+interface(`corenet_send_cluster_client_packets',`
gen_require(`
- type cvs_client_packet_t;
+ type cluster_client_packet_t;
')
- allow $1 cvs_client_packet_t:packet send;
+ allow $1 cluster_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cvs_client packets.
+## Do not audit attempts to send cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14432,17 +14875,17 @@ interface(`corenet_send_cvs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cvs_client_packets',`
+interface(`corenet_dontaudit_send_cluster_client_packets',`
gen_require(`
- type cvs_client_packet_t;
+ type cluster_client_packet_t;
')
- dontaudit $1 cvs_client_packet_t:packet send;
+ dontaudit $1 cluster_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive cvs_client packets.
+## Receive cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14451,17 +14894,17 @@ interface(`corenet_dontaudit_send_cvs_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cvs_client_packets',`
+interface(`corenet_receive_cluster_client_packets',`
gen_require(`
- type cvs_client_packet_t;
+ type cluster_client_packet_t;
')
- allow $1 cvs_client_packet_t:packet recv;
+ allow $1 cluster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cvs_client packets.
+## Do not audit attempts to receive cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14470,17 +14913,17 @@ interface(`corenet_receive_cvs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cvs_client_packets',`
+interface(`corenet_dontaudit_receive_cluster_client_packets',`
gen_require(`
- type cvs_client_packet_t;
+ type cluster_client_packet_t;
')
- dontaudit $1 cvs_client_packet_t:packet recv;
+ dontaudit $1 cluster_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cvs_client packets.
+## Send and receive cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14489,14 +14932,14 @@ interface(`corenet_dontaudit_receive_cvs_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cvs_client_packets',`
- corenet_send_cvs_client_packets($1)
- corenet_receive_cvs_client_packets($1)
+interface(`corenet_sendrecv_cluster_client_packets',`
+ corenet_send_cluster_client_packets($1)
+ corenet_receive_cluster_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cvs_client packets.
+## Do not audit attempts to send and receive cluster_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14505,14 +14948,14 @@ interface(`corenet_sendrecv_cvs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cvs_client_packets',`
- corenet_dontaudit_send_cvs_client_packets($1)
- corenet_dontaudit_receive_cvs_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cluster_client_packets',`
+ corenet_dontaudit_send_cluster_client_packets($1)
+ corenet_dontaudit_receive_cluster_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to cvs_client the packet type.
+## Relabel packets to cluster_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -14520,18 +14963,18 @@ interface(`corenet_dontaudit_sendrecv_cvs_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cvs_client_packets',`
+interface(`corenet_relabelto_cluster_client_packets',`
gen_require(`
- type cvs_client_packet_t;
+ type cluster_client_packet_t;
')
- allow $1 cvs_client_packet_t:packet relabelto;
+ allow $1 cluster_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send cvs_server packets.
+## Send cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14540,17 +14983,17 @@ interface(`corenet_relabelto_cvs_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cvs_server_packets',`
+interface(`corenet_send_cluster_server_packets',`
gen_require(`
- type cvs_server_packet_t;
+ type cluster_server_packet_t;
')
- allow $1 cvs_server_packet_t:packet send;
+ allow $1 cluster_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cvs_server packets.
+## Do not audit attempts to send cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14559,17 +15002,17 @@ interface(`corenet_send_cvs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cvs_server_packets',`
+interface(`corenet_dontaudit_send_cluster_server_packets',`
gen_require(`
- type cvs_server_packet_t;
+ type cluster_server_packet_t;
')
- dontaudit $1 cvs_server_packet_t:packet send;
+ dontaudit $1 cluster_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive cvs_server packets.
+## Receive cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14578,17 +15021,17 @@ interface(`corenet_dontaudit_send_cvs_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cvs_server_packets',`
+interface(`corenet_receive_cluster_server_packets',`
gen_require(`
- type cvs_server_packet_t;
+ type cluster_server_packet_t;
')
- allow $1 cvs_server_packet_t:packet recv;
+ allow $1 cluster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cvs_server packets.
+## Do not audit attempts to receive cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14597,17 +15040,17 @@ interface(`corenet_receive_cvs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cvs_server_packets',`
+interface(`corenet_dontaudit_receive_cluster_server_packets',`
gen_require(`
- type cvs_server_packet_t;
+ type cluster_server_packet_t;
')
- dontaudit $1 cvs_server_packet_t:packet recv;
+ dontaudit $1 cluster_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cvs_server packets.
+## Send and receive cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14616,14 +15059,14 @@ interface(`corenet_dontaudit_receive_cvs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cvs_server_packets',`
- corenet_send_cvs_server_packets($1)
- corenet_receive_cvs_server_packets($1)
+interface(`corenet_sendrecv_cluster_server_packets',`
+ corenet_send_cluster_server_packets($1)
+ corenet_receive_cluster_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cvs_server packets.
+## Do not audit attempts to send and receive cluster_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14632,14 +15075,14 @@ interface(`corenet_sendrecv_cvs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cvs_server_packets',`
- corenet_dontaudit_send_cvs_server_packets($1)
- corenet_dontaudit_receive_cvs_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cluster_server_packets',`
+ corenet_dontaudit_send_cluster_server_packets($1)
+ corenet_dontaudit_receive_cluster_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to cvs_server the packet type.
+## Relabel packets to cluster_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -14647,12 +15090,12 @@ interface(`corenet_dontaudit_sendrecv_cvs_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cvs_server_packets',`
+interface(`corenet_relabelto_cluster_server_packets',`
gen_require(`
- type cvs_server_packet_t;
+ type cluster_server_packet_t;
')
- allow $1 cvs_server_packet_t:packet relabelto;
+ allow $1 cluster_server_packet_t:packet relabelto;
')
@@ -14660,7 +15103,7 @@ interface(`corenet_relabelto_cvs_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the cyphesis port.
+## Send and receive TCP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14669,17 +15112,17 @@ interface(`corenet_relabelto_cvs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_cyphesis_port',`
+interface(`corenet_tcp_sendrecv_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cma_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the cyphesis port.
+## Send UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14688,17 +15131,17 @@ interface(`corenet_tcp_sendrecv_cyphesis_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_cyphesis_port',`
+interface(`corenet_udp_send_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:udp_socket send_msg;
+ allow $1 cma_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the cyphesis port.
+## Do not audit attempts to send UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14707,17 +15150,17 @@ interface(`corenet_udp_send_cyphesis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_cyphesis_port',`
+interface(`corenet_dontaudit_udp_send_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- dontaudit $1 cyphesis_port_t:udp_socket send_msg;
+ dontaudit $1 cma_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the cyphesis port.
+## Receive UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14726,17 +15169,17 @@ interface(`corenet_dontaudit_udp_send_cyphesis_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_cyphesis_port',`
+interface(`corenet_udp_receive_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:udp_socket recv_msg;
+ allow $1 cma_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the cyphesis port.
+## Do not audit attempts to receive UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14745,17 +15188,17 @@ interface(`corenet_udp_receive_cyphesis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_cyphesis_port',`
+interface(`corenet_dontaudit_udp_receive_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- dontaudit $1 cyphesis_port_t:udp_socket recv_msg;
+ dontaudit $1 cma_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the cyphesis port.
+## Send and receive UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14764,15 +15207,15 @@ interface(`corenet_dontaudit_udp_receive_cyphesis_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_cyphesis_port',`
- corenet_udp_send_cyphesis_port($1)
- corenet_udp_receive_cyphesis_port($1)
+interface(`corenet_udp_sendrecv_cma_port',`
+ corenet_udp_send_cma_port($1)
+ corenet_udp_receive_cma_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the cyphesis port.
+## UDP traffic on the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14781,14 +15224,14 @@ interface(`corenet_udp_sendrecv_cyphesis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_cyphesis_port',`
- corenet_dontaudit_udp_send_cyphesis_port($1)
- corenet_dontaudit_udp_receive_cyphesis_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cma_port',`
+ corenet_dontaudit_udp_send_cma_port($1)
+ corenet_dontaudit_udp_receive_cma_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the cyphesis port.
+## Bind TCP sockets to the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14797,18 +15240,18 @@ interface(`corenet_dontaudit_udp_sendrecv_cyphesis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_cyphesis_port',`
+interface(`corenet_tcp_bind_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 cma_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the cyphesis port.
+## Bind UDP sockets to the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14817,18 +15260,18 @@ interface(`corenet_tcp_bind_cyphesis_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_cyphesis_port',`
+interface(`corenet_udp_bind_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 cma_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the cyphesis port.
+## Make a TCP connection to the cma port.
## </summary>
## <param name="domain">
## <summary>
@@ -14836,18 +15279,18 @@ interface(`corenet_udp_bind_cyphesis_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_cyphesis_port',`
+interface(`corenet_tcp_connect_cma_port',`
gen_require(`
- type cyphesis_port_t;
+ type cma_port_t;
')
- allow $1 cyphesis_port_t:tcp_socket name_connect;
+ allow $1 cma_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send cyphesis_client packets.
+## Send cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14856,17 +15299,17 @@ interface(`corenet_tcp_connect_cyphesis_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cyphesis_client_packets',`
+interface(`corenet_send_cma_client_packets',`
gen_require(`
- type cyphesis_client_packet_t;
+ type cma_client_packet_t;
')
- allow $1 cyphesis_client_packet_t:packet send;
+ allow $1 cma_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cyphesis_client packets.
+## Do not audit attempts to send cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14875,17 +15318,17 @@ interface(`corenet_send_cyphesis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cyphesis_client_packets',`
+interface(`corenet_dontaudit_send_cma_client_packets',`
gen_require(`
- type cyphesis_client_packet_t;
+ type cma_client_packet_t;
')
- dontaudit $1 cyphesis_client_packet_t:packet send;
+ dontaudit $1 cma_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive cyphesis_client packets.
+## Receive cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14894,17 +15337,17 @@ interface(`corenet_dontaudit_send_cyphesis_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cyphesis_client_packets',`
+interface(`corenet_receive_cma_client_packets',`
gen_require(`
- type cyphesis_client_packet_t;
+ type cma_client_packet_t;
')
- allow $1 cyphesis_client_packet_t:packet recv;
+ allow $1 cma_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cyphesis_client packets.
+## Do not audit attempts to receive cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14913,17 +15356,17 @@ interface(`corenet_receive_cyphesis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cyphesis_client_packets',`
+interface(`corenet_dontaudit_receive_cma_client_packets',`
gen_require(`
- type cyphesis_client_packet_t;
+ type cma_client_packet_t;
')
- dontaudit $1 cyphesis_client_packet_t:packet recv;
+ dontaudit $1 cma_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cyphesis_client packets.
+## Send and receive cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14932,14 +15375,14 @@ interface(`corenet_dontaudit_receive_cyphesis_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cyphesis_client_packets',`
- corenet_send_cyphesis_client_packets($1)
- corenet_receive_cyphesis_client_packets($1)
+interface(`corenet_sendrecv_cma_client_packets',`
+ corenet_send_cma_client_packets($1)
+ corenet_receive_cma_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cyphesis_client packets.
+## Do not audit attempts to send and receive cma_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14948,14 +15391,14 @@ interface(`corenet_sendrecv_cyphesis_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cyphesis_client_packets',`
- corenet_dontaudit_send_cyphesis_client_packets($1)
- corenet_dontaudit_receive_cyphesis_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cma_client_packets',`
+ corenet_dontaudit_send_cma_client_packets($1)
+ corenet_dontaudit_receive_cma_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to cyphesis_client the packet type.
+## Relabel packets to cma_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -14963,18 +15406,18 @@ interface(`corenet_dontaudit_sendrecv_cyphesis_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cyphesis_client_packets',`
+interface(`corenet_relabelto_cma_client_packets',`
gen_require(`
- type cyphesis_client_packet_t;
+ type cma_client_packet_t;
')
- allow $1 cyphesis_client_packet_t:packet relabelto;
+ allow $1 cma_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send cyphesis_server packets.
+## Send cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -14983,17 +15426,17 @@ interface(`corenet_relabelto_cyphesis_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_cyphesis_server_packets',`
+interface(`corenet_send_cma_server_packets',`
gen_require(`
- type cyphesis_server_packet_t;
+ type cma_server_packet_t;
')
- allow $1 cyphesis_server_packet_t:packet send;
+ allow $1 cma_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send cyphesis_server packets.
+## Do not audit attempts to send cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15002,17 +15445,17 @@ interface(`corenet_send_cyphesis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_cyphesis_server_packets',`
+interface(`corenet_dontaudit_send_cma_server_packets',`
gen_require(`
- type cyphesis_server_packet_t;
+ type cma_server_packet_t;
')
- dontaudit $1 cyphesis_server_packet_t:packet send;
+ dontaudit $1 cma_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive cyphesis_server packets.
+## Receive cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15021,17 +15464,17 @@ interface(`corenet_dontaudit_send_cyphesis_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_cyphesis_server_packets',`
+interface(`corenet_receive_cma_server_packets',`
gen_require(`
- type cyphesis_server_packet_t;
+ type cma_server_packet_t;
')
- allow $1 cyphesis_server_packet_t:packet recv;
+ allow $1 cma_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive cyphesis_server packets.
+## Do not audit attempts to receive cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15040,17 +15483,17 @@ interface(`corenet_receive_cyphesis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_cyphesis_server_packets',`
+interface(`corenet_dontaudit_receive_cma_server_packets',`
gen_require(`
- type cyphesis_server_packet_t;
+ type cma_server_packet_t;
')
- dontaudit $1 cyphesis_server_packet_t:packet recv;
+ dontaudit $1 cma_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive cyphesis_server packets.
+## Send and receive cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15059,14 +15502,14 @@ interface(`corenet_dontaudit_receive_cyphesis_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_cyphesis_server_packets',`
- corenet_send_cyphesis_server_packets($1)
- corenet_receive_cyphesis_server_packets($1)
+interface(`corenet_sendrecv_cma_server_packets',`
+ corenet_send_cma_server_packets($1)
+ corenet_receive_cma_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive cyphesis_server packets.
+## Do not audit attempts to send and receive cma_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15075,14 +15518,14 @@ interface(`corenet_sendrecv_cyphesis_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_cyphesis_server_packets',`
- corenet_dontaudit_send_cyphesis_server_packets($1)
- corenet_dontaudit_receive_cyphesis_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cma_server_packets',`
+ corenet_dontaudit_send_cma_server_packets($1)
+ corenet_dontaudit_receive_cma_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to cyphesis_server the packet type.
+## Relabel packets to cma_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -15090,12 +15533,12 @@ interface(`corenet_dontaudit_sendrecv_cyphesis_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_cyphesis_server_packets',`
+interface(`corenet_relabelto_cma_server_packets',`
gen_require(`
- type cyphesis_server_packet_t;
+ type cma_server_packet_t;
')
- allow $1 cyphesis_server_packet_t:packet relabelto;
+ allow $1 cma_server_packet_t:packet relabelto;
')
@@ -15103,7 +15546,7 @@ interface(`corenet_relabelto_cyphesis_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the daap port.
+## Send and receive TCP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15112,17 +15555,17 @@ interface(`corenet_relabelto_cyphesis_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_daap_port',`
+interface(`corenet_tcp_sendrecv_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cobbler_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the daap port.
+## Send UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15131,17 +15574,17 @@ interface(`corenet_tcp_sendrecv_daap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_daap_port',`
+interface(`corenet_udp_send_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:udp_socket send_msg;
+ allow $1 cobbler_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the daap port.
+## Do not audit attempts to send UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15150,17 +15593,17 @@ interface(`corenet_udp_send_daap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_daap_port',`
+interface(`corenet_dontaudit_udp_send_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- dontaudit $1 daap_port_t:udp_socket send_msg;
+ dontaudit $1 cobbler_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the daap port.
+## Receive UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15169,17 +15612,17 @@ interface(`corenet_dontaudit_udp_send_daap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_daap_port',`
+interface(`corenet_udp_receive_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:udp_socket recv_msg;
+ allow $1 cobbler_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the daap port.
+## Do not audit attempts to receive UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15188,17 +15631,17 @@ interface(`corenet_udp_receive_daap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_daap_port',`
+interface(`corenet_dontaudit_udp_receive_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- dontaudit $1 daap_port_t:udp_socket recv_msg;
+ dontaudit $1 cobbler_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the daap port.
+## Send and receive UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15207,15 +15650,15 @@ interface(`corenet_dontaudit_udp_receive_daap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_daap_port',`
- corenet_udp_send_daap_port($1)
- corenet_udp_receive_daap_port($1)
+interface(`corenet_udp_sendrecv_cobbler_port',`
+ corenet_udp_send_cobbler_port($1)
+ corenet_udp_receive_cobbler_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the daap port.
+## UDP traffic on the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15224,14 +15667,14 @@ interface(`corenet_udp_sendrecv_daap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_daap_port',`
- corenet_dontaudit_udp_send_daap_port($1)
- corenet_dontaudit_udp_receive_daap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cobbler_port',`
+ corenet_dontaudit_udp_send_cobbler_port($1)
+ corenet_dontaudit_udp_receive_cobbler_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the daap port.
+## Bind TCP sockets to the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15240,18 +15683,18 @@ interface(`corenet_dontaudit_udp_sendrecv_daap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_daap_port',`
+interface(`corenet_tcp_bind_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:tcp_socket name_bind;
+ allow $1 cobbler_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the daap port.
+## Bind UDP sockets to the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15260,18 +15703,18 @@ interface(`corenet_tcp_bind_daap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_daap_port',`
+interface(`corenet_udp_bind_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:udp_socket name_bind;
+ allow $1 cobbler_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the daap port.
+## Make a TCP connection to the cobbler port.
## </summary>
## <param name="domain">
## <summary>
@@ -15279,18 +15722,18 @@ interface(`corenet_udp_bind_daap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_daap_port',`
+interface(`corenet_tcp_connect_cobbler_port',`
gen_require(`
- type daap_port_t;
+ type cobbler_port_t;
')
- allow $1 daap_port_t:tcp_socket name_connect;
+ allow $1 cobbler_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send daap_client packets.
+## Send cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15299,17 +15742,17 @@ interface(`corenet_tcp_connect_daap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_daap_client_packets',`
+interface(`corenet_send_cobbler_client_packets',`
gen_require(`
- type daap_client_packet_t;
+ type cobbler_client_packet_t;
')
- allow $1 daap_client_packet_t:packet send;
+ allow $1 cobbler_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send daap_client packets.
+## Do not audit attempts to send cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15318,17 +15761,17 @@ interface(`corenet_send_daap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_daap_client_packets',`
+interface(`corenet_dontaudit_send_cobbler_client_packets',`
gen_require(`
- type daap_client_packet_t;
+ type cobbler_client_packet_t;
')
- dontaudit $1 daap_client_packet_t:packet send;
+ dontaudit $1 cobbler_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive daap_client packets.
+## Receive cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15337,17 +15780,17 @@ interface(`corenet_dontaudit_send_daap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_daap_client_packets',`
+interface(`corenet_receive_cobbler_client_packets',`
gen_require(`
- type daap_client_packet_t;
+ type cobbler_client_packet_t;
')
- allow $1 daap_client_packet_t:packet recv;
+ allow $1 cobbler_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive daap_client packets.
+## Do not audit attempts to receive cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15356,17 +15799,17 @@ interface(`corenet_receive_daap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_daap_client_packets',`
+interface(`corenet_dontaudit_receive_cobbler_client_packets',`
gen_require(`
- type daap_client_packet_t;
+ type cobbler_client_packet_t;
')
- dontaudit $1 daap_client_packet_t:packet recv;
+ dontaudit $1 cobbler_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive daap_client packets.
+## Send and receive cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15375,14 +15818,14 @@ interface(`corenet_dontaudit_receive_daap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_daap_client_packets',`
- corenet_send_daap_client_packets($1)
- corenet_receive_daap_client_packets($1)
+interface(`corenet_sendrecv_cobbler_client_packets',`
+ corenet_send_cobbler_client_packets($1)
+ corenet_receive_cobbler_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive daap_client packets.
+## Do not audit attempts to send and receive cobbler_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15391,14 +15834,14 @@ interface(`corenet_sendrecv_daap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_daap_client_packets',`
- corenet_dontaudit_send_daap_client_packets($1)
- corenet_dontaudit_receive_daap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cobbler_client_packets',`
+ corenet_dontaudit_send_cobbler_client_packets($1)
+ corenet_dontaudit_receive_cobbler_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to daap_client the packet type.
+## Relabel packets to cobbler_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -15406,18 +15849,18 @@ interface(`corenet_dontaudit_sendrecv_daap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_daap_client_packets',`
+interface(`corenet_relabelto_cobbler_client_packets',`
gen_require(`
- type daap_client_packet_t;
+ type cobbler_client_packet_t;
')
- allow $1 daap_client_packet_t:packet relabelto;
+ allow $1 cobbler_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send daap_server packets.
+## Send cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15426,17 +15869,17 @@ interface(`corenet_relabelto_daap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_daap_server_packets',`
+interface(`corenet_send_cobbler_server_packets',`
gen_require(`
- type daap_server_packet_t;
+ type cobbler_server_packet_t;
')
- allow $1 daap_server_packet_t:packet send;
+ allow $1 cobbler_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send daap_server packets.
+## Do not audit attempts to send cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15445,17 +15888,17 @@ interface(`corenet_send_daap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_daap_server_packets',`
+interface(`corenet_dontaudit_send_cobbler_server_packets',`
gen_require(`
- type daap_server_packet_t;
+ type cobbler_server_packet_t;
')
- dontaudit $1 daap_server_packet_t:packet send;
+ dontaudit $1 cobbler_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive daap_server packets.
+## Receive cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15464,17 +15907,17 @@ interface(`corenet_dontaudit_send_daap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_daap_server_packets',`
+interface(`corenet_receive_cobbler_server_packets',`
gen_require(`
- type daap_server_packet_t;
+ type cobbler_server_packet_t;
')
- allow $1 daap_server_packet_t:packet recv;
+ allow $1 cobbler_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive daap_server packets.
+## Do not audit attempts to receive cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15483,17 +15926,17 @@ interface(`corenet_receive_daap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_daap_server_packets',`
+interface(`corenet_dontaudit_receive_cobbler_server_packets',`
gen_require(`
- type daap_server_packet_t;
+ type cobbler_server_packet_t;
')
- dontaudit $1 daap_server_packet_t:packet recv;
+ dontaudit $1 cobbler_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive daap_server packets.
+## Send and receive cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15502,14 +15945,14 @@ interface(`corenet_dontaudit_receive_daap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_daap_server_packets',`
- corenet_send_daap_server_packets($1)
- corenet_receive_daap_server_packets($1)
+interface(`corenet_sendrecv_cobbler_server_packets',`
+ corenet_send_cobbler_server_packets($1)
+ corenet_receive_cobbler_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive daap_server packets.
+## Do not audit attempts to send and receive cobbler_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15518,14 +15961,14 @@ interface(`corenet_sendrecv_daap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_daap_server_packets',`
- corenet_dontaudit_send_daap_server_packets($1)
- corenet_dontaudit_receive_daap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cobbler_server_packets',`
+ corenet_dontaudit_send_cobbler_server_packets($1)
+ corenet_dontaudit_receive_cobbler_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to daap_server the packet type.
+## Relabel packets to cobbler_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -15533,12 +15976,12 @@ interface(`corenet_dontaudit_sendrecv_daap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_daap_server_packets',`
+interface(`corenet_relabelto_cobbler_server_packets',`
gen_require(`
- type daap_server_packet_t;
+ type cobbler_server_packet_t;
')
- allow $1 daap_server_packet_t:packet relabelto;
+ allow $1 cobbler_server_packet_t:packet relabelto;
')
@@ -15546,7 +15989,7 @@ interface(`corenet_relabelto_daap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dbskkd port.
+## Send and receive TCP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15555,17 +15998,17 @@ interface(`corenet_relabelto_daap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dbskkd_port',`
+interface(`corenet_tcp_sendrecv_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 commplex_link_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dbskkd port.
+## Send UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15574,17 +16017,17 @@ interface(`corenet_tcp_sendrecv_dbskkd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dbskkd_port',`
+interface(`corenet_udp_send_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:udp_socket send_msg;
+ allow $1 commplex_link_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dbskkd port.
+## Do not audit attempts to send UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15593,17 +16036,17 @@ interface(`corenet_udp_send_dbskkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dbskkd_port',`
+interface(`corenet_dontaudit_udp_send_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- dontaudit $1 dbskkd_port_t:udp_socket send_msg;
+ dontaudit $1 commplex_link_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dbskkd port.
+## Receive UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15612,17 +16055,17 @@ interface(`corenet_dontaudit_udp_send_dbskkd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dbskkd_port',`
+interface(`corenet_udp_receive_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:udp_socket recv_msg;
+ allow $1 commplex_link_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dbskkd port.
+## Do not audit attempts to receive UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15631,17 +16074,17 @@ interface(`corenet_udp_receive_dbskkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dbskkd_port',`
+interface(`corenet_dontaudit_udp_receive_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- dontaudit $1 dbskkd_port_t:udp_socket recv_msg;
+ dontaudit $1 commplex_link_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dbskkd port.
+## Send and receive UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15650,15 +16093,15 @@ interface(`corenet_dontaudit_udp_receive_dbskkd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dbskkd_port',`
- corenet_udp_send_dbskkd_port($1)
- corenet_udp_receive_dbskkd_port($1)
+interface(`corenet_udp_sendrecv_commplex_link_port',`
+ corenet_udp_send_commplex_link_port($1)
+ corenet_udp_receive_commplex_link_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dbskkd port.
+## UDP traffic on the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15667,14 +16110,14 @@ interface(`corenet_udp_sendrecv_dbskkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dbskkd_port',`
- corenet_dontaudit_udp_send_dbskkd_port($1)
- corenet_dontaudit_udp_receive_dbskkd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_commplex_link_port',`
+ corenet_dontaudit_udp_send_commplex_link_port($1)
+ corenet_dontaudit_udp_receive_commplex_link_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dbskkd port.
+## Bind TCP sockets to the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15683,18 +16126,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dbskkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dbskkd_port',`
+interface(`corenet_tcp_bind_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:tcp_socket name_bind;
+ allow $1 commplex_link_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the dbskkd port.
+## Bind UDP sockets to the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15703,18 +16146,18 @@ interface(`corenet_tcp_bind_dbskkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dbskkd_port',`
+interface(`corenet_udp_bind_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:udp_socket name_bind;
+ allow $1 commplex_link_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the dbskkd port.
+## Make a TCP connection to the commplex_link port.
## </summary>
## <param name="domain">
## <summary>
@@ -15722,18 +16165,18 @@ interface(`corenet_udp_bind_dbskkd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dbskkd_port',`
+interface(`corenet_tcp_connect_commplex_link_port',`
gen_require(`
- type dbskkd_port_t;
+ type commplex_link_port_t;
')
- allow $1 dbskkd_port_t:tcp_socket name_connect;
+ allow $1 commplex_link_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dbskkd_client packets.
+## Send commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15742,17 +16185,17 @@ interface(`corenet_tcp_connect_dbskkd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dbskkd_client_packets',`
+interface(`corenet_send_commplex_link_client_packets',`
gen_require(`
- type dbskkd_client_packet_t;
+ type commplex_link_client_packet_t;
')
- allow $1 dbskkd_client_packet_t:packet send;
+ allow $1 commplex_link_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dbskkd_client packets.
+## Do not audit attempts to send commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15761,17 +16204,17 @@ interface(`corenet_send_dbskkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dbskkd_client_packets',`
+interface(`corenet_dontaudit_send_commplex_link_client_packets',`
gen_require(`
- type dbskkd_client_packet_t;
+ type commplex_link_client_packet_t;
')
- dontaudit $1 dbskkd_client_packet_t:packet send;
+ dontaudit $1 commplex_link_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dbskkd_client packets.
+## Receive commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15780,17 +16223,17 @@ interface(`corenet_dontaudit_send_dbskkd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dbskkd_client_packets',`
+interface(`corenet_receive_commplex_link_client_packets',`
gen_require(`
- type dbskkd_client_packet_t;
+ type commplex_link_client_packet_t;
')
- allow $1 dbskkd_client_packet_t:packet recv;
+ allow $1 commplex_link_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dbskkd_client packets.
+## Do not audit attempts to receive commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15799,17 +16242,17 @@ interface(`corenet_receive_dbskkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dbskkd_client_packets',`
+interface(`corenet_dontaudit_receive_commplex_link_client_packets',`
gen_require(`
- type dbskkd_client_packet_t;
+ type commplex_link_client_packet_t;
')
- dontaudit $1 dbskkd_client_packet_t:packet recv;
+ dontaudit $1 commplex_link_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dbskkd_client packets.
+## Send and receive commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15818,14 +16261,14 @@ interface(`corenet_dontaudit_receive_dbskkd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dbskkd_client_packets',`
- corenet_send_dbskkd_client_packets($1)
- corenet_receive_dbskkd_client_packets($1)
+interface(`corenet_sendrecv_commplex_link_client_packets',`
+ corenet_send_commplex_link_client_packets($1)
+ corenet_receive_commplex_link_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dbskkd_client packets.
+## Do not audit attempts to send and receive commplex_link_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15834,14 +16277,14 @@ interface(`corenet_sendrecv_dbskkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dbskkd_client_packets',`
- corenet_dontaudit_send_dbskkd_client_packets($1)
- corenet_dontaudit_receive_dbskkd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_commplex_link_client_packets',`
+ corenet_dontaudit_send_commplex_link_client_packets($1)
+ corenet_dontaudit_receive_commplex_link_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dbskkd_client the packet type.
+## Relabel packets to commplex_link_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -15849,18 +16292,18 @@ interface(`corenet_dontaudit_sendrecv_dbskkd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dbskkd_client_packets',`
+interface(`corenet_relabelto_commplex_link_client_packets',`
gen_require(`
- type dbskkd_client_packet_t;
+ type commplex_link_client_packet_t;
')
- allow $1 dbskkd_client_packet_t:packet relabelto;
+ allow $1 commplex_link_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dbskkd_server packets.
+## Send commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15869,17 +16312,17 @@ interface(`corenet_relabelto_dbskkd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dbskkd_server_packets',`
+interface(`corenet_send_commplex_link_server_packets',`
gen_require(`
- type dbskkd_server_packet_t;
+ type commplex_link_server_packet_t;
')
- allow $1 dbskkd_server_packet_t:packet send;
+ allow $1 commplex_link_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dbskkd_server packets.
+## Do not audit attempts to send commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15888,17 +16331,17 @@ interface(`corenet_send_dbskkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dbskkd_server_packets',`
+interface(`corenet_dontaudit_send_commplex_link_server_packets',`
gen_require(`
- type dbskkd_server_packet_t;
+ type commplex_link_server_packet_t;
')
- dontaudit $1 dbskkd_server_packet_t:packet send;
+ dontaudit $1 commplex_link_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dbskkd_server packets.
+## Receive commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15907,17 +16350,17 @@ interface(`corenet_dontaudit_send_dbskkd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dbskkd_server_packets',`
+interface(`corenet_receive_commplex_link_server_packets',`
gen_require(`
- type dbskkd_server_packet_t;
+ type commplex_link_server_packet_t;
')
- allow $1 dbskkd_server_packet_t:packet recv;
+ allow $1 commplex_link_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dbskkd_server packets.
+## Do not audit attempts to receive commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15926,17 +16369,17 @@ interface(`corenet_receive_dbskkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dbskkd_server_packets',`
+interface(`corenet_dontaudit_receive_commplex_link_server_packets',`
gen_require(`
- type dbskkd_server_packet_t;
+ type commplex_link_server_packet_t;
')
- dontaudit $1 dbskkd_server_packet_t:packet recv;
+ dontaudit $1 commplex_link_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dbskkd_server packets.
+## Send and receive commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15945,14 +16388,14 @@ interface(`corenet_dontaudit_receive_dbskkd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dbskkd_server_packets',`
- corenet_send_dbskkd_server_packets($1)
- corenet_receive_dbskkd_server_packets($1)
+interface(`corenet_sendrecv_commplex_link_server_packets',`
+ corenet_send_commplex_link_server_packets($1)
+ corenet_receive_commplex_link_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dbskkd_server packets.
+## Do not audit attempts to send and receive commplex_link_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -15961,14 +16404,14 @@ interface(`corenet_sendrecv_dbskkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dbskkd_server_packets',`
- corenet_dontaudit_send_dbskkd_server_packets($1)
- corenet_dontaudit_receive_dbskkd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_commplex_link_server_packets',`
+ corenet_dontaudit_send_commplex_link_server_packets($1)
+ corenet_dontaudit_receive_commplex_link_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dbskkd_server the packet type.
+## Relabel packets to commplex_link_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -15976,12 +16419,12 @@ interface(`corenet_dontaudit_sendrecv_dbskkd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dbskkd_server_packets',`
+interface(`corenet_relabelto_commplex_link_server_packets',`
gen_require(`
- type dbskkd_server_packet_t;
+ type commplex_link_server_packet_t;
')
- allow $1 dbskkd_server_packet_t:packet relabelto;
+ allow $1 commplex_link_server_packet_t:packet relabelto;
')
@@ -15989,7 +16432,7 @@ interface(`corenet_relabelto_dbskkd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dcc port.
+## Send and receive TCP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -15998,17 +16441,17 @@ interface(`corenet_relabelto_dbskkd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dcc_port',`
+interface(`corenet_tcp_sendrecv_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 commplex_main_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dcc port.
+## Send UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16017,17 +16460,17 @@ interface(`corenet_tcp_sendrecv_dcc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dcc_port',`
+interface(`corenet_udp_send_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:udp_socket send_msg;
+ allow $1 commplex_main_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dcc port.
+## Do not audit attempts to send UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16036,17 +16479,17 @@ interface(`corenet_udp_send_dcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dcc_port',`
+interface(`corenet_dontaudit_udp_send_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- dontaudit $1 dcc_port_t:udp_socket send_msg;
+ dontaudit $1 commplex_main_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dcc port.
+## Receive UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16055,17 +16498,17 @@ interface(`corenet_dontaudit_udp_send_dcc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dcc_port',`
+interface(`corenet_udp_receive_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:udp_socket recv_msg;
+ allow $1 commplex_main_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dcc port.
+## Do not audit attempts to receive UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16074,17 +16517,17 @@ interface(`corenet_udp_receive_dcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dcc_port',`
+interface(`corenet_dontaudit_udp_receive_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- dontaudit $1 dcc_port_t:udp_socket recv_msg;
+ dontaudit $1 commplex_main_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dcc port.
+## Send and receive UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16093,15 +16536,15 @@ interface(`corenet_dontaudit_udp_receive_dcc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dcc_port',`
- corenet_udp_send_dcc_port($1)
- corenet_udp_receive_dcc_port($1)
+interface(`corenet_udp_sendrecv_commplex_main_port',`
+ corenet_udp_send_commplex_main_port($1)
+ corenet_udp_receive_commplex_main_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dcc port.
+## UDP traffic on the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16110,14 +16553,14 @@ interface(`corenet_udp_sendrecv_dcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dcc_port',`
- corenet_dontaudit_udp_send_dcc_port($1)
- corenet_dontaudit_udp_receive_dcc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_commplex_main_port',`
+ corenet_dontaudit_udp_send_commplex_main_port($1)
+ corenet_dontaudit_udp_receive_commplex_main_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dcc port.
+## Bind TCP sockets to the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16126,18 +16569,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dcc_port',`
+interface(`corenet_tcp_bind_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:tcp_socket name_bind;
+ allow $1 commplex_main_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the dcc port.
+## Bind UDP sockets to the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16146,18 +16589,18 @@ interface(`corenet_tcp_bind_dcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dcc_port',`
+interface(`corenet_udp_bind_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:udp_socket name_bind;
+ allow $1 commplex_main_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the dcc port.
+## Make a TCP connection to the commplex_main port.
## </summary>
## <param name="domain">
## <summary>
@@ -16165,18 +16608,18 @@ interface(`corenet_udp_bind_dcc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dcc_port',`
+interface(`corenet_tcp_connect_commplex_main_port',`
gen_require(`
- type dcc_port_t;
+ type commplex_main_port_t;
')
- allow $1 dcc_port_t:tcp_socket name_connect;
+ allow $1 commplex_main_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dcc_client packets.
+## Send commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16185,17 +16628,17 @@ interface(`corenet_tcp_connect_dcc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dcc_client_packets',`
+interface(`corenet_send_commplex_main_client_packets',`
gen_require(`
- type dcc_client_packet_t;
+ type commplex_main_client_packet_t;
')
- allow $1 dcc_client_packet_t:packet send;
+ allow $1 commplex_main_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dcc_client packets.
+## Do not audit attempts to send commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16204,17 +16647,17 @@ interface(`corenet_send_dcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dcc_client_packets',`
+interface(`corenet_dontaudit_send_commplex_main_client_packets',`
gen_require(`
- type dcc_client_packet_t;
+ type commplex_main_client_packet_t;
')
- dontaudit $1 dcc_client_packet_t:packet send;
+ dontaudit $1 commplex_main_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dcc_client packets.
+## Receive commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16223,17 +16666,17 @@ interface(`corenet_dontaudit_send_dcc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dcc_client_packets',`
+interface(`corenet_receive_commplex_main_client_packets',`
gen_require(`
- type dcc_client_packet_t;
+ type commplex_main_client_packet_t;
')
- allow $1 dcc_client_packet_t:packet recv;
+ allow $1 commplex_main_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dcc_client packets.
+## Do not audit attempts to receive commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16242,17 +16685,17 @@ interface(`corenet_receive_dcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dcc_client_packets',`
+interface(`corenet_dontaudit_receive_commplex_main_client_packets',`
gen_require(`
- type dcc_client_packet_t;
+ type commplex_main_client_packet_t;
')
- dontaudit $1 dcc_client_packet_t:packet recv;
+ dontaudit $1 commplex_main_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dcc_client packets.
+## Send and receive commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16261,14 +16704,14 @@ interface(`corenet_dontaudit_receive_dcc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dcc_client_packets',`
- corenet_send_dcc_client_packets($1)
- corenet_receive_dcc_client_packets($1)
+interface(`corenet_sendrecv_commplex_main_client_packets',`
+ corenet_send_commplex_main_client_packets($1)
+ corenet_receive_commplex_main_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dcc_client packets.
+## Do not audit attempts to send and receive commplex_main_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16277,14 +16720,14 @@ interface(`corenet_sendrecv_dcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dcc_client_packets',`
- corenet_dontaudit_send_dcc_client_packets($1)
- corenet_dontaudit_receive_dcc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_commplex_main_client_packets',`
+ corenet_dontaudit_send_commplex_main_client_packets($1)
+ corenet_dontaudit_receive_commplex_main_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dcc_client the packet type.
+## Relabel packets to commplex_main_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -16292,18 +16735,18 @@ interface(`corenet_dontaudit_sendrecv_dcc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dcc_client_packets',`
+interface(`corenet_relabelto_commplex_main_client_packets',`
gen_require(`
- type dcc_client_packet_t;
+ type commplex_main_client_packet_t;
')
- allow $1 dcc_client_packet_t:packet relabelto;
+ allow $1 commplex_main_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dcc_server packets.
+## Send commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16312,17 +16755,17 @@ interface(`corenet_relabelto_dcc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dcc_server_packets',`
+interface(`corenet_send_commplex_main_server_packets',`
gen_require(`
- type dcc_server_packet_t;
+ type commplex_main_server_packet_t;
')
- allow $1 dcc_server_packet_t:packet send;
+ allow $1 commplex_main_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dcc_server packets.
+## Do not audit attempts to send commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16331,17 +16774,17 @@ interface(`corenet_send_dcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dcc_server_packets',`
+interface(`corenet_dontaudit_send_commplex_main_server_packets',`
gen_require(`
- type dcc_server_packet_t;
+ type commplex_main_server_packet_t;
')
- dontaudit $1 dcc_server_packet_t:packet send;
+ dontaudit $1 commplex_main_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dcc_server packets.
+## Receive commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16350,17 +16793,17 @@ interface(`corenet_dontaudit_send_dcc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dcc_server_packets',`
+interface(`corenet_receive_commplex_main_server_packets',`
gen_require(`
- type dcc_server_packet_t;
+ type commplex_main_server_packet_t;
')
- allow $1 dcc_server_packet_t:packet recv;
+ allow $1 commplex_main_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dcc_server packets.
+## Do not audit attempts to receive commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16369,17 +16812,17 @@ interface(`corenet_receive_dcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dcc_server_packets',`
+interface(`corenet_dontaudit_receive_commplex_main_server_packets',`
gen_require(`
- type dcc_server_packet_t;
+ type commplex_main_server_packet_t;
')
- dontaudit $1 dcc_server_packet_t:packet recv;
+ dontaudit $1 commplex_main_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dcc_server packets.
+## Send and receive commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16388,14 +16831,14 @@ interface(`corenet_dontaudit_receive_dcc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dcc_server_packets',`
- corenet_send_dcc_server_packets($1)
- corenet_receive_dcc_server_packets($1)
+interface(`corenet_sendrecv_commplex_main_server_packets',`
+ corenet_send_commplex_main_server_packets($1)
+ corenet_receive_commplex_main_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dcc_server packets.
+## Do not audit attempts to send and receive commplex_main_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16404,14 +16847,14 @@ interface(`corenet_sendrecv_dcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dcc_server_packets',`
- corenet_dontaudit_send_dcc_server_packets($1)
- corenet_dontaudit_receive_dcc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_commplex_main_server_packets',`
+ corenet_dontaudit_send_commplex_main_server_packets($1)
+ corenet_dontaudit_receive_commplex_main_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dcc_server the packet type.
+## Relabel packets to commplex_main_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -16419,12 +16862,12 @@ interface(`corenet_dontaudit_sendrecv_dcc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dcc_server_packets',`
+interface(`corenet_relabelto_commplex_main_server_packets',`
gen_require(`
- type dcc_server_packet_t;
+ type commplex_main_server_packet_t;
')
- allow $1 dcc_server_packet_t:packet relabelto;
+ allow $1 commplex_main_server_packet_t:packet relabelto;
')
@@ -16432,7 +16875,7 @@ interface(`corenet_relabelto_dcc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dccm port.
+## Send and receive TCP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16441,17 +16884,17 @@ interface(`corenet_relabelto_dcc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dccm_port',`
+interface(`corenet_tcp_sendrecv_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 comsat_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dccm port.
+## Send UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16460,17 +16903,17 @@ interface(`corenet_tcp_sendrecv_dccm_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dccm_port',`
+interface(`corenet_udp_send_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:udp_socket send_msg;
+ allow $1 comsat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dccm port.
+## Do not audit attempts to send UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16479,17 +16922,17 @@ interface(`corenet_udp_send_dccm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dccm_port',`
+interface(`corenet_dontaudit_udp_send_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- dontaudit $1 dccm_port_t:udp_socket send_msg;
+ dontaudit $1 comsat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dccm port.
+## Receive UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16498,17 +16941,17 @@ interface(`corenet_dontaudit_udp_send_dccm_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dccm_port',`
+interface(`corenet_udp_receive_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:udp_socket recv_msg;
+ allow $1 comsat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dccm port.
+## Do not audit attempts to receive UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16517,17 +16960,17 @@ interface(`corenet_udp_receive_dccm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dccm_port',`
+interface(`corenet_dontaudit_udp_receive_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- dontaudit $1 dccm_port_t:udp_socket recv_msg;
+ dontaudit $1 comsat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dccm port.
+## Send and receive UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16536,15 +16979,15 @@ interface(`corenet_dontaudit_udp_receive_dccm_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dccm_port',`
- corenet_udp_send_dccm_port($1)
- corenet_udp_receive_dccm_port($1)
+interface(`corenet_udp_sendrecv_comsat_port',`
+ corenet_udp_send_comsat_port($1)
+ corenet_udp_receive_comsat_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dccm port.
+## UDP traffic on the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16553,14 +16996,14 @@ interface(`corenet_udp_sendrecv_dccm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dccm_port',`
- corenet_dontaudit_udp_send_dccm_port($1)
- corenet_dontaudit_udp_receive_dccm_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_comsat_port',`
+ corenet_dontaudit_udp_send_comsat_port($1)
+ corenet_dontaudit_udp_receive_comsat_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dccm port.
+## Bind TCP sockets to the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16569,18 +17012,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dccm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dccm_port',`
+interface(`corenet_tcp_bind_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:tcp_socket name_bind;
-
+ allow $1 comsat_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the dccm port.
+## Bind UDP sockets to the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16589,18 +17032,18 @@ interface(`corenet_tcp_bind_dccm_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dccm_port',`
+interface(`corenet_udp_bind_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:udp_socket name_bind;
-
+ allow $1 comsat_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the dccm port.
+## Make a TCP connection to the comsat port.
## </summary>
## <param name="domain">
## <summary>
@@ -16608,18 +17051,18 @@ interface(`corenet_udp_bind_dccm_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dccm_port',`
+interface(`corenet_tcp_connect_comsat_port',`
gen_require(`
- type dccm_port_t;
+ type comsat_port_t;
')
- allow $1 dccm_port_t:tcp_socket name_connect;
+ allow $1 comsat_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dccm_client packets.
+## Send comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16628,17 +17071,17 @@ interface(`corenet_tcp_connect_dccm_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dccm_client_packets',`
+interface(`corenet_send_comsat_client_packets',`
gen_require(`
- type dccm_client_packet_t;
+ type comsat_client_packet_t;
')
- allow $1 dccm_client_packet_t:packet send;
+ allow $1 comsat_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dccm_client packets.
+## Do not audit attempts to send comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16647,17 +17090,17 @@ interface(`corenet_send_dccm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dccm_client_packets',`
+interface(`corenet_dontaudit_send_comsat_client_packets',`
gen_require(`
- type dccm_client_packet_t;
+ type comsat_client_packet_t;
')
- dontaudit $1 dccm_client_packet_t:packet send;
+ dontaudit $1 comsat_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dccm_client packets.
+## Receive comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16666,17 +17109,17 @@ interface(`corenet_dontaudit_send_dccm_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dccm_client_packets',`
+interface(`corenet_receive_comsat_client_packets',`
gen_require(`
- type dccm_client_packet_t;
+ type comsat_client_packet_t;
')
- allow $1 dccm_client_packet_t:packet recv;
+ allow $1 comsat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dccm_client packets.
+## Do not audit attempts to receive comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16685,17 +17128,17 @@ interface(`corenet_receive_dccm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dccm_client_packets',`
+interface(`corenet_dontaudit_receive_comsat_client_packets',`
gen_require(`
- type dccm_client_packet_t;
+ type comsat_client_packet_t;
')
- dontaudit $1 dccm_client_packet_t:packet recv;
+ dontaudit $1 comsat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dccm_client packets.
+## Send and receive comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16704,14 +17147,14 @@ interface(`corenet_dontaudit_receive_dccm_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dccm_client_packets',`
- corenet_send_dccm_client_packets($1)
- corenet_receive_dccm_client_packets($1)
+interface(`corenet_sendrecv_comsat_client_packets',`
+ corenet_send_comsat_client_packets($1)
+ corenet_receive_comsat_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dccm_client packets.
+## Do not audit attempts to send and receive comsat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16720,14 +17163,14 @@ interface(`corenet_sendrecv_dccm_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dccm_client_packets',`
- corenet_dontaudit_send_dccm_client_packets($1)
- corenet_dontaudit_receive_dccm_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_comsat_client_packets',`
+ corenet_dontaudit_send_comsat_client_packets($1)
+ corenet_dontaudit_receive_comsat_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dccm_client the packet type.
+## Relabel packets to comsat_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -16735,18 +17178,18 @@ interface(`corenet_dontaudit_sendrecv_dccm_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dccm_client_packets',`
+interface(`corenet_relabelto_comsat_client_packets',`
gen_require(`
- type dccm_client_packet_t;
+ type comsat_client_packet_t;
')
- allow $1 dccm_client_packet_t:packet relabelto;
+ allow $1 comsat_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dccm_server packets.
+## Send comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16755,17 +17198,17 @@ interface(`corenet_relabelto_dccm_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dccm_server_packets',`
+interface(`corenet_send_comsat_server_packets',`
gen_require(`
- type dccm_server_packet_t;
+ type comsat_server_packet_t;
')
- allow $1 dccm_server_packet_t:packet send;
+ allow $1 comsat_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dccm_server packets.
+## Do not audit attempts to send comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16774,17 +17217,17 @@ interface(`corenet_send_dccm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dccm_server_packets',`
+interface(`corenet_dontaudit_send_comsat_server_packets',`
gen_require(`
- type dccm_server_packet_t;
+ type comsat_server_packet_t;
')
- dontaudit $1 dccm_server_packet_t:packet send;
+ dontaudit $1 comsat_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dccm_server packets.
+## Receive comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16793,17 +17236,17 @@ interface(`corenet_dontaudit_send_dccm_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dccm_server_packets',`
+interface(`corenet_receive_comsat_server_packets',`
gen_require(`
- type dccm_server_packet_t;
+ type comsat_server_packet_t;
')
- allow $1 dccm_server_packet_t:packet recv;
+ allow $1 comsat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dccm_server packets.
+## Do not audit attempts to receive comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16812,17 +17255,17 @@ interface(`corenet_receive_dccm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dccm_server_packets',`
+interface(`corenet_dontaudit_receive_comsat_server_packets',`
gen_require(`
- type dccm_server_packet_t;
+ type comsat_server_packet_t;
')
- dontaudit $1 dccm_server_packet_t:packet recv;
+ dontaudit $1 comsat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dccm_server packets.
+## Send and receive comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16831,14 +17274,14 @@ interface(`corenet_dontaudit_receive_dccm_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dccm_server_packets',`
- corenet_send_dccm_server_packets($1)
- corenet_receive_dccm_server_packets($1)
+interface(`corenet_sendrecv_comsat_server_packets',`
+ corenet_send_comsat_server_packets($1)
+ corenet_receive_comsat_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dccm_server packets.
+## Do not audit attempts to send and receive comsat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -16847,14 +17290,14 @@ interface(`corenet_sendrecv_dccm_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dccm_server_packets',`
- corenet_dontaudit_send_dccm_server_packets($1)
- corenet_dontaudit_receive_dccm_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_comsat_server_packets',`
+ corenet_dontaudit_send_comsat_server_packets($1)
+ corenet_dontaudit_receive_comsat_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dccm_server the packet type.
+## Relabel packets to comsat_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -16862,12 +17305,12 @@ interface(`corenet_dontaudit_sendrecv_dccm_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dccm_server_packets',`
+interface(`corenet_relabelto_comsat_server_packets',`
gen_require(`
- type dccm_server_packet_t;
+ type comsat_server_packet_t;
')
- allow $1 dccm_server_packet_t:packet relabelto;
+ allow $1 comsat_server_packet_t:packet relabelto;
')
@@ -16875,7 +17318,7 @@ interface(`corenet_relabelto_dccm_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dhcpc port.
+## Send and receive TCP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16884,17 +17327,17 @@ interface(`corenet_relabelto_dccm_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dhcpc_port',`
+interface(`corenet_tcp_sendrecv_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 condor_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dhcpc port.
+## Send UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16903,17 +17346,17 @@ interface(`corenet_tcp_sendrecv_dhcpc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dhcpc_port',`
+interface(`corenet_udp_send_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:udp_socket send_msg;
+ allow $1 condor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dhcpc port.
+## Do not audit attempts to send UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16922,17 +17365,17 @@ interface(`corenet_udp_send_dhcpc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dhcpc_port',`
+interface(`corenet_dontaudit_udp_send_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- dontaudit $1 dhcpc_port_t:udp_socket send_msg;
+ dontaudit $1 condor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dhcpc port.
+## Receive UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16941,17 +17384,17 @@ interface(`corenet_dontaudit_udp_send_dhcpc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dhcpc_port',`
+interface(`corenet_udp_receive_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:udp_socket recv_msg;
+ allow $1 condor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dhcpc port.
+## Do not audit attempts to receive UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16960,17 +17403,17 @@ interface(`corenet_udp_receive_dhcpc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dhcpc_port',`
+interface(`corenet_dontaudit_udp_receive_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- dontaudit $1 dhcpc_port_t:udp_socket recv_msg;
+ dontaudit $1 condor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dhcpc port.
+## Send and receive UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16979,15 +17422,15 @@ interface(`corenet_dontaudit_udp_receive_dhcpc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dhcpc_port',`
- corenet_udp_send_dhcpc_port($1)
- corenet_udp_receive_dhcpc_port($1)
+interface(`corenet_udp_sendrecv_condor_port',`
+ corenet_udp_send_condor_port($1)
+ corenet_udp_receive_condor_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dhcpc port.
+## UDP traffic on the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -16996,14 +17439,14 @@ interface(`corenet_udp_sendrecv_dhcpc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dhcpc_port',`
- corenet_dontaudit_udp_send_dhcpc_port($1)
- corenet_dontaudit_udp_receive_dhcpc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_condor_port',`
+ corenet_dontaudit_udp_send_condor_port($1)
+ corenet_dontaudit_udp_receive_condor_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dhcpc port.
+## Bind TCP sockets to the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -17012,18 +17455,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dhcpc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dhcpc_port',`
+interface(`corenet_tcp_bind_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 condor_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the dhcpc port.
+## Bind UDP sockets to the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -17032,18 +17475,18 @@ interface(`corenet_tcp_bind_dhcpc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dhcpc_port',`
+interface(`corenet_udp_bind_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 condor_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the dhcpc port.
+## Make a TCP connection to the condor port.
## </summary>
## <param name="domain">
## <summary>
@@ -17051,18 +17494,18 @@ interface(`corenet_udp_bind_dhcpc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dhcpc_port',`
+interface(`corenet_tcp_connect_condor_port',`
gen_require(`
- type dhcpc_port_t;
+ type condor_port_t;
')
- allow $1 dhcpc_port_t:tcp_socket name_connect;
+ allow $1 condor_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dhcpc_client packets.
+## Send condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17071,17 +17514,17 @@ interface(`corenet_tcp_connect_dhcpc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dhcpc_client_packets',`
+interface(`corenet_send_condor_client_packets',`
gen_require(`
- type dhcpc_client_packet_t;
+ type condor_client_packet_t;
')
- allow $1 dhcpc_client_packet_t:packet send;
+ allow $1 condor_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dhcpc_client packets.
+## Do not audit attempts to send condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17090,17 +17533,17 @@ interface(`corenet_send_dhcpc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dhcpc_client_packets',`
+interface(`corenet_dontaudit_send_condor_client_packets',`
gen_require(`
- type dhcpc_client_packet_t;
+ type condor_client_packet_t;
')
- dontaudit $1 dhcpc_client_packet_t:packet send;
+ dontaudit $1 condor_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dhcpc_client packets.
+## Receive condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17109,17 +17552,17 @@ interface(`corenet_dontaudit_send_dhcpc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dhcpc_client_packets',`
+interface(`corenet_receive_condor_client_packets',`
gen_require(`
- type dhcpc_client_packet_t;
+ type condor_client_packet_t;
')
- allow $1 dhcpc_client_packet_t:packet recv;
+ allow $1 condor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dhcpc_client packets.
+## Do not audit attempts to receive condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17128,17 +17571,17 @@ interface(`corenet_receive_dhcpc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dhcpc_client_packets',`
+interface(`corenet_dontaudit_receive_condor_client_packets',`
gen_require(`
- type dhcpc_client_packet_t;
+ type condor_client_packet_t;
')
- dontaudit $1 dhcpc_client_packet_t:packet recv;
+ dontaudit $1 condor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dhcpc_client packets.
+## Send and receive condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17147,14 +17590,14 @@ interface(`corenet_dontaudit_receive_dhcpc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dhcpc_client_packets',`
- corenet_send_dhcpc_client_packets($1)
- corenet_receive_dhcpc_client_packets($1)
+interface(`corenet_sendrecv_condor_client_packets',`
+ corenet_send_condor_client_packets($1)
+ corenet_receive_condor_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dhcpc_client packets.
+## Do not audit attempts to send and receive condor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17163,14 +17606,14 @@ interface(`corenet_sendrecv_dhcpc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dhcpc_client_packets',`
- corenet_dontaudit_send_dhcpc_client_packets($1)
- corenet_dontaudit_receive_dhcpc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_condor_client_packets',`
+ corenet_dontaudit_send_condor_client_packets($1)
+ corenet_dontaudit_receive_condor_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dhcpc_client the packet type.
+## Relabel packets to condor_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -17178,18 +17621,18 @@ interface(`corenet_dontaudit_sendrecv_dhcpc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dhcpc_client_packets',`
+interface(`corenet_relabelto_condor_client_packets',`
gen_require(`
- type dhcpc_client_packet_t;
+ type condor_client_packet_t;
')
- allow $1 dhcpc_client_packet_t:packet relabelto;
+ allow $1 condor_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dhcpc_server packets.
+## Send condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17198,17 +17641,17 @@ interface(`corenet_relabelto_dhcpc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dhcpc_server_packets',`
+interface(`corenet_send_condor_server_packets',`
gen_require(`
- type dhcpc_server_packet_t;
+ type condor_server_packet_t;
')
- allow $1 dhcpc_server_packet_t:packet send;
+ allow $1 condor_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dhcpc_server packets.
+## Do not audit attempts to send condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17217,17 +17660,17 @@ interface(`corenet_send_dhcpc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dhcpc_server_packets',`
+interface(`corenet_dontaudit_send_condor_server_packets',`
gen_require(`
- type dhcpc_server_packet_t;
+ type condor_server_packet_t;
')
- dontaudit $1 dhcpc_server_packet_t:packet send;
+ dontaudit $1 condor_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dhcpc_server packets.
+## Receive condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17236,17 +17679,17 @@ interface(`corenet_dontaudit_send_dhcpc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dhcpc_server_packets',`
+interface(`corenet_receive_condor_server_packets',`
gen_require(`
- type dhcpc_server_packet_t;
+ type condor_server_packet_t;
')
- allow $1 dhcpc_server_packet_t:packet recv;
+ allow $1 condor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dhcpc_server packets.
+## Do not audit attempts to receive condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17255,17 +17698,17 @@ interface(`corenet_receive_dhcpc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dhcpc_server_packets',`
+interface(`corenet_dontaudit_receive_condor_server_packets',`
gen_require(`
- type dhcpc_server_packet_t;
+ type condor_server_packet_t;
')
- dontaudit $1 dhcpc_server_packet_t:packet recv;
+ dontaudit $1 condor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dhcpc_server packets.
+## Send and receive condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17274,14 +17717,14 @@ interface(`corenet_dontaudit_receive_dhcpc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dhcpc_server_packets',`
- corenet_send_dhcpc_server_packets($1)
- corenet_receive_dhcpc_server_packets($1)
+interface(`corenet_sendrecv_condor_server_packets',`
+ corenet_send_condor_server_packets($1)
+ corenet_receive_condor_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dhcpc_server packets.
+## Do not audit attempts to send and receive condor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17290,14 +17733,14 @@ interface(`corenet_sendrecv_dhcpc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dhcpc_server_packets',`
- corenet_dontaudit_send_dhcpc_server_packets($1)
- corenet_dontaudit_receive_dhcpc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_condor_server_packets',`
+ corenet_dontaudit_send_condor_server_packets($1)
+ corenet_dontaudit_receive_condor_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dhcpc_server the packet type.
+## Relabel packets to condor_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -17305,12 +17748,12 @@ interface(`corenet_dontaudit_sendrecv_dhcpc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dhcpc_server_packets',`
+interface(`corenet_relabelto_condor_server_packets',`
gen_require(`
- type dhcpc_server_packet_t;
+ type condor_server_packet_t;
')
- allow $1 dhcpc_server_packet_t:packet relabelto;
+ allow $1 condor_server_packet_t:packet relabelto;
')
@@ -17318,7 +17761,7 @@ interface(`corenet_relabelto_dhcpc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dhcpd port.
+## Send and receive TCP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17327,17 +17770,17 @@ interface(`corenet_relabelto_dhcpc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dhcpd_port',`
+interface(`corenet_tcp_sendrecv_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 couchdb_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dhcpd port.
+## Send UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17346,17 +17789,17 @@ interface(`corenet_tcp_sendrecv_dhcpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dhcpd_port',`
+interface(`corenet_udp_send_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:udp_socket send_msg;
+ allow $1 couchdb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dhcpd port.
+## Do not audit attempts to send UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17365,17 +17808,17 @@ interface(`corenet_udp_send_dhcpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dhcpd_port',`
+interface(`corenet_dontaudit_udp_send_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- dontaudit $1 dhcpd_port_t:udp_socket send_msg;
+ dontaudit $1 couchdb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dhcpd port.
+## Receive UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17384,17 +17827,17 @@ interface(`corenet_dontaudit_udp_send_dhcpd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dhcpd_port',`
+interface(`corenet_udp_receive_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:udp_socket recv_msg;
+ allow $1 couchdb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dhcpd port.
+## Do not audit attempts to receive UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17403,17 +17846,17 @@ interface(`corenet_udp_receive_dhcpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dhcpd_port',`
+interface(`corenet_dontaudit_udp_receive_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- dontaudit $1 dhcpd_port_t:udp_socket recv_msg;
+ dontaudit $1 couchdb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dhcpd port.
+## Send and receive UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17422,15 +17865,15 @@ interface(`corenet_dontaudit_udp_receive_dhcpd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dhcpd_port',`
- corenet_udp_send_dhcpd_port($1)
- corenet_udp_receive_dhcpd_port($1)
+interface(`corenet_udp_sendrecv_couchdb_port',`
+ corenet_udp_send_couchdb_port($1)
+ corenet_udp_receive_couchdb_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dhcpd port.
+## UDP traffic on the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17439,14 +17882,14 @@ interface(`corenet_udp_sendrecv_dhcpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dhcpd_port',`
- corenet_dontaudit_udp_send_dhcpd_port($1)
- corenet_dontaudit_udp_receive_dhcpd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_couchdb_port',`
+ corenet_dontaudit_udp_send_couchdb_port($1)
+ corenet_dontaudit_udp_receive_couchdb_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dhcpd port.
+## Bind TCP sockets to the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17455,18 +17898,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dhcpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dhcpd_port',`
+interface(`corenet_tcp_bind_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 couchdb_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the dhcpd port.
+## Bind UDP sockets to the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17475,18 +17918,18 @@ interface(`corenet_tcp_bind_dhcpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dhcpd_port',`
+interface(`corenet_udp_bind_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 couchdb_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the dhcpd port.
+## Make a TCP connection to the couchdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -17494,18 +17937,18 @@ interface(`corenet_udp_bind_dhcpd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dhcpd_port',`
+interface(`corenet_tcp_connect_couchdb_port',`
gen_require(`
- type dhcpd_port_t;
+ type couchdb_port_t;
')
- allow $1 dhcpd_port_t:tcp_socket name_connect;
+ allow $1 couchdb_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dhcpd_client packets.
+## Send couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17514,17 +17957,17 @@ interface(`corenet_tcp_connect_dhcpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dhcpd_client_packets',`
+interface(`corenet_send_couchdb_client_packets',`
gen_require(`
- type dhcpd_client_packet_t;
+ type couchdb_client_packet_t;
')
- allow $1 dhcpd_client_packet_t:packet send;
+ allow $1 couchdb_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dhcpd_client packets.
+## Do not audit attempts to send couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17533,17 +17976,17 @@ interface(`corenet_send_dhcpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dhcpd_client_packets',`
+interface(`corenet_dontaudit_send_couchdb_client_packets',`
gen_require(`
- type dhcpd_client_packet_t;
+ type couchdb_client_packet_t;
')
- dontaudit $1 dhcpd_client_packet_t:packet send;
+ dontaudit $1 couchdb_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dhcpd_client packets.
+## Receive couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17552,17 +17995,17 @@ interface(`corenet_dontaudit_send_dhcpd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dhcpd_client_packets',`
+interface(`corenet_receive_couchdb_client_packets',`
gen_require(`
- type dhcpd_client_packet_t;
+ type couchdb_client_packet_t;
')
- allow $1 dhcpd_client_packet_t:packet recv;
+ allow $1 couchdb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dhcpd_client packets.
+## Do not audit attempts to receive couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17571,17 +18014,17 @@ interface(`corenet_receive_dhcpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dhcpd_client_packets',`
+interface(`corenet_dontaudit_receive_couchdb_client_packets',`
gen_require(`
- type dhcpd_client_packet_t;
+ type couchdb_client_packet_t;
')
- dontaudit $1 dhcpd_client_packet_t:packet recv;
+ dontaudit $1 couchdb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dhcpd_client packets.
+## Send and receive couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17590,14 +18033,14 @@ interface(`corenet_dontaudit_receive_dhcpd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dhcpd_client_packets',`
- corenet_send_dhcpd_client_packets($1)
- corenet_receive_dhcpd_client_packets($1)
+interface(`corenet_sendrecv_couchdb_client_packets',`
+ corenet_send_couchdb_client_packets($1)
+ corenet_receive_couchdb_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dhcpd_client packets.
+## Do not audit attempts to send and receive couchdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17606,14 +18049,14 @@ interface(`corenet_sendrecv_dhcpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dhcpd_client_packets',`
- corenet_dontaudit_send_dhcpd_client_packets($1)
- corenet_dontaudit_receive_dhcpd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_couchdb_client_packets',`
+ corenet_dontaudit_send_couchdb_client_packets($1)
+ corenet_dontaudit_receive_couchdb_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dhcpd_client the packet type.
+## Relabel packets to couchdb_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -17621,18 +18064,18 @@ interface(`corenet_dontaudit_sendrecv_dhcpd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dhcpd_client_packets',`
+interface(`corenet_relabelto_couchdb_client_packets',`
gen_require(`
- type dhcpd_client_packet_t;
+ type couchdb_client_packet_t;
')
- allow $1 dhcpd_client_packet_t:packet relabelto;
+ allow $1 couchdb_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dhcpd_server packets.
+## Send couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17641,17 +18084,17 @@ interface(`corenet_relabelto_dhcpd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dhcpd_server_packets',`
+interface(`corenet_send_couchdb_server_packets',`
gen_require(`
- type dhcpd_server_packet_t;
+ type couchdb_server_packet_t;
')
- allow $1 dhcpd_server_packet_t:packet send;
+ allow $1 couchdb_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dhcpd_server packets.
+## Do not audit attempts to send couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17660,17 +18103,17 @@ interface(`corenet_send_dhcpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dhcpd_server_packets',`
+interface(`corenet_dontaudit_send_couchdb_server_packets',`
gen_require(`
- type dhcpd_server_packet_t;
+ type couchdb_server_packet_t;
')
- dontaudit $1 dhcpd_server_packet_t:packet send;
+ dontaudit $1 couchdb_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dhcpd_server packets.
+## Receive couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17679,17 +18122,17 @@ interface(`corenet_dontaudit_send_dhcpd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dhcpd_server_packets',`
+interface(`corenet_receive_couchdb_server_packets',`
gen_require(`
- type dhcpd_server_packet_t;
+ type couchdb_server_packet_t;
')
- allow $1 dhcpd_server_packet_t:packet recv;
+ allow $1 couchdb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dhcpd_server packets.
+## Do not audit attempts to receive couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17698,17 +18141,17 @@ interface(`corenet_receive_dhcpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dhcpd_server_packets',`
+interface(`corenet_dontaudit_receive_couchdb_server_packets',`
gen_require(`
- type dhcpd_server_packet_t;
+ type couchdb_server_packet_t;
')
- dontaudit $1 dhcpd_server_packet_t:packet recv;
+ dontaudit $1 couchdb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dhcpd_server packets.
+## Send and receive couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17717,14 +18160,14 @@ interface(`corenet_dontaudit_receive_dhcpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dhcpd_server_packets',`
- corenet_send_dhcpd_server_packets($1)
- corenet_receive_dhcpd_server_packets($1)
+interface(`corenet_sendrecv_couchdb_server_packets',`
+ corenet_send_couchdb_server_packets($1)
+ corenet_receive_couchdb_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dhcpd_server packets.
+## Do not audit attempts to send and receive couchdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17733,14 +18176,14 @@ interface(`corenet_sendrecv_dhcpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dhcpd_server_packets',`
- corenet_dontaudit_send_dhcpd_server_packets($1)
- corenet_dontaudit_receive_dhcpd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_couchdb_server_packets',`
+ corenet_dontaudit_send_couchdb_server_packets($1)
+ corenet_dontaudit_receive_couchdb_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dhcpd_server the packet type.
+## Relabel packets to couchdb_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -17748,12 +18191,12 @@ interface(`corenet_dontaudit_sendrecv_dhcpd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dhcpd_server_packets',`
+interface(`corenet_relabelto_couchdb_server_packets',`
gen_require(`
- type dhcpd_server_packet_t;
+ type couchdb_server_packet_t;
')
- allow $1 dhcpd_server_packet_t:packet relabelto;
+ allow $1 couchdb_server_packet_t:packet relabelto;
')
@@ -17761,7 +18204,7 @@ interface(`corenet_relabelto_dhcpd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dict port.
+## Send and receive TCP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17770,17 +18213,17 @@ interface(`corenet_relabelto_dhcpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dict_port',`
+interface(`corenet_tcp_sendrecv_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cslistener_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dict port.
+## Send UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17789,17 +18232,17 @@ interface(`corenet_tcp_sendrecv_dict_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dict_port',`
+interface(`corenet_udp_send_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:udp_socket send_msg;
+ allow $1 cslistener_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dict port.
+## Do not audit attempts to send UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17808,17 +18251,17 @@ interface(`corenet_udp_send_dict_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dict_port',`
+interface(`corenet_dontaudit_udp_send_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- dontaudit $1 dict_port_t:udp_socket send_msg;
+ dontaudit $1 cslistener_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dict port.
+## Receive UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17827,17 +18270,17 @@ interface(`corenet_dontaudit_udp_send_dict_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dict_port',`
+interface(`corenet_udp_receive_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:udp_socket recv_msg;
+ allow $1 cslistener_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dict port.
+## Do not audit attempts to receive UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17846,17 +18289,17 @@ interface(`corenet_udp_receive_dict_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dict_port',`
+interface(`corenet_dontaudit_udp_receive_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- dontaudit $1 dict_port_t:udp_socket recv_msg;
+ dontaudit $1 cslistener_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dict port.
+## Send and receive UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17865,15 +18308,15 @@ interface(`corenet_dontaudit_udp_receive_dict_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dict_port',`
- corenet_udp_send_dict_port($1)
- corenet_udp_receive_dict_port($1)
+interface(`corenet_udp_sendrecv_cslistener_port',`
+ corenet_udp_send_cslistener_port($1)
+ corenet_udp_receive_cslistener_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dict port.
+## UDP traffic on the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17882,14 +18325,14 @@ interface(`corenet_udp_sendrecv_dict_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dict_port',`
- corenet_dontaudit_udp_send_dict_port($1)
- corenet_dontaudit_udp_receive_dict_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cslistener_port',`
+ corenet_dontaudit_udp_send_cslistener_port($1)
+ corenet_dontaudit_udp_receive_cslistener_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dict port.
+## Bind TCP sockets to the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17898,18 +18341,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dict_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dict_port',`
+interface(`corenet_tcp_bind_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:tcp_socket name_bind;
+ allow $1 cslistener_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the dict port.
+## Bind UDP sockets to the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17918,18 +18361,18 @@ interface(`corenet_tcp_bind_dict_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dict_port',`
+interface(`corenet_udp_bind_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:udp_socket name_bind;
+ allow $1 cslistener_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the dict port.
+## Make a TCP connection to the cslistener port.
## </summary>
## <param name="domain">
## <summary>
@@ -17937,18 +18380,18 @@ interface(`corenet_udp_bind_dict_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dict_port',`
+interface(`corenet_tcp_connect_cslistener_port',`
gen_require(`
- type dict_port_t;
+ type cslistener_port_t;
')
- allow $1 dict_port_t:tcp_socket name_connect;
+ allow $1 cslistener_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dict_client packets.
+## Send cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17957,17 +18400,17 @@ interface(`corenet_tcp_connect_dict_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dict_client_packets',`
+interface(`corenet_send_cslistener_client_packets',`
gen_require(`
- type dict_client_packet_t;
+ type cslistener_client_packet_t;
')
- allow $1 dict_client_packet_t:packet send;
+ allow $1 cslistener_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dict_client packets.
+## Do not audit attempts to send cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17976,17 +18419,17 @@ interface(`corenet_send_dict_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dict_client_packets',`
+interface(`corenet_dontaudit_send_cslistener_client_packets',`
gen_require(`
- type dict_client_packet_t;
+ type cslistener_client_packet_t;
')
- dontaudit $1 dict_client_packet_t:packet send;
+ dontaudit $1 cslistener_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dict_client packets.
+## Receive cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -17995,17 +18438,17 @@ interface(`corenet_dontaudit_send_dict_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dict_client_packets',`
+interface(`corenet_receive_cslistener_client_packets',`
gen_require(`
- type dict_client_packet_t;
+ type cslistener_client_packet_t;
')
- allow $1 dict_client_packet_t:packet recv;
+ allow $1 cslistener_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dict_client packets.
+## Do not audit attempts to receive cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18014,17 +18457,17 @@ interface(`corenet_receive_dict_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dict_client_packets',`
+interface(`corenet_dontaudit_receive_cslistener_client_packets',`
gen_require(`
- type dict_client_packet_t;
+ type cslistener_client_packet_t;
')
- dontaudit $1 dict_client_packet_t:packet recv;
+ dontaudit $1 cslistener_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dict_client packets.
+## Send and receive cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18033,14 +18476,14 @@ interface(`corenet_dontaudit_receive_dict_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dict_client_packets',`
- corenet_send_dict_client_packets($1)
- corenet_receive_dict_client_packets($1)
+interface(`corenet_sendrecv_cslistener_client_packets',`
+ corenet_send_cslistener_client_packets($1)
+ corenet_receive_cslistener_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dict_client packets.
+## Do not audit attempts to send and receive cslistener_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18049,14 +18492,14 @@ interface(`corenet_sendrecv_dict_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dict_client_packets',`
- corenet_dontaudit_send_dict_client_packets($1)
- corenet_dontaudit_receive_dict_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cslistener_client_packets',`
+ corenet_dontaudit_send_cslistener_client_packets($1)
+ corenet_dontaudit_receive_cslistener_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dict_client the packet type.
+## Relabel packets to cslistener_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -18064,18 +18507,18 @@ interface(`corenet_dontaudit_sendrecv_dict_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dict_client_packets',`
+interface(`corenet_relabelto_cslistener_client_packets',`
gen_require(`
- type dict_client_packet_t;
+ type cslistener_client_packet_t;
')
- allow $1 dict_client_packet_t:packet relabelto;
+ allow $1 cslistener_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dict_server packets.
+## Send cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18084,17 +18527,17 @@ interface(`corenet_relabelto_dict_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dict_server_packets',`
+interface(`corenet_send_cslistener_server_packets',`
gen_require(`
- type dict_server_packet_t;
+ type cslistener_server_packet_t;
')
- allow $1 dict_server_packet_t:packet send;
+ allow $1 cslistener_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dict_server packets.
+## Do not audit attempts to send cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18103,17 +18546,17 @@ interface(`corenet_send_dict_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dict_server_packets',`
+interface(`corenet_dontaudit_send_cslistener_server_packets',`
gen_require(`
- type dict_server_packet_t;
+ type cslistener_server_packet_t;
')
- dontaudit $1 dict_server_packet_t:packet send;
+ dontaudit $1 cslistener_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dict_server packets.
+## Receive cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18122,17 +18565,17 @@ interface(`corenet_dontaudit_send_dict_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dict_server_packets',`
+interface(`corenet_receive_cslistener_server_packets',`
gen_require(`
- type dict_server_packet_t;
+ type cslistener_server_packet_t;
')
- allow $1 dict_server_packet_t:packet recv;
+ allow $1 cslistener_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dict_server packets.
+## Do not audit attempts to receive cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18141,17 +18584,17 @@ interface(`corenet_receive_dict_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dict_server_packets',`
+interface(`corenet_dontaudit_receive_cslistener_server_packets',`
gen_require(`
- type dict_server_packet_t;
+ type cslistener_server_packet_t;
')
- dontaudit $1 dict_server_packet_t:packet recv;
+ dontaudit $1 cslistener_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dict_server packets.
+## Send and receive cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18160,14 +18603,14 @@ interface(`corenet_dontaudit_receive_dict_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dict_server_packets',`
- corenet_send_dict_server_packets($1)
- corenet_receive_dict_server_packets($1)
+interface(`corenet_sendrecv_cslistener_server_packets',`
+ corenet_send_cslistener_server_packets($1)
+ corenet_receive_cslistener_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dict_server packets.
+## Do not audit attempts to send and receive cslistener_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18176,14 +18619,14 @@ interface(`corenet_sendrecv_dict_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dict_server_packets',`
- corenet_dontaudit_send_dict_server_packets($1)
- corenet_dontaudit_receive_dict_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cslistener_server_packets',`
+ corenet_dontaudit_send_cslistener_server_packets($1)
+ corenet_dontaudit_receive_cslistener_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dict_server the packet type.
+## Relabel packets to cslistener_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -18191,12 +18634,12 @@ interface(`corenet_dontaudit_sendrecv_dict_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dict_server_packets',`
+interface(`corenet_relabelto_cslistener_server_packets',`
gen_require(`
- type dict_server_packet_t;
+ type cslistener_server_packet_t;
')
- allow $1 dict_server_packet_t:packet relabelto;
+ allow $1 cslistener_server_packet_t:packet relabelto;
')
@@ -18204,7 +18647,7 @@ interface(`corenet_relabelto_dict_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the distccd port.
+## Send and receive TCP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18213,17 +18656,17 @@ interface(`corenet_relabelto_dict_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_distccd_port',`
+interface(`corenet_tcp_sendrecv_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ctdb_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the distccd port.
+## Send UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18232,17 +18675,17 @@ interface(`corenet_tcp_sendrecv_distccd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_distccd_port',`
+interface(`corenet_udp_send_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:udp_socket send_msg;
+ allow $1 ctdb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the distccd port.
+## Do not audit attempts to send UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18251,17 +18694,17 @@ interface(`corenet_udp_send_distccd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_distccd_port',`
+interface(`corenet_dontaudit_udp_send_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- dontaudit $1 distccd_port_t:udp_socket send_msg;
+ dontaudit $1 ctdb_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the distccd port.
+## Receive UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18270,17 +18713,17 @@ interface(`corenet_dontaudit_udp_send_distccd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_distccd_port',`
+interface(`corenet_udp_receive_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:udp_socket recv_msg;
+ allow $1 ctdb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the distccd port.
+## Do not audit attempts to receive UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18289,17 +18732,17 @@ interface(`corenet_udp_receive_distccd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_distccd_port',`
+interface(`corenet_dontaudit_udp_receive_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- dontaudit $1 distccd_port_t:udp_socket recv_msg;
+ dontaudit $1 ctdb_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the distccd port.
+## Send and receive UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18308,15 +18751,15 @@ interface(`corenet_dontaudit_udp_receive_distccd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_distccd_port',`
- corenet_udp_send_distccd_port($1)
- corenet_udp_receive_distccd_port($1)
+interface(`corenet_udp_sendrecv_ctdb_port',`
+ corenet_udp_send_ctdb_port($1)
+ corenet_udp_receive_ctdb_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the distccd port.
+## UDP traffic on the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18325,14 +18768,14 @@ interface(`corenet_udp_sendrecv_distccd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_distccd_port',`
- corenet_dontaudit_udp_send_distccd_port($1)
- corenet_dontaudit_udp_receive_distccd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ctdb_port',`
+ corenet_dontaudit_udp_send_ctdb_port($1)
+ corenet_dontaudit_udp_receive_ctdb_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the distccd port.
+## Bind TCP sockets to the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18341,18 +18784,18 @@ interface(`corenet_dontaudit_udp_sendrecv_distccd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_distccd_port',`
+interface(`corenet_tcp_bind_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:tcp_socket name_bind;
+ allow $1 ctdb_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the distccd port.
+## Bind UDP sockets to the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18361,18 +18804,18 @@ interface(`corenet_tcp_bind_distccd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_distccd_port',`
+interface(`corenet_udp_bind_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:udp_socket name_bind;
+ allow $1 ctdb_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the distccd port.
+## Make a TCP connection to the ctdb port.
## </summary>
## <param name="domain">
## <summary>
@@ -18380,18 +18823,18 @@ interface(`corenet_udp_bind_distccd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_distccd_port',`
+interface(`corenet_tcp_connect_ctdb_port',`
gen_require(`
- type distccd_port_t;
+ type ctdb_port_t;
')
- allow $1 distccd_port_t:tcp_socket name_connect;
+ allow $1 ctdb_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send distccd_client packets.
+## Send ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18400,17 +18843,17 @@ interface(`corenet_tcp_connect_distccd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_distccd_client_packets',`
+interface(`corenet_send_ctdb_client_packets',`
gen_require(`
- type distccd_client_packet_t;
+ type ctdb_client_packet_t;
')
- allow $1 distccd_client_packet_t:packet send;
+ allow $1 ctdb_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send distccd_client packets.
+## Do not audit attempts to send ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18419,17 +18862,17 @@ interface(`corenet_send_distccd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_distccd_client_packets',`
+interface(`corenet_dontaudit_send_ctdb_client_packets',`
gen_require(`
- type distccd_client_packet_t;
+ type ctdb_client_packet_t;
')
- dontaudit $1 distccd_client_packet_t:packet send;
+ dontaudit $1 ctdb_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive distccd_client packets.
+## Receive ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18438,17 +18881,17 @@ interface(`corenet_dontaudit_send_distccd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_distccd_client_packets',`
+interface(`corenet_receive_ctdb_client_packets',`
gen_require(`
- type distccd_client_packet_t;
+ type ctdb_client_packet_t;
')
- allow $1 distccd_client_packet_t:packet recv;
+ allow $1 ctdb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive distccd_client packets.
+## Do not audit attempts to receive ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18457,17 +18900,17 @@ interface(`corenet_receive_distccd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_distccd_client_packets',`
+interface(`corenet_dontaudit_receive_ctdb_client_packets',`
gen_require(`
- type distccd_client_packet_t;
+ type ctdb_client_packet_t;
')
- dontaudit $1 distccd_client_packet_t:packet recv;
+ dontaudit $1 ctdb_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive distccd_client packets.
+## Send and receive ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18476,14 +18919,14 @@ interface(`corenet_dontaudit_receive_distccd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_distccd_client_packets',`
- corenet_send_distccd_client_packets($1)
- corenet_receive_distccd_client_packets($1)
+interface(`corenet_sendrecv_ctdb_client_packets',`
+ corenet_send_ctdb_client_packets($1)
+ corenet_receive_ctdb_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive distccd_client packets.
+## Do not audit attempts to send and receive ctdb_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18492,14 +18935,14 @@ interface(`corenet_sendrecv_distccd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_distccd_client_packets',`
- corenet_dontaudit_send_distccd_client_packets($1)
- corenet_dontaudit_receive_distccd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ctdb_client_packets',`
+ corenet_dontaudit_send_ctdb_client_packets($1)
+ corenet_dontaudit_receive_ctdb_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to distccd_client the packet type.
+## Relabel packets to ctdb_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -18507,18 +18950,18 @@ interface(`corenet_dontaudit_sendrecv_distccd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_distccd_client_packets',`
+interface(`corenet_relabelto_ctdb_client_packets',`
gen_require(`
- type distccd_client_packet_t;
+ type ctdb_client_packet_t;
')
- allow $1 distccd_client_packet_t:packet relabelto;
+ allow $1 ctdb_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send distccd_server packets.
+## Send ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18527,17 +18970,17 @@ interface(`corenet_relabelto_distccd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_distccd_server_packets',`
+interface(`corenet_send_ctdb_server_packets',`
gen_require(`
- type distccd_server_packet_t;
+ type ctdb_server_packet_t;
')
- allow $1 distccd_server_packet_t:packet send;
+ allow $1 ctdb_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send distccd_server packets.
+## Do not audit attempts to send ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18546,17 +18989,17 @@ interface(`corenet_send_distccd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_distccd_server_packets',`
+interface(`corenet_dontaudit_send_ctdb_server_packets',`
gen_require(`
- type distccd_server_packet_t;
+ type ctdb_server_packet_t;
')
- dontaudit $1 distccd_server_packet_t:packet send;
+ dontaudit $1 ctdb_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive distccd_server packets.
+## Receive ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18565,17 +19008,17 @@ interface(`corenet_dontaudit_send_distccd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_distccd_server_packets',`
+interface(`corenet_receive_ctdb_server_packets',`
gen_require(`
- type distccd_server_packet_t;
+ type ctdb_server_packet_t;
')
- allow $1 distccd_server_packet_t:packet recv;
+ allow $1 ctdb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive distccd_server packets.
+## Do not audit attempts to receive ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18584,17 +19027,17 @@ interface(`corenet_receive_distccd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_distccd_server_packets',`
+interface(`corenet_dontaudit_receive_ctdb_server_packets',`
gen_require(`
- type distccd_server_packet_t;
+ type ctdb_server_packet_t;
')
- dontaudit $1 distccd_server_packet_t:packet recv;
+ dontaudit $1 ctdb_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive distccd_server packets.
+## Send and receive ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18603,14 +19046,14 @@ interface(`corenet_dontaudit_receive_distccd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_distccd_server_packets',`
- corenet_send_distccd_server_packets($1)
- corenet_receive_distccd_server_packets($1)
+interface(`corenet_sendrecv_ctdb_server_packets',`
+ corenet_send_ctdb_server_packets($1)
+ corenet_receive_ctdb_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive distccd_server packets.
+## Do not audit attempts to send and receive ctdb_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18619,14 +19062,14 @@ interface(`corenet_sendrecv_distccd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_distccd_server_packets',`
- corenet_dontaudit_send_distccd_server_packets($1)
- corenet_dontaudit_receive_distccd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ctdb_server_packets',`
+ corenet_dontaudit_send_ctdb_server_packets($1)
+ corenet_dontaudit_receive_ctdb_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to distccd_server the packet type.
+## Relabel packets to ctdb_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -18634,12 +19077,12 @@ interface(`corenet_dontaudit_sendrecv_distccd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_distccd_server_packets',`
+interface(`corenet_relabelto_ctdb_server_packets',`
gen_require(`
- type distccd_server_packet_t;
+ type ctdb_server_packet_t;
')
- allow $1 distccd_server_packet_t:packet relabelto;
+ allow $1 ctdb_server_packet_t:packet relabelto;
')
@@ -18647,7 +19090,7 @@ interface(`corenet_relabelto_distccd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the dns port.
+## Send and receive TCP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18656,17 +19099,17 @@ interface(`corenet_relabelto_distccd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_dns_port',`
+interface(`corenet_tcp_sendrecv_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cvs_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the dns port.
+## Send UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18675,17 +19118,17 @@ interface(`corenet_tcp_sendrecv_dns_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_dns_port',`
+interface(`corenet_udp_send_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:udp_socket send_msg;
+ allow $1 cvs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the dns port.
+## Do not audit attempts to send UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18694,17 +19137,17 @@ interface(`corenet_udp_send_dns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_dns_port',`
+interface(`corenet_dontaudit_udp_send_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- dontaudit $1 dns_port_t:udp_socket send_msg;
+ dontaudit $1 cvs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the dns port.
+## Receive UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18713,17 +19156,17 @@ interface(`corenet_dontaudit_udp_send_dns_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_dns_port',`
+interface(`corenet_udp_receive_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:udp_socket recv_msg;
+ allow $1 cvs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the dns port.
+## Do not audit attempts to receive UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18732,17 +19175,17 @@ interface(`corenet_udp_receive_dns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_dns_port',`
+interface(`corenet_dontaudit_udp_receive_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- dontaudit $1 dns_port_t:udp_socket recv_msg;
+ dontaudit $1 cvs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the dns port.
+## Send and receive UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18751,15 +19194,15 @@ interface(`corenet_dontaudit_udp_receive_dns_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_dns_port',`
- corenet_udp_send_dns_port($1)
- corenet_udp_receive_dns_port($1)
+interface(`corenet_udp_sendrecv_cvs_port',`
+ corenet_udp_send_cvs_port($1)
+ corenet_udp_receive_cvs_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the dns port.
+## UDP traffic on the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18768,14 +19211,14 @@ interface(`corenet_udp_sendrecv_dns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_dns_port',`
- corenet_dontaudit_udp_send_dns_port($1)
- corenet_dontaudit_udp_receive_dns_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cvs_port',`
+ corenet_dontaudit_udp_send_cvs_port($1)
+ corenet_dontaudit_udp_receive_cvs_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the dns port.
+## Bind TCP sockets to the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18784,18 +19227,18 @@ interface(`corenet_dontaudit_udp_sendrecv_dns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_dns_port',`
+interface(`corenet_tcp_bind_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 cvs_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the dns port.
+## Bind UDP sockets to the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18804,18 +19247,18 @@ interface(`corenet_tcp_bind_dns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_dns_port',`
+interface(`corenet_udp_bind_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 cvs_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the dns port.
+## Make a TCP connection to the cvs port.
## </summary>
## <param name="domain">
## <summary>
@@ -18823,18 +19266,18 @@ interface(`corenet_udp_bind_dns_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_dns_port',`
+interface(`corenet_tcp_connect_cvs_port',`
gen_require(`
- type dns_port_t;
+ type cvs_port_t;
')
- allow $1 dns_port_t:tcp_socket name_connect;
+ allow $1 cvs_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send dns_client packets.
+## Send cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18843,17 +19286,17 @@ interface(`corenet_tcp_connect_dns_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dns_client_packets',`
+interface(`corenet_send_cvs_client_packets',`
gen_require(`
- type dns_client_packet_t;
+ type cvs_client_packet_t;
')
- allow $1 dns_client_packet_t:packet send;
+ allow $1 cvs_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dns_client packets.
+## Do not audit attempts to send cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18862,17 +19305,17 @@ interface(`corenet_send_dns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dns_client_packets',`
+interface(`corenet_dontaudit_send_cvs_client_packets',`
gen_require(`
- type dns_client_packet_t;
+ type cvs_client_packet_t;
')
- dontaudit $1 dns_client_packet_t:packet send;
+ dontaudit $1 cvs_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive dns_client packets.
+## Receive cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18881,17 +19324,17 @@ interface(`corenet_dontaudit_send_dns_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dns_client_packets',`
+interface(`corenet_receive_cvs_client_packets',`
gen_require(`
- type dns_client_packet_t;
+ type cvs_client_packet_t;
')
- allow $1 dns_client_packet_t:packet recv;
+ allow $1 cvs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dns_client packets.
+## Do not audit attempts to receive cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18900,17 +19343,17 @@ interface(`corenet_receive_dns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dns_client_packets',`
+interface(`corenet_dontaudit_receive_cvs_client_packets',`
gen_require(`
- type dns_client_packet_t;
+ type cvs_client_packet_t;
')
- dontaudit $1 dns_client_packet_t:packet recv;
+ dontaudit $1 cvs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dns_client packets.
+## Send and receive cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18919,14 +19362,14 @@ interface(`corenet_dontaudit_receive_dns_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dns_client_packets',`
- corenet_send_dns_client_packets($1)
- corenet_receive_dns_client_packets($1)
+interface(`corenet_sendrecv_cvs_client_packets',`
+ corenet_send_cvs_client_packets($1)
+ corenet_receive_cvs_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dns_client packets.
+## Do not audit attempts to send and receive cvs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18935,14 +19378,14 @@ interface(`corenet_sendrecv_dns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dns_client_packets',`
- corenet_dontaudit_send_dns_client_packets($1)
- corenet_dontaudit_receive_dns_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cvs_client_packets',`
+ corenet_dontaudit_send_cvs_client_packets($1)
+ corenet_dontaudit_receive_cvs_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to dns_client the packet type.
+## Relabel packets to cvs_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -18950,18 +19393,18 @@ interface(`corenet_dontaudit_sendrecv_dns_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dns_client_packets',`
+interface(`corenet_relabelto_cvs_client_packets',`
gen_require(`
- type dns_client_packet_t;
+ type cvs_client_packet_t;
')
- allow $1 dns_client_packet_t:packet relabelto;
+ allow $1 cvs_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send dns_server packets.
+## Send cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18970,17 +19413,17 @@ interface(`corenet_relabelto_dns_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_dns_server_packets',`
+interface(`corenet_send_cvs_server_packets',`
gen_require(`
- type dns_server_packet_t;
+ type cvs_server_packet_t;
')
- allow $1 dns_server_packet_t:packet send;
+ allow $1 cvs_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send dns_server packets.
+## Do not audit attempts to send cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -18989,17 +19432,17 @@ interface(`corenet_send_dns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_dns_server_packets',`
+interface(`corenet_dontaudit_send_cvs_server_packets',`
gen_require(`
- type dns_server_packet_t;
+ type cvs_server_packet_t;
')
- dontaudit $1 dns_server_packet_t:packet send;
+ dontaudit $1 cvs_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive dns_server packets.
+## Receive cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19008,17 +19451,17 @@ interface(`corenet_dontaudit_send_dns_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_dns_server_packets',`
+interface(`corenet_receive_cvs_server_packets',`
gen_require(`
- type dns_server_packet_t;
+ type cvs_server_packet_t;
')
- allow $1 dns_server_packet_t:packet recv;
+ allow $1 cvs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive dns_server packets.
+## Do not audit attempts to receive cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19027,17 +19470,17 @@ interface(`corenet_receive_dns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_dns_server_packets',`
+interface(`corenet_dontaudit_receive_cvs_server_packets',`
gen_require(`
- type dns_server_packet_t;
+ type cvs_server_packet_t;
')
- dontaudit $1 dns_server_packet_t:packet recv;
+ dontaudit $1 cvs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive dns_server packets.
+## Send and receive cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19046,14 +19489,14 @@ interface(`corenet_dontaudit_receive_dns_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_dns_server_packets',`
- corenet_send_dns_server_packets($1)
- corenet_receive_dns_server_packets($1)
+interface(`corenet_sendrecv_cvs_server_packets',`
+ corenet_send_cvs_server_packets($1)
+ corenet_receive_cvs_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive dns_server packets.
+## Do not audit attempts to send and receive cvs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19062,14 +19505,14 @@ interface(`corenet_sendrecv_dns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_dns_server_packets',`
- corenet_dontaudit_send_dns_server_packets($1)
- corenet_dontaudit_receive_dns_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cvs_server_packets',`
+ corenet_dontaudit_send_cvs_server_packets($1)
+ corenet_dontaudit_receive_cvs_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to dns_server the packet type.
+## Relabel packets to cvs_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -19077,12 +19520,12 @@ interface(`corenet_dontaudit_sendrecv_dns_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_dns_server_packets',`
+interface(`corenet_relabelto_cvs_server_packets',`
gen_require(`
- type dns_server_packet_t;
+ type cvs_server_packet_t;
')
- allow $1 dns_server_packet_t:packet relabelto;
+ allow $1 cvs_server_packet_t:packet relabelto;
')
@@ -19090,7 +19533,7 @@ interface(`corenet_relabelto_dns_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the epmap port.
+## Send and receive TCP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19099,17 +19542,17 @@ interface(`corenet_relabelto_dns_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_epmap_port',`
+interface(`corenet_tcp_sendrecv_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 cyphesis_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the epmap port.
+## Send UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19118,17 +19561,17 @@ interface(`corenet_tcp_sendrecv_epmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_epmap_port',`
+interface(`corenet_udp_send_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:udp_socket send_msg;
+ allow $1 cyphesis_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the epmap port.
+## Do not audit attempts to send UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19137,17 +19580,17 @@ interface(`corenet_udp_send_epmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_epmap_port',`
+interface(`corenet_dontaudit_udp_send_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- dontaudit $1 epmap_port_t:udp_socket send_msg;
+ dontaudit $1 cyphesis_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the epmap port.
+## Receive UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19156,17 +19599,17 @@ interface(`corenet_dontaudit_udp_send_epmap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_epmap_port',`
+interface(`corenet_udp_receive_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:udp_socket recv_msg;
+ allow $1 cyphesis_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the epmap port.
+## Do not audit attempts to receive UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19175,17 +19618,17 @@ interface(`corenet_udp_receive_epmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_epmap_port',`
+interface(`corenet_dontaudit_udp_receive_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- dontaudit $1 epmap_port_t:udp_socket recv_msg;
+ dontaudit $1 cyphesis_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the epmap port.
+## Send and receive UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19194,15 +19637,15 @@ interface(`corenet_dontaudit_udp_receive_epmap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_epmap_port',`
- corenet_udp_send_epmap_port($1)
- corenet_udp_receive_epmap_port($1)
+interface(`corenet_udp_sendrecv_cyphesis_port',`
+ corenet_udp_send_cyphesis_port($1)
+ corenet_udp_receive_cyphesis_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the epmap port.
+## UDP traffic on the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19211,14 +19654,14 @@ interface(`corenet_udp_sendrecv_epmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_epmap_port',`
- corenet_dontaudit_udp_send_epmap_port($1)
- corenet_dontaudit_udp_receive_epmap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_cyphesis_port',`
+ corenet_dontaudit_udp_send_cyphesis_port($1)
+ corenet_dontaudit_udp_receive_cyphesis_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the epmap port.
+## Bind TCP sockets to the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19227,18 +19670,18 @@ interface(`corenet_dontaudit_udp_sendrecv_epmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_epmap_port',`
+interface(`corenet_tcp_bind_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:tcp_socket name_bind;
+ allow $1 cyphesis_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the epmap port.
+## Bind UDP sockets to the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19247,18 +19690,18 @@ interface(`corenet_tcp_bind_epmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_epmap_port',`
+interface(`corenet_udp_bind_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:udp_socket name_bind;
+ allow $1 cyphesis_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the epmap port.
+## Make a TCP connection to the cyphesis port.
## </summary>
## <param name="domain">
## <summary>
@@ -19266,18 +19709,18 @@ interface(`corenet_udp_bind_epmap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_epmap_port',`
+interface(`corenet_tcp_connect_cyphesis_port',`
gen_require(`
- type epmap_port_t;
+ type cyphesis_port_t;
')
- allow $1 epmap_port_t:tcp_socket name_connect;
+ allow $1 cyphesis_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send epmap_client packets.
+## Send cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19286,17 +19729,17 @@ interface(`corenet_tcp_connect_epmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_epmap_client_packets',`
+interface(`corenet_send_cyphesis_client_packets',`
gen_require(`
- type epmap_client_packet_t;
+ type cyphesis_client_packet_t;
')
- allow $1 epmap_client_packet_t:packet send;
+ allow $1 cyphesis_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send epmap_client packets.
+## Do not audit attempts to send cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19305,17 +19748,17 @@ interface(`corenet_send_epmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_epmap_client_packets',`
+interface(`corenet_dontaudit_send_cyphesis_client_packets',`
gen_require(`
- type epmap_client_packet_t;
+ type cyphesis_client_packet_t;
')
- dontaudit $1 epmap_client_packet_t:packet send;
+ dontaudit $1 cyphesis_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive epmap_client packets.
+## Receive cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19324,17 +19767,17 @@ interface(`corenet_dontaudit_send_epmap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_epmap_client_packets',`
+interface(`corenet_receive_cyphesis_client_packets',`
gen_require(`
- type epmap_client_packet_t;
+ type cyphesis_client_packet_t;
')
- allow $1 epmap_client_packet_t:packet recv;
+ allow $1 cyphesis_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive epmap_client packets.
+## Do not audit attempts to receive cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19343,17 +19786,17 @@ interface(`corenet_receive_epmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_epmap_client_packets',`
+interface(`corenet_dontaudit_receive_cyphesis_client_packets',`
gen_require(`
- type epmap_client_packet_t;
+ type cyphesis_client_packet_t;
')
- dontaudit $1 epmap_client_packet_t:packet recv;
+ dontaudit $1 cyphesis_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive epmap_client packets.
+## Send and receive cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19362,14 +19805,14 @@ interface(`corenet_dontaudit_receive_epmap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_epmap_client_packets',`
- corenet_send_epmap_client_packets($1)
- corenet_receive_epmap_client_packets($1)
+interface(`corenet_sendrecv_cyphesis_client_packets',`
+ corenet_send_cyphesis_client_packets($1)
+ corenet_receive_cyphesis_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive epmap_client packets.
+## Do not audit attempts to send and receive cyphesis_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19378,14 +19821,14 @@ interface(`corenet_sendrecv_epmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_epmap_client_packets',`
- corenet_dontaudit_send_epmap_client_packets($1)
- corenet_dontaudit_receive_epmap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_cyphesis_client_packets',`
+ corenet_dontaudit_send_cyphesis_client_packets($1)
+ corenet_dontaudit_receive_cyphesis_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to epmap_client the packet type.
+## Relabel packets to cyphesis_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -19393,18 +19836,18 @@ interface(`corenet_dontaudit_sendrecv_epmap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_epmap_client_packets',`
+interface(`corenet_relabelto_cyphesis_client_packets',`
gen_require(`
- type epmap_client_packet_t;
+ type cyphesis_client_packet_t;
')
- allow $1 epmap_client_packet_t:packet relabelto;
+ allow $1 cyphesis_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send epmap_server packets.
+## Send cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19413,17 +19856,17 @@ interface(`corenet_relabelto_epmap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_epmap_server_packets',`
+interface(`corenet_send_cyphesis_server_packets',`
gen_require(`
- type epmap_server_packet_t;
+ type cyphesis_server_packet_t;
')
- allow $1 epmap_server_packet_t:packet send;
+ allow $1 cyphesis_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send epmap_server packets.
+## Do not audit attempts to send cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19432,17 +19875,17 @@ interface(`corenet_send_epmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_epmap_server_packets',`
+interface(`corenet_dontaudit_send_cyphesis_server_packets',`
gen_require(`
- type epmap_server_packet_t;
+ type cyphesis_server_packet_t;
')
- dontaudit $1 epmap_server_packet_t:packet send;
+ dontaudit $1 cyphesis_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive epmap_server packets.
+## Receive cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19451,17 +19894,17 @@ interface(`corenet_dontaudit_send_epmap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_epmap_server_packets',`
+interface(`corenet_receive_cyphesis_server_packets',`
gen_require(`
- type epmap_server_packet_t;
+ type cyphesis_server_packet_t;
')
- allow $1 epmap_server_packet_t:packet recv;
+ allow $1 cyphesis_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive epmap_server packets.
+## Do not audit attempts to receive cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19470,17 +19913,17 @@ interface(`corenet_receive_epmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_epmap_server_packets',`
+interface(`corenet_dontaudit_receive_cyphesis_server_packets',`
gen_require(`
- type epmap_server_packet_t;
+ type cyphesis_server_packet_t;
')
- dontaudit $1 epmap_server_packet_t:packet recv;
+ dontaudit $1 cyphesis_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive epmap_server packets.
+## Send and receive cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19489,14 +19932,14 @@ interface(`corenet_dontaudit_receive_epmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_epmap_server_packets',`
- corenet_send_epmap_server_packets($1)
- corenet_receive_epmap_server_packets($1)
+interface(`corenet_sendrecv_cyphesis_server_packets',`
+ corenet_send_cyphesis_server_packets($1)
+ corenet_receive_cyphesis_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive epmap_server packets.
+## Do not audit attempts to send and receive cyphesis_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19505,14 +19948,14 @@ interface(`corenet_sendrecv_epmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_epmap_server_packets',`
- corenet_dontaudit_send_epmap_server_packets($1)
- corenet_dontaudit_receive_epmap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_cyphesis_server_packets',`
+ corenet_dontaudit_send_cyphesis_server_packets($1)
+ corenet_dontaudit_receive_cyphesis_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to epmap_server the packet type.
+## Relabel packets to cyphesis_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -19520,12 +19963,12 @@ interface(`corenet_dontaudit_sendrecv_epmap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_epmap_server_packets',`
+interface(`corenet_relabelto_cyphesis_server_packets',`
gen_require(`
- type epmap_server_packet_t;
+ type cyphesis_server_packet_t;
')
- allow $1 epmap_server_packet_t:packet relabelto;
+ allow $1 cyphesis_server_packet_t:packet relabelto;
')
@@ -19533,7 +19976,7 @@ interface(`corenet_relabelto_epmap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the fingerd port.
+## Send and receive TCP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19542,17 +19985,17 @@ interface(`corenet_relabelto_epmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_fingerd_port',`
+interface(`corenet_tcp_sendrecv_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 daap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the fingerd port.
+## Send UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19561,17 +20004,17 @@ interface(`corenet_tcp_sendrecv_fingerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_fingerd_port',`
+interface(`corenet_udp_send_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:udp_socket send_msg;
+ allow $1 daap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the fingerd port.
+## Do not audit attempts to send UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19580,17 +20023,17 @@ interface(`corenet_udp_send_fingerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_fingerd_port',`
+interface(`corenet_dontaudit_udp_send_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- dontaudit $1 fingerd_port_t:udp_socket send_msg;
+ dontaudit $1 daap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the fingerd port.
+## Receive UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19599,17 +20042,17 @@ interface(`corenet_dontaudit_udp_send_fingerd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_fingerd_port',`
+interface(`corenet_udp_receive_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:udp_socket recv_msg;
+ allow $1 daap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the fingerd port.
+## Do not audit attempts to receive UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19618,17 +20061,17 @@ interface(`corenet_udp_receive_fingerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_fingerd_port',`
+interface(`corenet_dontaudit_udp_receive_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- dontaudit $1 fingerd_port_t:udp_socket recv_msg;
+ dontaudit $1 daap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the fingerd port.
+## Send and receive UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19637,15 +20080,15 @@ interface(`corenet_dontaudit_udp_receive_fingerd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_fingerd_port',`
- corenet_udp_send_fingerd_port($1)
- corenet_udp_receive_fingerd_port($1)
+interface(`corenet_udp_sendrecv_daap_port',`
+ corenet_udp_send_daap_port($1)
+ corenet_udp_receive_daap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the fingerd port.
+## UDP traffic on the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19654,14 +20097,14 @@ interface(`corenet_udp_sendrecv_fingerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_fingerd_port',`
- corenet_dontaudit_udp_send_fingerd_port($1)
- corenet_dontaudit_udp_receive_fingerd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_daap_port',`
+ corenet_dontaudit_udp_send_daap_port($1)
+ corenet_dontaudit_udp_receive_daap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the fingerd port.
+## Bind TCP sockets to the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19670,18 +20113,18 @@ interface(`corenet_dontaudit_udp_sendrecv_fingerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_fingerd_port',`
+interface(`corenet_tcp_bind_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 daap_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the fingerd port.
+## Bind UDP sockets to the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19690,18 +20133,18 @@ interface(`corenet_tcp_bind_fingerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_fingerd_port',`
+interface(`corenet_udp_bind_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 daap_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the fingerd port.
+## Make a TCP connection to the daap port.
## </summary>
## <param name="domain">
## <summary>
@@ -19709,18 +20152,18 @@ interface(`corenet_udp_bind_fingerd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_fingerd_port',`
+interface(`corenet_tcp_connect_daap_port',`
gen_require(`
- type fingerd_port_t;
+ type daap_port_t;
')
- allow $1 fingerd_port_t:tcp_socket name_connect;
+ allow $1 daap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send fingerd_client packets.
+## Send daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19729,17 +20172,17 @@ interface(`corenet_tcp_connect_fingerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_fingerd_client_packets',`
+interface(`corenet_send_daap_client_packets',`
gen_require(`
- type fingerd_client_packet_t;
+ type daap_client_packet_t;
')
- allow $1 fingerd_client_packet_t:packet send;
+ allow $1 daap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send fingerd_client packets.
+## Do not audit attempts to send daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19748,17 +20191,17 @@ interface(`corenet_send_fingerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_fingerd_client_packets',`
+interface(`corenet_dontaudit_send_daap_client_packets',`
gen_require(`
- type fingerd_client_packet_t;
+ type daap_client_packet_t;
')
- dontaudit $1 fingerd_client_packet_t:packet send;
+ dontaudit $1 daap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive fingerd_client packets.
+## Receive daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19767,17 +20210,17 @@ interface(`corenet_dontaudit_send_fingerd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_fingerd_client_packets',`
+interface(`corenet_receive_daap_client_packets',`
gen_require(`
- type fingerd_client_packet_t;
+ type daap_client_packet_t;
')
- allow $1 fingerd_client_packet_t:packet recv;
+ allow $1 daap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive fingerd_client packets.
+## Do not audit attempts to receive daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19786,17 +20229,17 @@ interface(`corenet_receive_fingerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_fingerd_client_packets',`
+interface(`corenet_dontaudit_receive_daap_client_packets',`
gen_require(`
- type fingerd_client_packet_t;
+ type daap_client_packet_t;
')
- dontaudit $1 fingerd_client_packet_t:packet recv;
+ dontaudit $1 daap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive fingerd_client packets.
+## Send and receive daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19805,14 +20248,14 @@ interface(`corenet_dontaudit_receive_fingerd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_fingerd_client_packets',`
- corenet_send_fingerd_client_packets($1)
- corenet_receive_fingerd_client_packets($1)
+interface(`corenet_sendrecv_daap_client_packets',`
+ corenet_send_daap_client_packets($1)
+ corenet_receive_daap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive fingerd_client packets.
+## Do not audit attempts to send and receive daap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19821,14 +20264,14 @@ interface(`corenet_sendrecv_fingerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_fingerd_client_packets',`
- corenet_dontaudit_send_fingerd_client_packets($1)
- corenet_dontaudit_receive_fingerd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_daap_client_packets',`
+ corenet_dontaudit_send_daap_client_packets($1)
+ corenet_dontaudit_receive_daap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to fingerd_client the packet type.
+## Relabel packets to daap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -19836,18 +20279,18 @@ interface(`corenet_dontaudit_sendrecv_fingerd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_fingerd_client_packets',`
+interface(`corenet_relabelto_daap_client_packets',`
gen_require(`
- type fingerd_client_packet_t;
+ type daap_client_packet_t;
')
- allow $1 fingerd_client_packet_t:packet relabelto;
+ allow $1 daap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send fingerd_server packets.
+## Send daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19856,17 +20299,17 @@ interface(`corenet_relabelto_fingerd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_fingerd_server_packets',`
+interface(`corenet_send_daap_server_packets',`
gen_require(`
- type fingerd_server_packet_t;
+ type daap_server_packet_t;
')
- allow $1 fingerd_server_packet_t:packet send;
+ allow $1 daap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send fingerd_server packets.
+## Do not audit attempts to send daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19875,17 +20318,17 @@ interface(`corenet_send_fingerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_fingerd_server_packets',`
+interface(`corenet_dontaudit_send_daap_server_packets',`
gen_require(`
- type fingerd_server_packet_t;
+ type daap_server_packet_t;
')
- dontaudit $1 fingerd_server_packet_t:packet send;
+ dontaudit $1 daap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive fingerd_server packets.
+## Receive daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19894,17 +20337,17 @@ interface(`corenet_dontaudit_send_fingerd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_fingerd_server_packets',`
+interface(`corenet_receive_daap_server_packets',`
gen_require(`
- type fingerd_server_packet_t;
+ type daap_server_packet_t;
')
- allow $1 fingerd_server_packet_t:packet recv;
+ allow $1 daap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive fingerd_server packets.
+## Do not audit attempts to receive daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19913,17 +20356,17 @@ interface(`corenet_receive_fingerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_fingerd_server_packets',`
+interface(`corenet_dontaudit_receive_daap_server_packets',`
gen_require(`
- type fingerd_server_packet_t;
+ type daap_server_packet_t;
')
- dontaudit $1 fingerd_server_packet_t:packet recv;
+ dontaudit $1 daap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive fingerd_server packets.
+## Send and receive daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19932,14 +20375,14 @@ interface(`corenet_dontaudit_receive_fingerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_fingerd_server_packets',`
- corenet_send_fingerd_server_packets($1)
- corenet_receive_fingerd_server_packets($1)
+interface(`corenet_sendrecv_daap_server_packets',`
+ corenet_send_daap_server_packets($1)
+ corenet_receive_daap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive fingerd_server packets.
+## Do not audit attempts to send and receive daap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -19948,14 +20391,14 @@ interface(`corenet_sendrecv_fingerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_fingerd_server_packets',`
- corenet_dontaudit_send_fingerd_server_packets($1)
- corenet_dontaudit_receive_fingerd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_daap_server_packets',`
+ corenet_dontaudit_send_daap_server_packets($1)
+ corenet_dontaudit_receive_daap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to fingerd_server the packet type.
+## Relabel packets to daap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -19963,12 +20406,12 @@ interface(`corenet_dontaudit_sendrecv_fingerd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_fingerd_server_packets',`
+interface(`corenet_relabelto_daap_server_packets',`
gen_require(`
- type fingerd_server_packet_t;
+ type daap_server_packet_t;
')
- allow $1 fingerd_server_packet_t:packet relabelto;
+ allow $1 daap_server_packet_t:packet relabelto;
')
@@ -19976,7 +20419,7 @@ interface(`corenet_relabelto_fingerd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ftp port.
+## Send and receive TCP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -19985,17 +20428,17 @@ interface(`corenet_relabelto_fingerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ftp_port',`
+interface(`corenet_tcp_sendrecv_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dbskkd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ftp port.
+## Send UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20004,17 +20447,17 @@ interface(`corenet_tcp_sendrecv_ftp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ftp_port',`
+interface(`corenet_udp_send_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:udp_socket send_msg;
+ allow $1 dbskkd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ftp port.
+## Do not audit attempts to send UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20023,17 +20466,17 @@ interface(`corenet_udp_send_ftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ftp_port',`
+interface(`corenet_dontaudit_udp_send_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- dontaudit $1 ftp_port_t:udp_socket send_msg;
+ dontaudit $1 dbskkd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ftp port.
+## Receive UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20042,17 +20485,17 @@ interface(`corenet_dontaudit_udp_send_ftp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ftp_port',`
+interface(`corenet_udp_receive_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:udp_socket recv_msg;
+ allow $1 dbskkd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ftp port.
+## Do not audit attempts to receive UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20061,17 +20504,17 @@ interface(`corenet_udp_receive_ftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ftp_port',`
+interface(`corenet_dontaudit_udp_receive_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- dontaudit $1 ftp_port_t:udp_socket recv_msg;
+ dontaudit $1 dbskkd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ftp port.
+## Send and receive UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20080,15 +20523,15 @@ interface(`corenet_dontaudit_udp_receive_ftp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ftp_port',`
- corenet_udp_send_ftp_port($1)
- corenet_udp_receive_ftp_port($1)
+interface(`corenet_udp_sendrecv_dbskkd_port',`
+ corenet_udp_send_dbskkd_port($1)
+ corenet_udp_receive_dbskkd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ftp port.
+## UDP traffic on the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20097,14 +20540,14 @@ interface(`corenet_udp_sendrecv_ftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ftp_port',`
- corenet_dontaudit_udp_send_ftp_port($1)
- corenet_dontaudit_udp_receive_ftp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dbskkd_port',`
+ corenet_dontaudit_udp_send_dbskkd_port($1)
+ corenet_dontaudit_udp_receive_dbskkd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ftp port.
+## Bind TCP sockets to the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20113,18 +20556,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ftp_port',`
+interface(`corenet_tcp_bind_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 dbskkd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ftp port.
+## Bind UDP sockets to the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20133,18 +20576,18 @@ interface(`corenet_tcp_bind_ftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ftp_port',`
+interface(`corenet_udp_bind_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 dbskkd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ftp port.
+## Make a TCP connection to the dbskkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -20152,18 +20595,18 @@ interface(`corenet_udp_bind_ftp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ftp_port',`
+interface(`corenet_tcp_connect_dbskkd_port',`
gen_require(`
- type ftp_port_t;
+ type dbskkd_port_t;
')
- allow $1 ftp_port_t:tcp_socket name_connect;
+ allow $1 dbskkd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ftp_client packets.
+## Send dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20172,17 +20615,17 @@ interface(`corenet_tcp_connect_ftp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ftp_client_packets',`
+interface(`corenet_send_dbskkd_client_packets',`
gen_require(`
- type ftp_client_packet_t;
+ type dbskkd_client_packet_t;
')
- allow $1 ftp_client_packet_t:packet send;
+ allow $1 dbskkd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ftp_client packets.
+## Do not audit attempts to send dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20191,17 +20634,17 @@ interface(`corenet_send_ftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ftp_client_packets',`
+interface(`corenet_dontaudit_send_dbskkd_client_packets',`
gen_require(`
- type ftp_client_packet_t;
+ type dbskkd_client_packet_t;
')
- dontaudit $1 ftp_client_packet_t:packet send;
+ dontaudit $1 dbskkd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ftp_client packets.
+## Receive dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20210,17 +20653,17 @@ interface(`corenet_dontaudit_send_ftp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ftp_client_packets',`
+interface(`corenet_receive_dbskkd_client_packets',`
gen_require(`
- type ftp_client_packet_t;
+ type dbskkd_client_packet_t;
')
- allow $1 ftp_client_packet_t:packet recv;
+ allow $1 dbskkd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ftp_client packets.
+## Do not audit attempts to receive dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20229,17 +20672,17 @@ interface(`corenet_receive_ftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ftp_client_packets',`
+interface(`corenet_dontaudit_receive_dbskkd_client_packets',`
gen_require(`
- type ftp_client_packet_t;
+ type dbskkd_client_packet_t;
')
- dontaudit $1 ftp_client_packet_t:packet recv;
+ dontaudit $1 dbskkd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ftp_client packets.
+## Send and receive dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20248,14 +20691,14 @@ interface(`corenet_dontaudit_receive_ftp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ftp_client_packets',`
- corenet_send_ftp_client_packets($1)
- corenet_receive_ftp_client_packets($1)
+interface(`corenet_sendrecv_dbskkd_client_packets',`
+ corenet_send_dbskkd_client_packets($1)
+ corenet_receive_dbskkd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ftp_client packets.
+## Do not audit attempts to send and receive dbskkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20264,14 +20707,14 @@ interface(`corenet_sendrecv_ftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ftp_client_packets',`
- corenet_dontaudit_send_ftp_client_packets($1)
- corenet_dontaudit_receive_ftp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dbskkd_client_packets',`
+ corenet_dontaudit_send_dbskkd_client_packets($1)
+ corenet_dontaudit_receive_dbskkd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ftp_client the packet type.
+## Relabel packets to dbskkd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -20279,18 +20722,18 @@ interface(`corenet_dontaudit_sendrecv_ftp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ftp_client_packets',`
+interface(`corenet_relabelto_dbskkd_client_packets',`
gen_require(`
- type ftp_client_packet_t;
+ type dbskkd_client_packet_t;
')
- allow $1 ftp_client_packet_t:packet relabelto;
+ allow $1 dbskkd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ftp_server packets.
+## Send dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20299,17 +20742,17 @@ interface(`corenet_relabelto_ftp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ftp_server_packets',`
+interface(`corenet_send_dbskkd_server_packets',`
gen_require(`
- type ftp_server_packet_t;
+ type dbskkd_server_packet_t;
')
- allow $1 ftp_server_packet_t:packet send;
+ allow $1 dbskkd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ftp_server packets.
+## Do not audit attempts to send dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20318,17 +20761,17 @@ interface(`corenet_send_ftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ftp_server_packets',`
+interface(`corenet_dontaudit_send_dbskkd_server_packets',`
gen_require(`
- type ftp_server_packet_t;
+ type dbskkd_server_packet_t;
')
- dontaudit $1 ftp_server_packet_t:packet send;
+ dontaudit $1 dbskkd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ftp_server packets.
+## Receive dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20337,17 +20780,17 @@ interface(`corenet_dontaudit_send_ftp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ftp_server_packets',`
+interface(`corenet_receive_dbskkd_server_packets',`
gen_require(`
- type ftp_server_packet_t;
+ type dbskkd_server_packet_t;
')
- allow $1 ftp_server_packet_t:packet recv;
+ allow $1 dbskkd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ftp_server packets.
+## Do not audit attempts to receive dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20356,17 +20799,17 @@ interface(`corenet_receive_ftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ftp_server_packets',`
+interface(`corenet_dontaudit_receive_dbskkd_server_packets',`
gen_require(`
- type ftp_server_packet_t;
+ type dbskkd_server_packet_t;
')
- dontaudit $1 ftp_server_packet_t:packet recv;
+ dontaudit $1 dbskkd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ftp_server packets.
+## Send and receive dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20375,14 +20818,14 @@ interface(`corenet_dontaudit_receive_ftp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ftp_server_packets',`
- corenet_send_ftp_server_packets($1)
- corenet_receive_ftp_server_packets($1)
+interface(`corenet_sendrecv_dbskkd_server_packets',`
+ corenet_send_dbskkd_server_packets($1)
+ corenet_receive_dbskkd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ftp_server packets.
+## Do not audit attempts to send and receive dbskkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20391,14 +20834,14 @@ interface(`corenet_sendrecv_ftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ftp_server_packets',`
- corenet_dontaudit_send_ftp_server_packets($1)
- corenet_dontaudit_receive_ftp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dbskkd_server_packets',`
+ corenet_dontaudit_send_dbskkd_server_packets($1)
+ corenet_dontaudit_receive_dbskkd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ftp_server the packet type.
+## Relabel packets to dbskkd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -20406,12 +20849,12 @@ interface(`corenet_dontaudit_sendrecv_ftp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ftp_server_packets',`
+interface(`corenet_relabelto_dbskkd_server_packets',`
gen_require(`
- type ftp_server_packet_t;
+ type dbskkd_server_packet_t;
')
- allow $1 ftp_server_packet_t:packet relabelto;
+ allow $1 dbskkd_server_packet_t:packet relabelto;
')
@@ -20419,7 +20862,7 @@ interface(`corenet_relabelto_ftp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ftp_data port.
+## Send and receive TCP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20428,17 +20871,17 @@ interface(`corenet_relabelto_ftp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ftp_data_port',`
+interface(`corenet_tcp_sendrecv_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dcc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ftp_data port.
+## Send UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20447,17 +20890,17 @@ interface(`corenet_tcp_sendrecv_ftp_data_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ftp_data_port',`
+interface(`corenet_udp_send_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:udp_socket send_msg;
+ allow $1 dcc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ftp_data port.
+## Do not audit attempts to send UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20466,17 +20909,17 @@ interface(`corenet_udp_send_ftp_data_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ftp_data_port',`
+interface(`corenet_dontaudit_udp_send_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- dontaudit $1 ftp_data_port_t:udp_socket send_msg;
+ dontaudit $1 dcc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ftp_data port.
+## Receive UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20485,17 +20928,17 @@ interface(`corenet_dontaudit_udp_send_ftp_data_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ftp_data_port',`
+interface(`corenet_udp_receive_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:udp_socket recv_msg;
+ allow $1 dcc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ftp_data port.
+## Do not audit attempts to receive UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20504,17 +20947,17 @@ interface(`corenet_udp_receive_ftp_data_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ftp_data_port',`
+interface(`corenet_dontaudit_udp_receive_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- dontaudit $1 ftp_data_port_t:udp_socket recv_msg;
+ dontaudit $1 dcc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ftp_data port.
+## Send and receive UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20523,15 +20966,15 @@ interface(`corenet_dontaudit_udp_receive_ftp_data_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ftp_data_port',`
- corenet_udp_send_ftp_data_port($1)
- corenet_udp_receive_ftp_data_port($1)
+interface(`corenet_udp_sendrecv_dcc_port',`
+ corenet_udp_send_dcc_port($1)
+ corenet_udp_receive_dcc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ftp_data port.
+## UDP traffic on the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20540,14 +20983,14 @@ interface(`corenet_udp_sendrecv_ftp_data_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ftp_data_port',`
- corenet_dontaudit_udp_send_ftp_data_port($1)
- corenet_dontaudit_udp_receive_ftp_data_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dcc_port',`
+ corenet_dontaudit_udp_send_dcc_port($1)
+ corenet_dontaudit_udp_receive_dcc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ftp_data port.
+## Bind TCP sockets to the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20556,18 +20999,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ftp_data_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ftp_data_port',`
+interface(`corenet_tcp_bind_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 dcc_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ftp_data port.
+## Bind UDP sockets to the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20576,18 +21019,18 @@ interface(`corenet_tcp_bind_ftp_data_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ftp_data_port',`
+interface(`corenet_udp_bind_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 dcc_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ftp_data port.
+## Make a TCP connection to the dcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -20595,18 +21038,18 @@ interface(`corenet_udp_bind_ftp_data_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ftp_data_port',`
+interface(`corenet_tcp_connect_dcc_port',`
gen_require(`
- type ftp_data_port_t;
+ type dcc_port_t;
')
- allow $1 ftp_data_port_t:tcp_socket name_connect;
+ allow $1 dcc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ftp_data_client packets.
+## Send dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20615,17 +21058,17 @@ interface(`corenet_tcp_connect_ftp_data_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ftp_data_client_packets',`
+interface(`corenet_send_dcc_client_packets',`
gen_require(`
- type ftp_data_client_packet_t;
+ type dcc_client_packet_t;
')
- allow $1 ftp_data_client_packet_t:packet send;
+ allow $1 dcc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ftp_data_client packets.
+## Do not audit attempts to send dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20634,17 +21077,17 @@ interface(`corenet_send_ftp_data_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ftp_data_client_packets',`
+interface(`corenet_dontaudit_send_dcc_client_packets',`
gen_require(`
- type ftp_data_client_packet_t;
+ type dcc_client_packet_t;
')
- dontaudit $1 ftp_data_client_packet_t:packet send;
+ dontaudit $1 dcc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ftp_data_client packets.
+## Receive dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20653,17 +21096,17 @@ interface(`corenet_dontaudit_send_ftp_data_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ftp_data_client_packets',`
+interface(`corenet_receive_dcc_client_packets',`
gen_require(`
- type ftp_data_client_packet_t;
+ type dcc_client_packet_t;
')
- allow $1 ftp_data_client_packet_t:packet recv;
+ allow $1 dcc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ftp_data_client packets.
+## Do not audit attempts to receive dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20672,17 +21115,17 @@ interface(`corenet_receive_ftp_data_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ftp_data_client_packets',`
+interface(`corenet_dontaudit_receive_dcc_client_packets',`
gen_require(`
- type ftp_data_client_packet_t;
+ type dcc_client_packet_t;
')
- dontaudit $1 ftp_data_client_packet_t:packet recv;
+ dontaudit $1 dcc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ftp_data_client packets.
+## Send and receive dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20691,14 +21134,14 @@ interface(`corenet_dontaudit_receive_ftp_data_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ftp_data_client_packets',`
- corenet_send_ftp_data_client_packets($1)
- corenet_receive_ftp_data_client_packets($1)
+interface(`corenet_sendrecv_dcc_client_packets',`
+ corenet_send_dcc_client_packets($1)
+ corenet_receive_dcc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ftp_data_client packets.
+## Do not audit attempts to send and receive dcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20707,14 +21150,14 @@ interface(`corenet_sendrecv_ftp_data_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ftp_data_client_packets',`
- corenet_dontaudit_send_ftp_data_client_packets($1)
- corenet_dontaudit_receive_ftp_data_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dcc_client_packets',`
+ corenet_dontaudit_send_dcc_client_packets($1)
+ corenet_dontaudit_receive_dcc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ftp_data_client the packet type.
+## Relabel packets to dcc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -20722,18 +21165,18 @@ interface(`corenet_dontaudit_sendrecv_ftp_data_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ftp_data_client_packets',`
+interface(`corenet_relabelto_dcc_client_packets',`
gen_require(`
- type ftp_data_client_packet_t;
+ type dcc_client_packet_t;
')
- allow $1 ftp_data_client_packet_t:packet relabelto;
+ allow $1 dcc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ftp_data_server packets.
+## Send dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20742,17 +21185,17 @@ interface(`corenet_relabelto_ftp_data_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ftp_data_server_packets',`
+interface(`corenet_send_dcc_server_packets',`
gen_require(`
- type ftp_data_server_packet_t;
+ type dcc_server_packet_t;
')
- allow $1 ftp_data_server_packet_t:packet send;
+ allow $1 dcc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ftp_data_server packets.
+## Do not audit attempts to send dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20761,17 +21204,17 @@ interface(`corenet_send_ftp_data_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ftp_data_server_packets',`
+interface(`corenet_dontaudit_send_dcc_server_packets',`
gen_require(`
- type ftp_data_server_packet_t;
+ type dcc_server_packet_t;
')
- dontaudit $1 ftp_data_server_packet_t:packet send;
+ dontaudit $1 dcc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ftp_data_server packets.
+## Receive dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20780,17 +21223,17 @@ interface(`corenet_dontaudit_send_ftp_data_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ftp_data_server_packets',`
+interface(`corenet_receive_dcc_server_packets',`
gen_require(`
- type ftp_data_server_packet_t;
+ type dcc_server_packet_t;
')
- allow $1 ftp_data_server_packet_t:packet recv;
+ allow $1 dcc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ftp_data_server packets.
+## Do not audit attempts to receive dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20799,17 +21242,17 @@ interface(`corenet_receive_ftp_data_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ftp_data_server_packets',`
+interface(`corenet_dontaudit_receive_dcc_server_packets',`
gen_require(`
- type ftp_data_server_packet_t;
+ type dcc_server_packet_t;
')
- dontaudit $1 ftp_data_server_packet_t:packet recv;
+ dontaudit $1 dcc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ftp_data_server packets.
+## Send and receive dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20818,14 +21261,14 @@ interface(`corenet_dontaudit_receive_ftp_data_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ftp_data_server_packets',`
- corenet_send_ftp_data_server_packets($1)
- corenet_receive_ftp_data_server_packets($1)
+interface(`corenet_sendrecv_dcc_server_packets',`
+ corenet_send_dcc_server_packets($1)
+ corenet_receive_dcc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ftp_data_server packets.
+## Do not audit attempts to send and receive dcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -20834,14 +21277,14 @@ interface(`corenet_sendrecv_ftp_data_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ftp_data_server_packets',`
- corenet_dontaudit_send_ftp_data_server_packets($1)
- corenet_dontaudit_receive_ftp_data_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dcc_server_packets',`
+ corenet_dontaudit_send_dcc_server_packets($1)
+ corenet_dontaudit_receive_dcc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ftp_data_server the packet type.
+## Relabel packets to dcc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -20849,12 +21292,12 @@ interface(`corenet_dontaudit_sendrecv_ftp_data_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ftp_data_server_packets',`
+interface(`corenet_relabelto_dcc_server_packets',`
gen_require(`
- type ftp_data_server_packet_t;
+ type dcc_server_packet_t;
')
- allow $1 ftp_data_server_packet_t:packet relabelto;
+ allow $1 dcc_server_packet_t:packet relabelto;
')
@@ -20862,7 +21305,7 @@ interface(`corenet_relabelto_ftp_data_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the gatekeeper port.
+## Send and receive TCP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20871,17 +21314,17 @@ interface(`corenet_relabelto_ftp_data_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_gatekeeper_port',`
+interface(`corenet_tcp_sendrecv_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dccm_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the gatekeeper port.
+## Send UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20890,17 +21333,17 @@ interface(`corenet_tcp_sendrecv_gatekeeper_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_gatekeeper_port',`
+interface(`corenet_udp_send_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:udp_socket send_msg;
+ allow $1 dccm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the gatekeeper port.
+## Do not audit attempts to send UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20909,17 +21352,17 @@ interface(`corenet_udp_send_gatekeeper_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_gatekeeper_port',`
+interface(`corenet_dontaudit_udp_send_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- dontaudit $1 gatekeeper_port_t:udp_socket send_msg;
+ dontaudit $1 dccm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the gatekeeper port.
+## Receive UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20928,17 +21371,17 @@ interface(`corenet_dontaudit_udp_send_gatekeeper_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_gatekeeper_port',`
+interface(`corenet_udp_receive_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:udp_socket recv_msg;
+ allow $1 dccm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the gatekeeper port.
+## Do not audit attempts to receive UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20947,17 +21390,17 @@ interface(`corenet_udp_receive_gatekeeper_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_gatekeeper_port',`
+interface(`corenet_dontaudit_udp_receive_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- dontaudit $1 gatekeeper_port_t:udp_socket recv_msg;
+ dontaudit $1 dccm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the gatekeeper port.
+## Send and receive UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20966,15 +21409,15 @@ interface(`corenet_dontaudit_udp_receive_gatekeeper_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_gatekeeper_port',`
- corenet_udp_send_gatekeeper_port($1)
- corenet_udp_receive_gatekeeper_port($1)
+interface(`corenet_udp_sendrecv_dccm_port',`
+ corenet_udp_send_dccm_port($1)
+ corenet_udp_receive_dccm_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the gatekeeper port.
+## UDP traffic on the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20983,14 +21426,14 @@ interface(`corenet_udp_sendrecv_gatekeeper_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_gatekeeper_port',`
- corenet_dontaudit_udp_send_gatekeeper_port($1)
- corenet_dontaudit_udp_receive_gatekeeper_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dccm_port',`
+ corenet_dontaudit_udp_send_dccm_port($1)
+ corenet_dontaudit_udp_receive_dccm_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the gatekeeper port.
+## Bind TCP sockets to the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -20999,18 +21442,18 @@ interface(`corenet_dontaudit_udp_sendrecv_gatekeeper_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_gatekeeper_port',`
+interface(`corenet_tcp_bind_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:tcp_socket name_bind;
+ allow $1 dccm_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the gatekeeper port.
+## Bind UDP sockets to the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -21019,18 +21462,18 @@ interface(`corenet_tcp_bind_gatekeeper_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_gatekeeper_port',`
+interface(`corenet_udp_bind_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:udp_socket name_bind;
+ allow $1 dccm_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the gatekeeper port.
+## Make a TCP connection to the dccm port.
## </summary>
## <param name="domain">
## <summary>
@@ -21038,18 +21481,18 @@ interface(`corenet_udp_bind_gatekeeper_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_gatekeeper_port',`
+interface(`corenet_tcp_connect_dccm_port',`
gen_require(`
- type gatekeeper_port_t;
+ type dccm_port_t;
')
- allow $1 gatekeeper_port_t:tcp_socket name_connect;
+ allow $1 dccm_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send gatekeeper_client packets.
+## Send dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21058,17 +21501,17 @@ interface(`corenet_tcp_connect_gatekeeper_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gatekeeper_client_packets',`
+interface(`corenet_send_dccm_client_packets',`
gen_require(`
- type gatekeeper_client_packet_t;
+ type dccm_client_packet_t;
')
- allow $1 gatekeeper_client_packet_t:packet send;
+ allow $1 dccm_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gatekeeper_client packets.
+## Do not audit attempts to send dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21077,17 +21520,17 @@ interface(`corenet_send_gatekeeper_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gatekeeper_client_packets',`
+interface(`corenet_dontaudit_send_dccm_client_packets',`
gen_require(`
- type gatekeeper_client_packet_t;
+ type dccm_client_packet_t;
')
- dontaudit $1 gatekeeper_client_packet_t:packet send;
+ dontaudit $1 dccm_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive gatekeeper_client packets.
+## Receive dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21096,17 +21539,17 @@ interface(`corenet_dontaudit_send_gatekeeper_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gatekeeper_client_packets',`
+interface(`corenet_receive_dccm_client_packets',`
gen_require(`
- type gatekeeper_client_packet_t;
+ type dccm_client_packet_t;
')
- allow $1 gatekeeper_client_packet_t:packet recv;
+ allow $1 dccm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gatekeeper_client packets.
+## Do not audit attempts to receive dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21115,17 +21558,17 @@ interface(`corenet_receive_gatekeeper_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gatekeeper_client_packets',`
+interface(`corenet_dontaudit_receive_dccm_client_packets',`
gen_require(`
- type gatekeeper_client_packet_t;
+ type dccm_client_packet_t;
')
- dontaudit $1 gatekeeper_client_packet_t:packet recv;
+ dontaudit $1 dccm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gatekeeper_client packets.
+## Send and receive dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21134,14 +21577,14 @@ interface(`corenet_dontaudit_receive_gatekeeper_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gatekeeper_client_packets',`
- corenet_send_gatekeeper_client_packets($1)
- corenet_receive_gatekeeper_client_packets($1)
+interface(`corenet_sendrecv_dccm_client_packets',`
+ corenet_send_dccm_client_packets($1)
+ corenet_receive_dccm_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gatekeeper_client packets.
+## Do not audit attempts to send and receive dccm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21150,14 +21593,14 @@ interface(`corenet_sendrecv_gatekeeper_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gatekeeper_client_packets',`
- corenet_dontaudit_send_gatekeeper_client_packets($1)
- corenet_dontaudit_receive_gatekeeper_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dccm_client_packets',`
+ corenet_dontaudit_send_dccm_client_packets($1)
+ corenet_dontaudit_receive_dccm_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to gatekeeper_client the packet type.
+## Relabel packets to dccm_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -21165,18 +21608,18 @@ interface(`corenet_dontaudit_sendrecv_gatekeeper_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gatekeeper_client_packets',`
+interface(`corenet_relabelto_dccm_client_packets',`
gen_require(`
- type gatekeeper_client_packet_t;
+ type dccm_client_packet_t;
')
- allow $1 gatekeeper_client_packet_t:packet relabelto;
+ allow $1 dccm_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send gatekeeper_server packets.
+## Send dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21185,17 +21628,17 @@ interface(`corenet_relabelto_gatekeeper_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gatekeeper_server_packets',`
+interface(`corenet_send_dccm_server_packets',`
gen_require(`
- type gatekeeper_server_packet_t;
+ type dccm_server_packet_t;
')
- allow $1 gatekeeper_server_packet_t:packet send;
+ allow $1 dccm_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gatekeeper_server packets.
+## Do not audit attempts to send dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21204,17 +21647,17 @@ interface(`corenet_send_gatekeeper_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gatekeeper_server_packets',`
+interface(`corenet_dontaudit_send_dccm_server_packets',`
gen_require(`
- type gatekeeper_server_packet_t;
+ type dccm_server_packet_t;
')
- dontaudit $1 gatekeeper_server_packet_t:packet send;
+ dontaudit $1 dccm_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive gatekeeper_server packets.
+## Receive dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21223,17 +21666,17 @@ interface(`corenet_dontaudit_send_gatekeeper_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gatekeeper_server_packets',`
+interface(`corenet_receive_dccm_server_packets',`
gen_require(`
- type gatekeeper_server_packet_t;
+ type dccm_server_packet_t;
')
- allow $1 gatekeeper_server_packet_t:packet recv;
+ allow $1 dccm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gatekeeper_server packets.
+## Do not audit attempts to receive dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21242,17 +21685,17 @@ interface(`corenet_receive_gatekeeper_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gatekeeper_server_packets',`
+interface(`corenet_dontaudit_receive_dccm_server_packets',`
gen_require(`
- type gatekeeper_server_packet_t;
+ type dccm_server_packet_t;
')
- dontaudit $1 gatekeeper_server_packet_t:packet recv;
+ dontaudit $1 dccm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gatekeeper_server packets.
+## Send and receive dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21261,14 +21704,14 @@ interface(`corenet_dontaudit_receive_gatekeeper_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gatekeeper_server_packets',`
- corenet_send_gatekeeper_server_packets($1)
- corenet_receive_gatekeeper_server_packets($1)
+interface(`corenet_sendrecv_dccm_server_packets',`
+ corenet_send_dccm_server_packets($1)
+ corenet_receive_dccm_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gatekeeper_server packets.
+## Do not audit attempts to send and receive dccm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21277,14 +21720,14 @@ interface(`corenet_sendrecv_gatekeeper_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gatekeeper_server_packets',`
- corenet_dontaudit_send_gatekeeper_server_packets($1)
- corenet_dontaudit_receive_gatekeeper_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dccm_server_packets',`
+ corenet_dontaudit_send_dccm_server_packets($1)
+ corenet_dontaudit_receive_dccm_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to gatekeeper_server the packet type.
+## Relabel packets to dccm_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -21292,12 +21735,12 @@ interface(`corenet_dontaudit_sendrecv_gatekeeper_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gatekeeper_server_packets',`
+interface(`corenet_relabelto_dccm_server_packets',`
gen_require(`
- type gatekeeper_server_packet_t;
+ type dccm_server_packet_t;
')
- allow $1 gatekeeper_server_packet_t:packet relabelto;
+ allow $1 dccm_server_packet_t:packet relabelto;
')
@@ -21305,7 +21748,7 @@ interface(`corenet_relabelto_gatekeeper_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the giftd port.
+## Send and receive TCP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21314,17 +21757,17 @@ interface(`corenet_relabelto_gatekeeper_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_giftd_port',`
+interface(`corenet_tcp_sendrecv_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dhcpc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the giftd port.
+## Send UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21333,17 +21776,17 @@ interface(`corenet_tcp_sendrecv_giftd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_giftd_port',`
+interface(`corenet_udp_send_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:udp_socket send_msg;
+ allow $1 dhcpc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the giftd port.
+## Do not audit attempts to send UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21352,17 +21795,17 @@ interface(`corenet_udp_send_giftd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_giftd_port',`
+interface(`corenet_dontaudit_udp_send_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- dontaudit $1 giftd_port_t:udp_socket send_msg;
+ dontaudit $1 dhcpc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the giftd port.
+## Receive UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21371,17 +21814,17 @@ interface(`corenet_dontaudit_udp_send_giftd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_giftd_port',`
+interface(`corenet_udp_receive_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:udp_socket recv_msg;
+ allow $1 dhcpc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the giftd port.
+## Do not audit attempts to receive UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21390,17 +21833,17 @@ interface(`corenet_udp_receive_giftd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_giftd_port',`
+interface(`corenet_dontaudit_udp_receive_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- dontaudit $1 giftd_port_t:udp_socket recv_msg;
+ dontaudit $1 dhcpc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the giftd port.
+## Send and receive UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21409,15 +21852,15 @@ interface(`corenet_dontaudit_udp_receive_giftd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_giftd_port',`
- corenet_udp_send_giftd_port($1)
- corenet_udp_receive_giftd_port($1)
+interface(`corenet_udp_sendrecv_dhcpc_port',`
+ corenet_udp_send_dhcpc_port($1)
+ corenet_udp_receive_dhcpc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the giftd port.
+## UDP traffic on the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21426,14 +21869,14 @@ interface(`corenet_udp_sendrecv_giftd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_giftd_port',`
- corenet_dontaudit_udp_send_giftd_port($1)
- corenet_dontaudit_udp_receive_giftd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dhcpc_port',`
+ corenet_dontaudit_udp_send_dhcpc_port($1)
+ corenet_dontaudit_udp_receive_dhcpc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the giftd port.
+## Bind TCP sockets to the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21442,18 +21885,18 @@ interface(`corenet_dontaudit_udp_sendrecv_giftd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_giftd_port',`
+interface(`corenet_tcp_bind_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:tcp_socket name_bind;
-
+ allow $1 dhcpc_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the giftd port.
+## Bind UDP sockets to the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21462,18 +21905,18 @@ interface(`corenet_tcp_bind_giftd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_giftd_port',`
+interface(`corenet_udp_bind_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:udp_socket name_bind;
-
+ allow $1 dhcpc_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the giftd port.
+## Make a TCP connection to the dhcpc port.
## </summary>
## <param name="domain">
## <summary>
@@ -21481,18 +21924,18 @@ interface(`corenet_udp_bind_giftd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_giftd_port',`
+interface(`corenet_tcp_connect_dhcpc_port',`
gen_require(`
- type giftd_port_t;
+ type dhcpc_port_t;
')
- allow $1 giftd_port_t:tcp_socket name_connect;
+ allow $1 dhcpc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send giftd_client packets.
+## Send dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21501,17 +21944,17 @@ interface(`corenet_tcp_connect_giftd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_giftd_client_packets',`
+interface(`corenet_send_dhcpc_client_packets',`
gen_require(`
- type giftd_client_packet_t;
+ type dhcpc_client_packet_t;
')
- allow $1 giftd_client_packet_t:packet send;
+ allow $1 dhcpc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send giftd_client packets.
+## Do not audit attempts to send dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21520,17 +21963,17 @@ interface(`corenet_send_giftd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_giftd_client_packets',`
+interface(`corenet_dontaudit_send_dhcpc_client_packets',`
gen_require(`
- type giftd_client_packet_t;
+ type dhcpc_client_packet_t;
')
- dontaudit $1 giftd_client_packet_t:packet send;
+ dontaudit $1 dhcpc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive giftd_client packets.
+## Receive dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21539,17 +21982,17 @@ interface(`corenet_dontaudit_send_giftd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_giftd_client_packets',`
+interface(`corenet_receive_dhcpc_client_packets',`
gen_require(`
- type giftd_client_packet_t;
+ type dhcpc_client_packet_t;
')
- allow $1 giftd_client_packet_t:packet recv;
+ allow $1 dhcpc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive giftd_client packets.
+## Do not audit attempts to receive dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21558,17 +22001,17 @@ interface(`corenet_receive_giftd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_giftd_client_packets',`
+interface(`corenet_dontaudit_receive_dhcpc_client_packets',`
gen_require(`
- type giftd_client_packet_t;
+ type dhcpc_client_packet_t;
')
- dontaudit $1 giftd_client_packet_t:packet recv;
+ dontaudit $1 dhcpc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive giftd_client packets.
+## Send and receive dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21577,14 +22020,14 @@ interface(`corenet_dontaudit_receive_giftd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_giftd_client_packets',`
- corenet_send_giftd_client_packets($1)
- corenet_receive_giftd_client_packets($1)
+interface(`corenet_sendrecv_dhcpc_client_packets',`
+ corenet_send_dhcpc_client_packets($1)
+ corenet_receive_dhcpc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive giftd_client packets.
+## Do not audit attempts to send and receive dhcpc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21593,14 +22036,14 @@ interface(`corenet_sendrecv_giftd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_giftd_client_packets',`
- corenet_dontaudit_send_giftd_client_packets($1)
- corenet_dontaudit_receive_giftd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dhcpc_client_packets',`
+ corenet_dontaudit_send_dhcpc_client_packets($1)
+ corenet_dontaudit_receive_dhcpc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to giftd_client the packet type.
+## Relabel packets to dhcpc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -21608,18 +22051,18 @@ interface(`corenet_dontaudit_sendrecv_giftd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_giftd_client_packets',`
+interface(`corenet_relabelto_dhcpc_client_packets',`
gen_require(`
- type giftd_client_packet_t;
+ type dhcpc_client_packet_t;
')
- allow $1 giftd_client_packet_t:packet relabelto;
+ allow $1 dhcpc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send giftd_server packets.
+## Send dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21628,17 +22071,17 @@ interface(`corenet_relabelto_giftd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_giftd_server_packets',`
+interface(`corenet_send_dhcpc_server_packets',`
gen_require(`
- type giftd_server_packet_t;
+ type dhcpc_server_packet_t;
')
- allow $1 giftd_server_packet_t:packet send;
+ allow $1 dhcpc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send giftd_server packets.
+## Do not audit attempts to send dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21647,17 +22090,17 @@ interface(`corenet_send_giftd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_giftd_server_packets',`
+interface(`corenet_dontaudit_send_dhcpc_server_packets',`
gen_require(`
- type giftd_server_packet_t;
+ type dhcpc_server_packet_t;
')
- dontaudit $1 giftd_server_packet_t:packet send;
+ dontaudit $1 dhcpc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive giftd_server packets.
+## Receive dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21666,17 +22109,17 @@ interface(`corenet_dontaudit_send_giftd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_giftd_server_packets',`
+interface(`corenet_receive_dhcpc_server_packets',`
gen_require(`
- type giftd_server_packet_t;
+ type dhcpc_server_packet_t;
')
- allow $1 giftd_server_packet_t:packet recv;
+ allow $1 dhcpc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive giftd_server packets.
+## Do not audit attempts to receive dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21685,17 +22128,17 @@ interface(`corenet_receive_giftd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_giftd_server_packets',`
+interface(`corenet_dontaudit_receive_dhcpc_server_packets',`
gen_require(`
- type giftd_server_packet_t;
+ type dhcpc_server_packet_t;
')
- dontaudit $1 giftd_server_packet_t:packet recv;
+ dontaudit $1 dhcpc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive giftd_server packets.
+## Send and receive dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21704,14 +22147,14 @@ interface(`corenet_dontaudit_receive_giftd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_giftd_server_packets',`
- corenet_send_giftd_server_packets($1)
- corenet_receive_giftd_server_packets($1)
+interface(`corenet_sendrecv_dhcpc_server_packets',`
+ corenet_send_dhcpc_server_packets($1)
+ corenet_receive_dhcpc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive giftd_server packets.
+## Do not audit attempts to send and receive dhcpc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21720,14 +22163,14 @@ interface(`corenet_sendrecv_giftd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_giftd_server_packets',`
- corenet_dontaudit_send_giftd_server_packets($1)
- corenet_dontaudit_receive_giftd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dhcpc_server_packets',`
+ corenet_dontaudit_send_dhcpc_server_packets($1)
+ corenet_dontaudit_receive_dhcpc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to giftd_server the packet type.
+## Relabel packets to dhcpc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -21735,12 +22178,12 @@ interface(`corenet_dontaudit_sendrecv_giftd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_giftd_server_packets',`
+interface(`corenet_relabelto_dhcpc_server_packets',`
gen_require(`
- type giftd_server_packet_t;
+ type dhcpc_server_packet_t;
')
- allow $1 giftd_server_packet_t:packet relabelto;
+ allow $1 dhcpc_server_packet_t:packet relabelto;
')
@@ -21748,7 +22191,7 @@ interface(`corenet_relabelto_giftd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the git port.
+## Send and receive TCP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21757,17 +22200,17 @@ interface(`corenet_relabelto_giftd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_git_port',`
+interface(`corenet_tcp_sendrecv_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dhcpd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the git port.
+## Send UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21776,17 +22219,17 @@ interface(`corenet_tcp_sendrecv_git_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_git_port',`
+interface(`corenet_udp_send_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:udp_socket send_msg;
+ allow $1 dhcpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the git port.
+## Do not audit attempts to send UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21795,17 +22238,17 @@ interface(`corenet_udp_send_git_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_git_port',`
+interface(`corenet_dontaudit_udp_send_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- dontaudit $1 git_port_t:udp_socket send_msg;
+ dontaudit $1 dhcpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the git port.
+## Receive UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21814,17 +22257,17 @@ interface(`corenet_dontaudit_udp_send_git_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_git_port',`
+interface(`corenet_udp_receive_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:udp_socket recv_msg;
+ allow $1 dhcpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the git port.
+## Do not audit attempts to receive UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21833,17 +22276,17 @@ interface(`corenet_udp_receive_git_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_git_port',`
+interface(`corenet_dontaudit_udp_receive_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- dontaudit $1 git_port_t:udp_socket recv_msg;
+ dontaudit $1 dhcpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the git port.
+## Send and receive UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21852,15 +22295,15 @@ interface(`corenet_dontaudit_udp_receive_git_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_git_port',`
- corenet_udp_send_git_port($1)
- corenet_udp_receive_git_port($1)
+interface(`corenet_udp_sendrecv_dhcpd_port',`
+ corenet_udp_send_dhcpd_port($1)
+ corenet_udp_receive_dhcpd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the git port.
+## UDP traffic on the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21869,14 +22312,14 @@ interface(`corenet_udp_sendrecv_git_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_git_port',`
- corenet_dontaudit_udp_send_git_port($1)
- corenet_dontaudit_udp_receive_git_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dhcpd_port',`
+ corenet_dontaudit_udp_send_dhcpd_port($1)
+ corenet_dontaudit_udp_receive_dhcpd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the git port.
+## Bind TCP sockets to the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21885,18 +22328,18 @@ interface(`corenet_dontaudit_udp_sendrecv_git_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_git_port',`
+interface(`corenet_tcp_bind_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:tcp_socket name_bind;
-
+ allow $1 dhcpd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the git port.
+## Bind UDP sockets to the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21905,18 +22348,18 @@ interface(`corenet_tcp_bind_git_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_git_port',`
+interface(`corenet_udp_bind_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:udp_socket name_bind;
-
+ allow $1 dhcpd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the git port.
+## Make a TCP connection to the dhcpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -21924,18 +22367,18 @@ interface(`corenet_udp_bind_git_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_git_port',`
+interface(`corenet_tcp_connect_dhcpd_port',`
gen_require(`
- type git_port_t;
+ type dhcpd_port_t;
')
- allow $1 git_port_t:tcp_socket name_connect;
+ allow $1 dhcpd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send git_client packets.
+## Send dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21944,17 +22387,17 @@ interface(`corenet_tcp_connect_git_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_git_client_packets',`
+interface(`corenet_send_dhcpd_client_packets',`
gen_require(`
- type git_client_packet_t;
+ type dhcpd_client_packet_t;
')
- allow $1 git_client_packet_t:packet send;
+ allow $1 dhcpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send git_client packets.
+## Do not audit attempts to send dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21963,17 +22406,17 @@ interface(`corenet_send_git_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_git_client_packets',`
+interface(`corenet_dontaudit_send_dhcpd_client_packets',`
gen_require(`
- type git_client_packet_t;
+ type dhcpd_client_packet_t;
')
- dontaudit $1 git_client_packet_t:packet send;
+ dontaudit $1 dhcpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive git_client packets.
+## Receive dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -21982,17 +22425,17 @@ interface(`corenet_dontaudit_send_git_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_git_client_packets',`
+interface(`corenet_receive_dhcpd_client_packets',`
gen_require(`
- type git_client_packet_t;
+ type dhcpd_client_packet_t;
')
- allow $1 git_client_packet_t:packet recv;
+ allow $1 dhcpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive git_client packets.
+## Do not audit attempts to receive dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22001,17 +22444,17 @@ interface(`corenet_receive_git_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_git_client_packets',`
+interface(`corenet_dontaudit_receive_dhcpd_client_packets',`
gen_require(`
- type git_client_packet_t;
+ type dhcpd_client_packet_t;
')
- dontaudit $1 git_client_packet_t:packet recv;
+ dontaudit $1 dhcpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive git_client packets.
+## Send and receive dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22020,14 +22463,14 @@ interface(`corenet_dontaudit_receive_git_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_git_client_packets',`
- corenet_send_git_client_packets($1)
- corenet_receive_git_client_packets($1)
+interface(`corenet_sendrecv_dhcpd_client_packets',`
+ corenet_send_dhcpd_client_packets($1)
+ corenet_receive_dhcpd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive git_client packets.
+## Do not audit attempts to send and receive dhcpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22036,14 +22479,14 @@ interface(`corenet_sendrecv_git_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_git_client_packets',`
- corenet_dontaudit_send_git_client_packets($1)
- corenet_dontaudit_receive_git_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dhcpd_client_packets',`
+ corenet_dontaudit_send_dhcpd_client_packets($1)
+ corenet_dontaudit_receive_dhcpd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to git_client the packet type.
+## Relabel packets to dhcpd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -22051,18 +22494,18 @@ interface(`corenet_dontaudit_sendrecv_git_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_git_client_packets',`
+interface(`corenet_relabelto_dhcpd_client_packets',`
gen_require(`
- type git_client_packet_t;
+ type dhcpd_client_packet_t;
')
- allow $1 git_client_packet_t:packet relabelto;
+ allow $1 dhcpd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send git_server packets.
+## Send dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22071,17 +22514,17 @@ interface(`corenet_relabelto_git_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_git_server_packets',`
+interface(`corenet_send_dhcpd_server_packets',`
gen_require(`
- type git_server_packet_t;
+ type dhcpd_server_packet_t;
')
- allow $1 git_server_packet_t:packet send;
+ allow $1 dhcpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send git_server packets.
+## Do not audit attempts to send dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22090,17 +22533,17 @@ interface(`corenet_send_git_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_git_server_packets',`
+interface(`corenet_dontaudit_send_dhcpd_server_packets',`
gen_require(`
- type git_server_packet_t;
+ type dhcpd_server_packet_t;
')
- dontaudit $1 git_server_packet_t:packet send;
+ dontaudit $1 dhcpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive git_server packets.
+## Receive dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22109,17 +22552,17 @@ interface(`corenet_dontaudit_send_git_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_git_server_packets',`
+interface(`corenet_receive_dhcpd_server_packets',`
gen_require(`
- type git_server_packet_t;
+ type dhcpd_server_packet_t;
')
- allow $1 git_server_packet_t:packet recv;
+ allow $1 dhcpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive git_server packets.
+## Do not audit attempts to receive dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22128,17 +22571,17 @@ interface(`corenet_receive_git_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_git_server_packets',`
+interface(`corenet_dontaudit_receive_dhcpd_server_packets',`
gen_require(`
- type git_server_packet_t;
+ type dhcpd_server_packet_t;
')
- dontaudit $1 git_server_packet_t:packet recv;
+ dontaudit $1 dhcpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive git_server packets.
+## Send and receive dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22147,14 +22590,14 @@ interface(`corenet_dontaudit_receive_git_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_git_server_packets',`
- corenet_send_git_server_packets($1)
- corenet_receive_git_server_packets($1)
+interface(`corenet_sendrecv_dhcpd_server_packets',`
+ corenet_send_dhcpd_server_packets($1)
+ corenet_receive_dhcpd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive git_server packets.
+## Do not audit attempts to send and receive dhcpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22163,14 +22606,14 @@ interface(`corenet_sendrecv_git_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_git_server_packets',`
- corenet_dontaudit_send_git_server_packets($1)
- corenet_dontaudit_receive_git_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dhcpd_server_packets',`
+ corenet_dontaudit_send_dhcpd_server_packets($1)
+ corenet_dontaudit_receive_dhcpd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to git_server the packet type.
+## Relabel packets to dhcpd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -22178,12 +22621,12 @@ interface(`corenet_dontaudit_sendrecv_git_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_git_server_packets',`
+interface(`corenet_relabelto_dhcpd_server_packets',`
gen_require(`
- type git_server_packet_t;
+ type dhcpd_server_packet_t;
')
- allow $1 git_server_packet_t:packet relabelto;
+ allow $1 dhcpd_server_packet_t:packet relabelto;
')
@@ -22191,7 +22634,7 @@ interface(`corenet_relabelto_git_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the glance_registry port.
+## Send and receive TCP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22200,17 +22643,17 @@ interface(`corenet_relabelto_git_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_glance_registry_port',`
+interface(`corenet_tcp_sendrecv_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dict_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the glance_registry port.
+## Send UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22219,17 +22662,17 @@ interface(`corenet_tcp_sendrecv_glance_registry_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_glance_registry_port',`
+interface(`corenet_udp_send_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:udp_socket send_msg;
+ allow $1 dict_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the glance_registry port.
+## Do not audit attempts to send UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22238,17 +22681,17 @@ interface(`corenet_udp_send_glance_registry_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_glance_registry_port',`
+interface(`corenet_dontaudit_udp_send_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- dontaudit $1 glance_registry_port_t:udp_socket send_msg;
+ dontaudit $1 dict_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the glance_registry port.
+## Receive UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22257,17 +22700,17 @@ interface(`corenet_dontaudit_udp_send_glance_registry_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_glance_registry_port',`
+interface(`corenet_udp_receive_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:udp_socket recv_msg;
+ allow $1 dict_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the glance_registry port.
+## Do not audit attempts to receive UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22276,17 +22719,17 @@ interface(`corenet_udp_receive_glance_registry_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_glance_registry_port',`
+interface(`corenet_dontaudit_udp_receive_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- dontaudit $1 glance_registry_port_t:udp_socket recv_msg;
+ dontaudit $1 dict_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the glance_registry port.
+## Send and receive UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22295,15 +22738,15 @@ interface(`corenet_dontaudit_udp_receive_glance_registry_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_glance_registry_port',`
- corenet_udp_send_glance_registry_port($1)
- corenet_udp_receive_glance_registry_port($1)
+interface(`corenet_udp_sendrecv_dict_port',`
+ corenet_udp_send_dict_port($1)
+ corenet_udp_receive_dict_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the glance_registry port.
+## UDP traffic on the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22312,14 +22755,14 @@ interface(`corenet_udp_sendrecv_glance_registry_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_glance_registry_port',`
- corenet_dontaudit_udp_send_glance_registry_port($1)
- corenet_dontaudit_udp_receive_glance_registry_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dict_port',`
+ corenet_dontaudit_udp_send_dict_port($1)
+ corenet_dontaudit_udp_receive_dict_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the glance_registry port.
+## Bind TCP sockets to the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22328,18 +22771,18 @@ interface(`corenet_dontaudit_udp_sendrecv_glance_registry_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_glance_registry_port',`
+interface(`corenet_tcp_bind_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:tcp_socket name_bind;
+ allow $1 dict_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the glance_registry port.
+## Bind UDP sockets to the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22348,18 +22791,18 @@ interface(`corenet_tcp_bind_glance_registry_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_glance_registry_port',`
+interface(`corenet_udp_bind_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:udp_socket name_bind;
+ allow $1 dict_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the glance_registry port.
+## Make a TCP connection to the dict port.
## </summary>
## <param name="domain">
## <summary>
@@ -22367,18 +22810,18 @@ interface(`corenet_udp_bind_glance_registry_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_glance_registry_port',`
+interface(`corenet_tcp_connect_dict_port',`
gen_require(`
- type glance_registry_port_t;
+ type dict_port_t;
')
- allow $1 glance_registry_port_t:tcp_socket name_connect;
+ allow $1 dict_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send glance_registry_client packets.
+## Send dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22387,17 +22830,17 @@ interface(`corenet_tcp_connect_glance_registry_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_glance_registry_client_packets',`
+interface(`corenet_send_dict_client_packets',`
gen_require(`
- type glance_registry_client_packet_t;
+ type dict_client_packet_t;
')
- allow $1 glance_registry_client_packet_t:packet send;
+ allow $1 dict_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send glance_registry_client packets.
+## Do not audit attempts to send dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22406,17 +22849,17 @@ interface(`corenet_send_glance_registry_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_glance_registry_client_packets',`
+interface(`corenet_dontaudit_send_dict_client_packets',`
gen_require(`
- type glance_registry_client_packet_t;
+ type dict_client_packet_t;
')
- dontaudit $1 glance_registry_client_packet_t:packet send;
+ dontaudit $1 dict_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive glance_registry_client packets.
+## Receive dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22425,17 +22868,17 @@ interface(`corenet_dontaudit_send_glance_registry_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_glance_registry_client_packets',`
+interface(`corenet_receive_dict_client_packets',`
gen_require(`
- type glance_registry_client_packet_t;
+ type dict_client_packet_t;
')
- allow $1 glance_registry_client_packet_t:packet recv;
+ allow $1 dict_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive glance_registry_client packets.
+## Do not audit attempts to receive dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22444,17 +22887,17 @@ interface(`corenet_receive_glance_registry_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_glance_registry_client_packets',`
+interface(`corenet_dontaudit_receive_dict_client_packets',`
gen_require(`
- type glance_registry_client_packet_t;
+ type dict_client_packet_t;
')
- dontaudit $1 glance_registry_client_packet_t:packet recv;
+ dontaudit $1 dict_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive glance_registry_client packets.
+## Send and receive dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22463,14 +22906,14 @@ interface(`corenet_dontaudit_receive_glance_registry_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_glance_registry_client_packets',`
- corenet_send_glance_registry_client_packets($1)
- corenet_receive_glance_registry_client_packets($1)
+interface(`corenet_sendrecv_dict_client_packets',`
+ corenet_send_dict_client_packets($1)
+ corenet_receive_dict_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive glance_registry_client packets.
+## Do not audit attempts to send and receive dict_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22479,14 +22922,14 @@ interface(`corenet_sendrecv_glance_registry_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_glance_registry_client_packets',`
- corenet_dontaudit_send_glance_registry_client_packets($1)
- corenet_dontaudit_receive_glance_registry_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dict_client_packets',`
+ corenet_dontaudit_send_dict_client_packets($1)
+ corenet_dontaudit_receive_dict_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to glance_registry_client the packet type.
+## Relabel packets to dict_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -22494,18 +22937,18 @@ interface(`corenet_dontaudit_sendrecv_glance_registry_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_glance_registry_client_packets',`
+interface(`corenet_relabelto_dict_client_packets',`
gen_require(`
- type glance_registry_client_packet_t;
+ type dict_client_packet_t;
')
- allow $1 glance_registry_client_packet_t:packet relabelto;
+ allow $1 dict_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send glance_registry_server packets.
+## Send dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22514,17 +22957,17 @@ interface(`corenet_relabelto_glance_registry_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_glance_registry_server_packets',`
+interface(`corenet_send_dict_server_packets',`
gen_require(`
- type glance_registry_server_packet_t;
+ type dict_server_packet_t;
')
- allow $1 glance_registry_server_packet_t:packet send;
+ allow $1 dict_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send glance_registry_server packets.
+## Do not audit attempts to send dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22533,17 +22976,17 @@ interface(`corenet_send_glance_registry_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_glance_registry_server_packets',`
+interface(`corenet_dontaudit_send_dict_server_packets',`
gen_require(`
- type glance_registry_server_packet_t;
+ type dict_server_packet_t;
')
- dontaudit $1 glance_registry_server_packet_t:packet send;
+ dontaudit $1 dict_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive glance_registry_server packets.
+## Receive dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22552,17 +22995,17 @@ interface(`corenet_dontaudit_send_glance_registry_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_glance_registry_server_packets',`
+interface(`corenet_receive_dict_server_packets',`
gen_require(`
- type glance_registry_server_packet_t;
+ type dict_server_packet_t;
')
- allow $1 glance_registry_server_packet_t:packet recv;
+ allow $1 dict_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive glance_registry_server packets.
+## Do not audit attempts to receive dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22571,17 +23014,17 @@ interface(`corenet_receive_glance_registry_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_glance_registry_server_packets',`
+interface(`corenet_dontaudit_receive_dict_server_packets',`
gen_require(`
- type glance_registry_server_packet_t;
+ type dict_server_packet_t;
')
- dontaudit $1 glance_registry_server_packet_t:packet recv;
+ dontaudit $1 dict_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive glance_registry_server packets.
+## Send and receive dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22590,14 +23033,14 @@ interface(`corenet_dontaudit_receive_glance_registry_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_glance_registry_server_packets',`
- corenet_send_glance_registry_server_packets($1)
- corenet_receive_glance_registry_server_packets($1)
+interface(`corenet_sendrecv_dict_server_packets',`
+ corenet_send_dict_server_packets($1)
+ corenet_receive_dict_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive glance_registry_server packets.
+## Do not audit attempts to send and receive dict_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22606,14 +23049,14 @@ interface(`corenet_sendrecv_glance_registry_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_glance_registry_server_packets',`
- corenet_dontaudit_send_glance_registry_server_packets($1)
- corenet_dontaudit_receive_glance_registry_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dict_server_packets',`
+ corenet_dontaudit_send_dict_server_packets($1)
+ corenet_dontaudit_receive_dict_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to glance_registry_server the packet type.
+## Relabel packets to dict_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -22621,12 +23064,12 @@ interface(`corenet_dontaudit_sendrecv_glance_registry_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_glance_registry_server_packets',`
+interface(`corenet_relabelto_dict_server_packets',`
gen_require(`
- type glance_registry_server_packet_t;
+ type dict_server_packet_t;
')
- allow $1 glance_registry_server_packet_t:packet relabelto;
+ allow $1 dict_server_packet_t:packet relabelto;
')
@@ -22634,7 +23077,7 @@ interface(`corenet_relabelto_glance_registry_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the gopher port.
+## Send and receive TCP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22643,17 +23086,17 @@ interface(`corenet_relabelto_glance_registry_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_gopher_port',`
+interface(`corenet_tcp_sendrecv_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 distccd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the gopher port.
+## Send UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22662,17 +23105,17 @@ interface(`corenet_tcp_sendrecv_gopher_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_gopher_port',`
+interface(`corenet_udp_send_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:udp_socket send_msg;
+ allow $1 distccd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the gopher port.
+## Do not audit attempts to send UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22681,17 +23124,17 @@ interface(`corenet_udp_send_gopher_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_gopher_port',`
+interface(`corenet_dontaudit_udp_send_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- dontaudit $1 gopher_port_t:udp_socket send_msg;
+ dontaudit $1 distccd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the gopher port.
+## Receive UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22700,17 +23143,17 @@ interface(`corenet_dontaudit_udp_send_gopher_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_gopher_port',`
+interface(`corenet_udp_receive_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:udp_socket recv_msg;
+ allow $1 distccd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the gopher port.
+## Do not audit attempts to receive UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22719,17 +23162,17 @@ interface(`corenet_udp_receive_gopher_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_gopher_port',`
+interface(`corenet_dontaudit_udp_receive_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- dontaudit $1 gopher_port_t:udp_socket recv_msg;
+ dontaudit $1 distccd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the gopher port.
+## Send and receive UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22738,15 +23181,15 @@ interface(`corenet_dontaudit_udp_receive_gopher_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_gopher_port',`
- corenet_udp_send_gopher_port($1)
- corenet_udp_receive_gopher_port($1)
+interface(`corenet_udp_sendrecv_distccd_port',`
+ corenet_udp_send_distccd_port($1)
+ corenet_udp_receive_distccd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the gopher port.
+## UDP traffic on the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22755,14 +23198,14 @@ interface(`corenet_udp_sendrecv_gopher_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_gopher_port',`
- corenet_dontaudit_udp_send_gopher_port($1)
- corenet_dontaudit_udp_receive_gopher_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_distccd_port',`
+ corenet_dontaudit_udp_send_distccd_port($1)
+ corenet_dontaudit_udp_receive_distccd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the gopher port.
+## Bind TCP sockets to the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22771,18 +23214,18 @@ interface(`corenet_dontaudit_udp_sendrecv_gopher_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_gopher_port',`
+interface(`corenet_tcp_bind_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 distccd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the gopher port.
+## Bind UDP sockets to the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22791,18 +23234,18 @@ interface(`corenet_tcp_bind_gopher_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_gopher_port',`
+interface(`corenet_udp_bind_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 distccd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the gopher port.
+## Make a TCP connection to the distccd port.
## </summary>
## <param name="domain">
## <summary>
@@ -22810,18 +23253,18 @@ interface(`corenet_udp_bind_gopher_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_gopher_port',`
+interface(`corenet_tcp_connect_distccd_port',`
gen_require(`
- type gopher_port_t;
+ type distccd_port_t;
')
- allow $1 gopher_port_t:tcp_socket name_connect;
+ allow $1 distccd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send gopher_client packets.
+## Send distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22830,17 +23273,17 @@ interface(`corenet_tcp_connect_gopher_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gopher_client_packets',`
+interface(`corenet_send_distccd_client_packets',`
gen_require(`
- type gopher_client_packet_t;
+ type distccd_client_packet_t;
')
- allow $1 gopher_client_packet_t:packet send;
+ allow $1 distccd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gopher_client packets.
+## Do not audit attempts to send distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22849,17 +23292,17 @@ interface(`corenet_send_gopher_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gopher_client_packets',`
+interface(`corenet_dontaudit_send_distccd_client_packets',`
gen_require(`
- type gopher_client_packet_t;
+ type distccd_client_packet_t;
')
- dontaudit $1 gopher_client_packet_t:packet send;
+ dontaudit $1 distccd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive gopher_client packets.
+## Receive distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22868,17 +23311,17 @@ interface(`corenet_dontaudit_send_gopher_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gopher_client_packets',`
+interface(`corenet_receive_distccd_client_packets',`
gen_require(`
- type gopher_client_packet_t;
+ type distccd_client_packet_t;
')
- allow $1 gopher_client_packet_t:packet recv;
+ allow $1 distccd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gopher_client packets.
+## Do not audit attempts to receive distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22887,17 +23330,17 @@ interface(`corenet_receive_gopher_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gopher_client_packets',`
+interface(`corenet_dontaudit_receive_distccd_client_packets',`
gen_require(`
- type gopher_client_packet_t;
+ type distccd_client_packet_t;
')
- dontaudit $1 gopher_client_packet_t:packet recv;
+ dontaudit $1 distccd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gopher_client packets.
+## Send and receive distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22906,14 +23349,14 @@ interface(`corenet_dontaudit_receive_gopher_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gopher_client_packets',`
- corenet_send_gopher_client_packets($1)
- corenet_receive_gopher_client_packets($1)
+interface(`corenet_sendrecv_distccd_client_packets',`
+ corenet_send_distccd_client_packets($1)
+ corenet_receive_distccd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gopher_client packets.
+## Do not audit attempts to send and receive distccd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22922,14 +23365,14 @@ interface(`corenet_sendrecv_gopher_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gopher_client_packets',`
- corenet_dontaudit_send_gopher_client_packets($1)
- corenet_dontaudit_receive_gopher_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_distccd_client_packets',`
+ corenet_dontaudit_send_distccd_client_packets($1)
+ corenet_dontaudit_receive_distccd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to gopher_client the packet type.
+## Relabel packets to distccd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -22937,18 +23380,18 @@ interface(`corenet_dontaudit_sendrecv_gopher_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gopher_client_packets',`
+interface(`corenet_relabelto_distccd_client_packets',`
gen_require(`
- type gopher_client_packet_t;
+ type distccd_client_packet_t;
')
- allow $1 gopher_client_packet_t:packet relabelto;
+ allow $1 distccd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send gopher_server packets.
+## Send distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22957,17 +23400,17 @@ interface(`corenet_relabelto_gopher_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gopher_server_packets',`
+interface(`corenet_send_distccd_server_packets',`
gen_require(`
- type gopher_server_packet_t;
+ type distccd_server_packet_t;
')
- allow $1 gopher_server_packet_t:packet send;
+ allow $1 distccd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gopher_server packets.
+## Do not audit attempts to send distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22976,17 +23419,17 @@ interface(`corenet_send_gopher_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gopher_server_packets',`
+interface(`corenet_dontaudit_send_distccd_server_packets',`
gen_require(`
- type gopher_server_packet_t;
+ type distccd_server_packet_t;
')
- dontaudit $1 gopher_server_packet_t:packet send;
+ dontaudit $1 distccd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive gopher_server packets.
+## Receive distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -22995,17 +23438,17 @@ interface(`corenet_dontaudit_send_gopher_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gopher_server_packets',`
+interface(`corenet_receive_distccd_server_packets',`
gen_require(`
- type gopher_server_packet_t;
+ type distccd_server_packet_t;
')
- allow $1 gopher_server_packet_t:packet recv;
+ allow $1 distccd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gopher_server packets.
+## Do not audit attempts to receive distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23014,17 +23457,17 @@ interface(`corenet_receive_gopher_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gopher_server_packets',`
+interface(`corenet_dontaudit_receive_distccd_server_packets',`
gen_require(`
- type gopher_server_packet_t;
+ type distccd_server_packet_t;
')
- dontaudit $1 gopher_server_packet_t:packet recv;
+ dontaudit $1 distccd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gopher_server packets.
+## Send and receive distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23033,14 +23476,14 @@ interface(`corenet_dontaudit_receive_gopher_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gopher_server_packets',`
- corenet_send_gopher_server_packets($1)
- corenet_receive_gopher_server_packets($1)
+interface(`corenet_sendrecv_distccd_server_packets',`
+ corenet_send_distccd_server_packets($1)
+ corenet_receive_distccd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gopher_server packets.
+## Do not audit attempts to send and receive distccd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23049,14 +23492,14 @@ interface(`corenet_sendrecv_gopher_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gopher_server_packets',`
- corenet_dontaudit_send_gopher_server_packets($1)
- corenet_dontaudit_receive_gopher_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_distccd_server_packets',`
+ corenet_dontaudit_send_distccd_server_packets($1)
+ corenet_dontaudit_receive_distccd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to gopher_server the packet type.
+## Relabel packets to distccd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -23064,12 +23507,12 @@ interface(`corenet_dontaudit_sendrecv_gopher_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gopher_server_packets',`
+interface(`corenet_relabelto_distccd_server_packets',`
gen_require(`
- type gopher_server_packet_t;
+ type distccd_server_packet_t;
')
- allow $1 gopher_server_packet_t:packet relabelto;
+ allow $1 distccd_server_packet_t:packet relabelto;
')
@@ -23077,7 +23520,7 @@ interface(`corenet_relabelto_gopher_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the gpsd port.
+## Send and receive TCP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23086,17 +23529,17 @@ interface(`corenet_relabelto_gopher_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_gpsd_port',`
+interface(`corenet_tcp_sendrecv_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 dns_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the gpsd port.
+## Send UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23105,17 +23548,17 @@ interface(`corenet_tcp_sendrecv_gpsd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_gpsd_port',`
+interface(`corenet_udp_send_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:udp_socket send_msg;
+ allow $1 dns_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the gpsd port.
+## Do not audit attempts to send UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23124,17 +23567,17 @@ interface(`corenet_udp_send_gpsd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_gpsd_port',`
+interface(`corenet_dontaudit_udp_send_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- dontaudit $1 gpsd_port_t:udp_socket send_msg;
+ dontaudit $1 dns_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the gpsd port.
+## Receive UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23143,17 +23586,17 @@ interface(`corenet_dontaudit_udp_send_gpsd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_gpsd_port',`
+interface(`corenet_udp_receive_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:udp_socket recv_msg;
+ allow $1 dns_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the gpsd port.
+## Do not audit attempts to receive UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23162,17 +23605,17 @@ interface(`corenet_udp_receive_gpsd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_gpsd_port',`
+interface(`corenet_dontaudit_udp_receive_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- dontaudit $1 gpsd_port_t:udp_socket recv_msg;
+ dontaudit $1 dns_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the gpsd port.
+## Send and receive UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23181,15 +23624,15 @@ interface(`corenet_dontaudit_udp_receive_gpsd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_gpsd_port',`
- corenet_udp_send_gpsd_port($1)
- corenet_udp_receive_gpsd_port($1)
+interface(`corenet_udp_sendrecv_dns_port',`
+ corenet_udp_send_dns_port($1)
+ corenet_udp_receive_dns_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the gpsd port.
+## UDP traffic on the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23198,14 +23641,14 @@ interface(`corenet_udp_sendrecv_gpsd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_gpsd_port',`
- corenet_dontaudit_udp_send_gpsd_port($1)
- corenet_dontaudit_udp_receive_gpsd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_dns_port',`
+ corenet_dontaudit_udp_send_dns_port($1)
+ corenet_dontaudit_udp_receive_dns_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the gpsd port.
+## Bind TCP sockets to the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23214,18 +23657,18 @@ interface(`corenet_dontaudit_udp_sendrecv_gpsd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_gpsd_port',`
+interface(`corenet_tcp_bind_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:tcp_socket name_bind;
-
+ allow $1 dns_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the gpsd port.
+## Bind UDP sockets to the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23234,18 +23677,18 @@ interface(`corenet_tcp_bind_gpsd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_gpsd_port',`
+interface(`corenet_udp_bind_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:udp_socket name_bind;
-
+ allow $1 dns_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the gpsd port.
+## Make a TCP connection to the dns port.
## </summary>
## <param name="domain">
## <summary>
@@ -23253,18 +23696,18 @@ interface(`corenet_udp_bind_gpsd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_gpsd_port',`
+interface(`corenet_tcp_connect_dns_port',`
gen_require(`
- type gpsd_port_t;
+ type dns_port_t;
')
- allow $1 gpsd_port_t:tcp_socket name_connect;
+ allow $1 dns_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send gpsd_client packets.
+## Send dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23273,17 +23716,17 @@ interface(`corenet_tcp_connect_gpsd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gpsd_client_packets',`
+interface(`corenet_send_dns_client_packets',`
gen_require(`
- type gpsd_client_packet_t;
+ type dns_client_packet_t;
')
- allow $1 gpsd_client_packet_t:packet send;
+ allow $1 dns_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gpsd_client packets.
+## Do not audit attempts to send dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23292,17 +23735,17 @@ interface(`corenet_send_gpsd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gpsd_client_packets',`
+interface(`corenet_dontaudit_send_dns_client_packets',`
gen_require(`
- type gpsd_client_packet_t;
+ type dns_client_packet_t;
')
- dontaudit $1 gpsd_client_packet_t:packet send;
+ dontaudit $1 dns_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive gpsd_client packets.
+## Receive dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23311,17 +23754,17 @@ interface(`corenet_dontaudit_send_gpsd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gpsd_client_packets',`
+interface(`corenet_receive_dns_client_packets',`
gen_require(`
- type gpsd_client_packet_t;
+ type dns_client_packet_t;
')
- allow $1 gpsd_client_packet_t:packet recv;
+ allow $1 dns_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gpsd_client packets.
+## Do not audit attempts to receive dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23330,17 +23773,17 @@ interface(`corenet_receive_gpsd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gpsd_client_packets',`
+interface(`corenet_dontaudit_receive_dns_client_packets',`
gen_require(`
- type gpsd_client_packet_t;
+ type dns_client_packet_t;
')
- dontaudit $1 gpsd_client_packet_t:packet recv;
+ dontaudit $1 dns_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gpsd_client packets.
+## Send and receive dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23349,14 +23792,14 @@ interface(`corenet_dontaudit_receive_gpsd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gpsd_client_packets',`
- corenet_send_gpsd_client_packets($1)
- corenet_receive_gpsd_client_packets($1)
+interface(`corenet_sendrecv_dns_client_packets',`
+ corenet_send_dns_client_packets($1)
+ corenet_receive_dns_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gpsd_client packets.
+## Do not audit attempts to send and receive dns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23365,14 +23808,14 @@ interface(`corenet_sendrecv_gpsd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gpsd_client_packets',`
- corenet_dontaudit_send_gpsd_client_packets($1)
- corenet_dontaudit_receive_gpsd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_dns_client_packets',`
+ corenet_dontaudit_send_dns_client_packets($1)
+ corenet_dontaudit_receive_dns_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to gpsd_client the packet type.
+## Relabel packets to dns_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -23380,18 +23823,18 @@ interface(`corenet_dontaudit_sendrecv_gpsd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gpsd_client_packets',`
+interface(`corenet_relabelto_dns_client_packets',`
gen_require(`
- type gpsd_client_packet_t;
+ type dns_client_packet_t;
')
- allow $1 gpsd_client_packet_t:packet relabelto;
+ allow $1 dns_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send gpsd_server packets.
+## Send dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23400,17 +23843,17 @@ interface(`corenet_relabelto_gpsd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_gpsd_server_packets',`
+interface(`corenet_send_dns_server_packets',`
gen_require(`
- type gpsd_server_packet_t;
+ type dns_server_packet_t;
')
- allow $1 gpsd_server_packet_t:packet send;
+ allow $1 dns_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send gpsd_server packets.
+## Do not audit attempts to send dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23419,17 +23862,17 @@ interface(`corenet_send_gpsd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_gpsd_server_packets',`
+interface(`corenet_dontaudit_send_dns_server_packets',`
gen_require(`
- type gpsd_server_packet_t;
+ type dns_server_packet_t;
')
- dontaudit $1 gpsd_server_packet_t:packet send;
+ dontaudit $1 dns_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive gpsd_server packets.
+## Receive dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23438,17 +23881,17 @@ interface(`corenet_dontaudit_send_gpsd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_gpsd_server_packets',`
+interface(`corenet_receive_dns_server_packets',`
gen_require(`
- type gpsd_server_packet_t;
+ type dns_server_packet_t;
')
- allow $1 gpsd_server_packet_t:packet recv;
+ allow $1 dns_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive gpsd_server packets.
+## Do not audit attempts to receive dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23457,17 +23900,17 @@ interface(`corenet_receive_gpsd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_gpsd_server_packets',`
+interface(`corenet_dontaudit_receive_dns_server_packets',`
gen_require(`
- type gpsd_server_packet_t;
+ type dns_server_packet_t;
')
- dontaudit $1 gpsd_server_packet_t:packet recv;
+ dontaudit $1 dns_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive gpsd_server packets.
+## Send and receive dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23476,14 +23919,14 @@ interface(`corenet_dontaudit_receive_gpsd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_gpsd_server_packets',`
- corenet_send_gpsd_server_packets($1)
- corenet_receive_gpsd_server_packets($1)
+interface(`corenet_sendrecv_dns_server_packets',`
+ corenet_send_dns_server_packets($1)
+ corenet_receive_dns_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive gpsd_server packets.
+## Do not audit attempts to send and receive dns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23492,14 +23935,14 @@ interface(`corenet_sendrecv_gpsd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_gpsd_server_packets',`
- corenet_dontaudit_send_gpsd_server_packets($1)
- corenet_dontaudit_receive_gpsd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_dns_server_packets',`
+ corenet_dontaudit_send_dns_server_packets($1)
+ corenet_dontaudit_receive_dns_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to gpsd_server the packet type.
+## Relabel packets to dns_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -23507,12 +23950,12 @@ interface(`corenet_dontaudit_sendrecv_gpsd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_gpsd_server_packets',`
+interface(`corenet_relabelto_dns_server_packets',`
gen_require(`
- type gpsd_server_packet_t;
+ type dns_server_packet_t;
')
- allow $1 gpsd_server_packet_t:packet relabelto;
+ allow $1 dns_server_packet_t:packet relabelto;
')
@@ -23520,7 +23963,7 @@ interface(`corenet_relabelto_gpsd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the hadoop_datanode port.
+## Send and receive TCP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23529,17 +23972,17 @@ interface(`corenet_relabelto_gpsd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_hadoop_datanode_port',`
+interface(`corenet_tcp_sendrecv_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 efs_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the hadoop_datanode port.
+## Send UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23548,17 +23991,17 @@ interface(`corenet_tcp_sendrecv_hadoop_datanode_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_hadoop_datanode_port',`
+interface(`corenet_udp_send_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:udp_socket send_msg;
+ allow $1 efs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the hadoop_datanode port.
+## Do not audit attempts to send UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23567,17 +24010,17 @@ interface(`corenet_udp_send_hadoop_datanode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_hadoop_datanode_port',`
+interface(`corenet_dontaudit_udp_send_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- dontaudit $1 hadoop_datanode_port_t:udp_socket send_msg;
+ dontaudit $1 efs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the hadoop_datanode port.
+## Receive UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23586,17 +24029,17 @@ interface(`corenet_dontaudit_udp_send_hadoop_datanode_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_hadoop_datanode_port',`
+interface(`corenet_udp_receive_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:udp_socket recv_msg;
+ allow $1 efs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the hadoop_datanode port.
+## Do not audit attempts to receive UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23605,17 +24048,17 @@ interface(`corenet_udp_receive_hadoop_datanode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_hadoop_datanode_port',`
+interface(`corenet_dontaudit_udp_receive_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- dontaudit $1 hadoop_datanode_port_t:udp_socket recv_msg;
+ dontaudit $1 efs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the hadoop_datanode port.
+## Send and receive UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23624,15 +24067,15 @@ interface(`corenet_dontaudit_udp_receive_hadoop_datanode_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_hadoop_datanode_port',`
- corenet_udp_send_hadoop_datanode_port($1)
- corenet_udp_receive_hadoop_datanode_port($1)
+interface(`corenet_udp_sendrecv_efs_port',`
+ corenet_udp_send_efs_port($1)
+ corenet_udp_receive_efs_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the hadoop_datanode port.
+## UDP traffic on the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23641,14 +24084,14 @@ interface(`corenet_udp_sendrecv_hadoop_datanode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_hadoop_datanode_port',`
- corenet_dontaudit_udp_send_hadoop_datanode_port($1)
- corenet_dontaudit_udp_receive_hadoop_datanode_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_efs_port',`
+ corenet_dontaudit_udp_send_efs_port($1)
+ corenet_dontaudit_udp_receive_efs_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the hadoop_datanode port.
+## Bind TCP sockets to the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23657,18 +24100,18 @@ interface(`corenet_dontaudit_udp_sendrecv_hadoop_datanode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_hadoop_datanode_port',`
+interface(`corenet_tcp_bind_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:tcp_socket name_bind;
-
+ allow $1 efs_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the hadoop_datanode port.
+## Bind UDP sockets to the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23677,18 +24120,18 @@ interface(`corenet_tcp_bind_hadoop_datanode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_hadoop_datanode_port',`
+interface(`corenet_udp_bind_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:udp_socket name_bind;
-
+ allow $1 efs_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the hadoop_datanode port.
+## Make a TCP connection to the efs port.
## </summary>
## <param name="domain">
## <summary>
@@ -23696,18 +24139,18 @@ interface(`corenet_udp_bind_hadoop_datanode_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_hadoop_datanode_port',`
+interface(`corenet_tcp_connect_efs_port',`
gen_require(`
- type hadoop_datanode_port_t;
+ type efs_port_t;
')
- allow $1 hadoop_datanode_port_t:tcp_socket name_connect;
+ allow $1 efs_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send hadoop_datanode_client packets.
+## Send efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23716,17 +24159,17 @@ interface(`corenet_tcp_connect_hadoop_datanode_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hadoop_datanode_client_packets',`
+interface(`corenet_send_efs_client_packets',`
gen_require(`
- type hadoop_datanode_client_packet_t;
+ type efs_client_packet_t;
')
- allow $1 hadoop_datanode_client_packet_t:packet send;
+ allow $1 efs_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hadoop_datanode_client packets.
+## Do not audit attempts to send efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23735,17 +24178,17 @@ interface(`corenet_send_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hadoop_datanode_client_packets',`
+interface(`corenet_dontaudit_send_efs_client_packets',`
gen_require(`
- type hadoop_datanode_client_packet_t;
+ type efs_client_packet_t;
')
- dontaudit $1 hadoop_datanode_client_packet_t:packet send;
+ dontaudit $1 efs_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive hadoop_datanode_client packets.
+## Receive efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23754,17 +24197,17 @@ interface(`corenet_dontaudit_send_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hadoop_datanode_client_packets',`
+interface(`corenet_receive_efs_client_packets',`
gen_require(`
- type hadoop_datanode_client_packet_t;
+ type efs_client_packet_t;
')
- allow $1 hadoop_datanode_client_packet_t:packet recv;
+ allow $1 efs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hadoop_datanode_client packets.
+## Do not audit attempts to receive efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23773,17 +24216,17 @@ interface(`corenet_receive_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hadoop_datanode_client_packets',`
+interface(`corenet_dontaudit_receive_efs_client_packets',`
gen_require(`
- type hadoop_datanode_client_packet_t;
+ type efs_client_packet_t;
')
- dontaudit $1 hadoop_datanode_client_packet_t:packet recv;
+ dontaudit $1 efs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hadoop_datanode_client packets.
+## Send and receive efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23792,14 +24235,14 @@ interface(`corenet_dontaudit_receive_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hadoop_datanode_client_packets',`
- corenet_send_hadoop_datanode_client_packets($1)
- corenet_receive_hadoop_datanode_client_packets($1)
+interface(`corenet_sendrecv_efs_client_packets',`
+ corenet_send_efs_client_packets($1)
+ corenet_receive_efs_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hadoop_datanode_client packets.
+## Do not audit attempts to send and receive efs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23808,14 +24251,14 @@ interface(`corenet_sendrecv_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hadoop_datanode_client_packets',`
- corenet_dontaudit_send_hadoop_datanode_client_packets($1)
- corenet_dontaudit_receive_hadoop_datanode_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_efs_client_packets',`
+ corenet_dontaudit_send_efs_client_packets($1)
+ corenet_dontaudit_receive_efs_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to hadoop_datanode_client the packet type.
+## Relabel packets to efs_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -23823,18 +24266,18 @@ interface(`corenet_dontaudit_sendrecv_hadoop_datanode_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hadoop_datanode_client_packets',`
+interface(`corenet_relabelto_efs_client_packets',`
gen_require(`
- type hadoop_datanode_client_packet_t;
+ type efs_client_packet_t;
')
- allow $1 hadoop_datanode_client_packet_t:packet relabelto;
+ allow $1 efs_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send hadoop_datanode_server packets.
+## Send efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23843,17 +24286,17 @@ interface(`corenet_relabelto_hadoop_datanode_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hadoop_datanode_server_packets',`
+interface(`corenet_send_efs_server_packets',`
gen_require(`
- type hadoop_datanode_server_packet_t;
+ type efs_server_packet_t;
')
- allow $1 hadoop_datanode_server_packet_t:packet send;
+ allow $1 efs_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hadoop_datanode_server packets.
+## Do not audit attempts to send efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23862,17 +24305,17 @@ interface(`corenet_send_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hadoop_datanode_server_packets',`
+interface(`corenet_dontaudit_send_efs_server_packets',`
gen_require(`
- type hadoop_datanode_server_packet_t;
+ type efs_server_packet_t;
')
- dontaudit $1 hadoop_datanode_server_packet_t:packet send;
+ dontaudit $1 efs_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive hadoop_datanode_server packets.
+## Receive efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23881,17 +24324,17 @@ interface(`corenet_dontaudit_send_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hadoop_datanode_server_packets',`
+interface(`corenet_receive_efs_server_packets',`
gen_require(`
- type hadoop_datanode_server_packet_t;
+ type efs_server_packet_t;
')
- allow $1 hadoop_datanode_server_packet_t:packet recv;
+ allow $1 efs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hadoop_datanode_server packets.
+## Do not audit attempts to receive efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23900,17 +24343,17 @@ interface(`corenet_receive_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hadoop_datanode_server_packets',`
+interface(`corenet_dontaudit_receive_efs_server_packets',`
gen_require(`
- type hadoop_datanode_server_packet_t;
+ type efs_server_packet_t;
')
- dontaudit $1 hadoop_datanode_server_packet_t:packet recv;
+ dontaudit $1 efs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hadoop_datanode_server packets.
+## Send and receive efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23919,14 +24362,14 @@ interface(`corenet_dontaudit_receive_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hadoop_datanode_server_packets',`
- corenet_send_hadoop_datanode_server_packets($1)
- corenet_receive_hadoop_datanode_server_packets($1)
+interface(`corenet_sendrecv_efs_server_packets',`
+ corenet_send_efs_server_packets($1)
+ corenet_receive_efs_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hadoop_datanode_server packets.
+## Do not audit attempts to send and receive efs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -23935,14 +24378,14 @@ interface(`corenet_sendrecv_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hadoop_datanode_server_packets',`
- corenet_dontaudit_send_hadoop_datanode_server_packets($1)
- corenet_dontaudit_receive_hadoop_datanode_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_efs_server_packets',`
+ corenet_dontaudit_send_efs_server_packets($1)
+ corenet_dontaudit_receive_efs_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to hadoop_datanode_server the packet type.
+## Relabel packets to efs_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -23950,12 +24393,12 @@ interface(`corenet_dontaudit_sendrecv_hadoop_datanode_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hadoop_datanode_server_packets',`
+interface(`corenet_relabelto_efs_server_packets',`
gen_require(`
- type hadoop_datanode_server_packet_t;
+ type efs_server_packet_t;
')
- allow $1 hadoop_datanode_server_packet_t:packet relabelto;
+ allow $1 efs_server_packet_t:packet relabelto;
')
@@ -23963,7 +24406,7 @@ interface(`corenet_relabelto_hadoop_datanode_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the hadoop_namenode port.
+## Send and receive TCP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -23972,17 +24415,17 @@ interface(`corenet_relabelto_hadoop_datanode_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_hadoop_namenode_port',`
+interface(`corenet_tcp_sendrecv_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 embrace_dp_c_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the hadoop_namenode port.
+## Send UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -23991,17 +24434,17 @@ interface(`corenet_tcp_sendrecv_hadoop_namenode_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_hadoop_namenode_port',`
+interface(`corenet_udp_send_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:udp_socket send_msg;
+ allow $1 embrace_dp_c_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the hadoop_namenode port.
+## Do not audit attempts to send UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24010,17 +24453,17 @@ interface(`corenet_udp_send_hadoop_namenode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_hadoop_namenode_port',`
+interface(`corenet_dontaudit_udp_send_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- dontaudit $1 hadoop_namenode_port_t:udp_socket send_msg;
+ dontaudit $1 embrace_dp_c_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the hadoop_namenode port.
+## Receive UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24029,17 +24472,17 @@ interface(`corenet_dontaudit_udp_send_hadoop_namenode_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_hadoop_namenode_port',`
+interface(`corenet_udp_receive_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:udp_socket recv_msg;
+ allow $1 embrace_dp_c_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the hadoop_namenode port.
+## Do not audit attempts to receive UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24048,17 +24491,17 @@ interface(`corenet_udp_receive_hadoop_namenode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_hadoop_namenode_port',`
+interface(`corenet_dontaudit_udp_receive_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- dontaudit $1 hadoop_namenode_port_t:udp_socket recv_msg;
+ dontaudit $1 embrace_dp_c_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the hadoop_namenode port.
+## Send and receive UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24067,15 +24510,15 @@ interface(`corenet_dontaudit_udp_receive_hadoop_namenode_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_hadoop_namenode_port',`
- corenet_udp_send_hadoop_namenode_port($1)
- corenet_udp_receive_hadoop_namenode_port($1)
+interface(`corenet_udp_sendrecv_embrace_dp_c_port',`
+ corenet_udp_send_embrace_dp_c_port($1)
+ corenet_udp_receive_embrace_dp_c_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the hadoop_namenode port.
+## UDP traffic on the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24084,14 +24527,14 @@ interface(`corenet_udp_sendrecv_hadoop_namenode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_hadoop_namenode_port',`
- corenet_dontaudit_udp_send_hadoop_namenode_port($1)
- corenet_dontaudit_udp_receive_hadoop_namenode_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_embrace_dp_c_port',`
+ corenet_dontaudit_udp_send_embrace_dp_c_port($1)
+ corenet_dontaudit_udp_receive_embrace_dp_c_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the hadoop_namenode port.
+## Bind TCP sockets to the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24100,18 +24543,18 @@ interface(`corenet_dontaudit_udp_sendrecv_hadoop_namenode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_hadoop_namenode_port',`
+interface(`corenet_tcp_bind_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:tcp_socket name_bind;
+ allow $1 embrace_dp_c_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the hadoop_namenode port.
+## Bind UDP sockets to the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24120,18 +24563,18 @@ interface(`corenet_tcp_bind_hadoop_namenode_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_hadoop_namenode_port',`
+interface(`corenet_udp_bind_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:udp_socket name_bind;
+ allow $1 embrace_dp_c_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the hadoop_namenode port.
+## Make a TCP connection to the embrace_dp_c port.
## </summary>
## <param name="domain">
## <summary>
@@ -24139,18 +24582,18 @@ interface(`corenet_udp_bind_hadoop_namenode_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_hadoop_namenode_port',`
+interface(`corenet_tcp_connect_embrace_dp_c_port',`
gen_require(`
- type hadoop_namenode_port_t;
+ type embrace_dp_c_port_t;
')
- allow $1 hadoop_namenode_port_t:tcp_socket name_connect;
+ allow $1 embrace_dp_c_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send hadoop_namenode_client packets.
+## Send embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24159,17 +24602,17 @@ interface(`corenet_tcp_connect_hadoop_namenode_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hadoop_namenode_client_packets',`
+interface(`corenet_send_embrace_dp_c_client_packets',`
gen_require(`
- type hadoop_namenode_client_packet_t;
+ type embrace_dp_c_client_packet_t;
')
- allow $1 hadoop_namenode_client_packet_t:packet send;
+ allow $1 embrace_dp_c_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hadoop_namenode_client packets.
+## Do not audit attempts to send embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24178,17 +24621,17 @@ interface(`corenet_send_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hadoop_namenode_client_packets',`
+interface(`corenet_dontaudit_send_embrace_dp_c_client_packets',`
gen_require(`
- type hadoop_namenode_client_packet_t;
+ type embrace_dp_c_client_packet_t;
')
- dontaudit $1 hadoop_namenode_client_packet_t:packet send;
+ dontaudit $1 embrace_dp_c_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive hadoop_namenode_client packets.
+## Receive embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24197,17 +24640,17 @@ interface(`corenet_dontaudit_send_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hadoop_namenode_client_packets',`
+interface(`corenet_receive_embrace_dp_c_client_packets',`
gen_require(`
- type hadoop_namenode_client_packet_t;
+ type embrace_dp_c_client_packet_t;
')
- allow $1 hadoop_namenode_client_packet_t:packet recv;
+ allow $1 embrace_dp_c_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hadoop_namenode_client packets.
+## Do not audit attempts to receive embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24216,17 +24659,17 @@ interface(`corenet_receive_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hadoop_namenode_client_packets',`
+interface(`corenet_dontaudit_receive_embrace_dp_c_client_packets',`
gen_require(`
- type hadoop_namenode_client_packet_t;
+ type embrace_dp_c_client_packet_t;
')
- dontaudit $1 hadoop_namenode_client_packet_t:packet recv;
+ dontaudit $1 embrace_dp_c_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hadoop_namenode_client packets.
+## Send and receive embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24235,14 +24678,14 @@ interface(`corenet_dontaudit_receive_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hadoop_namenode_client_packets',`
- corenet_send_hadoop_namenode_client_packets($1)
- corenet_receive_hadoop_namenode_client_packets($1)
+interface(`corenet_sendrecv_embrace_dp_c_client_packets',`
+ corenet_send_embrace_dp_c_client_packets($1)
+ corenet_receive_embrace_dp_c_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hadoop_namenode_client packets.
+## Do not audit attempts to send and receive embrace_dp_c_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24251,14 +24694,14 @@ interface(`corenet_sendrecv_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hadoop_namenode_client_packets',`
- corenet_dontaudit_send_hadoop_namenode_client_packets($1)
- corenet_dontaudit_receive_hadoop_namenode_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_embrace_dp_c_client_packets',`
+ corenet_dontaudit_send_embrace_dp_c_client_packets($1)
+ corenet_dontaudit_receive_embrace_dp_c_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to hadoop_namenode_client the packet type.
+## Relabel packets to embrace_dp_c_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -24266,18 +24709,18 @@ interface(`corenet_dontaudit_sendrecv_hadoop_namenode_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hadoop_namenode_client_packets',`
+interface(`corenet_relabelto_embrace_dp_c_client_packets',`
gen_require(`
- type hadoop_namenode_client_packet_t;
+ type embrace_dp_c_client_packet_t;
')
- allow $1 hadoop_namenode_client_packet_t:packet relabelto;
+ allow $1 embrace_dp_c_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send hadoop_namenode_server packets.
+## Send embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24286,17 +24729,17 @@ interface(`corenet_relabelto_hadoop_namenode_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hadoop_namenode_server_packets',`
+interface(`corenet_send_embrace_dp_c_server_packets',`
gen_require(`
- type hadoop_namenode_server_packet_t;
+ type embrace_dp_c_server_packet_t;
')
- allow $1 hadoop_namenode_server_packet_t:packet send;
+ allow $1 embrace_dp_c_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hadoop_namenode_server packets.
+## Do not audit attempts to send embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24305,17 +24748,17 @@ interface(`corenet_send_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hadoop_namenode_server_packets',`
+interface(`corenet_dontaudit_send_embrace_dp_c_server_packets',`
gen_require(`
- type hadoop_namenode_server_packet_t;
+ type embrace_dp_c_server_packet_t;
')
- dontaudit $1 hadoop_namenode_server_packet_t:packet send;
+ dontaudit $1 embrace_dp_c_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive hadoop_namenode_server packets.
+## Receive embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24324,17 +24767,17 @@ interface(`corenet_dontaudit_send_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hadoop_namenode_server_packets',`
+interface(`corenet_receive_embrace_dp_c_server_packets',`
gen_require(`
- type hadoop_namenode_server_packet_t;
+ type embrace_dp_c_server_packet_t;
')
- allow $1 hadoop_namenode_server_packet_t:packet recv;
+ allow $1 embrace_dp_c_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hadoop_namenode_server packets.
+## Do not audit attempts to receive embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24343,17 +24786,17 @@ interface(`corenet_receive_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hadoop_namenode_server_packets',`
+interface(`corenet_dontaudit_receive_embrace_dp_c_server_packets',`
gen_require(`
- type hadoop_namenode_server_packet_t;
+ type embrace_dp_c_server_packet_t;
')
- dontaudit $1 hadoop_namenode_server_packet_t:packet recv;
+ dontaudit $1 embrace_dp_c_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hadoop_namenode_server packets.
+## Send and receive embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24362,14 +24805,14 @@ interface(`corenet_dontaudit_receive_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hadoop_namenode_server_packets',`
- corenet_send_hadoop_namenode_server_packets($1)
- corenet_receive_hadoop_namenode_server_packets($1)
+interface(`corenet_sendrecv_embrace_dp_c_server_packets',`
+ corenet_send_embrace_dp_c_server_packets($1)
+ corenet_receive_embrace_dp_c_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hadoop_namenode_server packets.
+## Do not audit attempts to send and receive embrace_dp_c_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24378,14 +24821,14 @@ interface(`corenet_sendrecv_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hadoop_namenode_server_packets',`
- corenet_dontaudit_send_hadoop_namenode_server_packets($1)
- corenet_dontaudit_receive_hadoop_namenode_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_embrace_dp_c_server_packets',`
+ corenet_dontaudit_send_embrace_dp_c_server_packets($1)
+ corenet_dontaudit_receive_embrace_dp_c_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to hadoop_namenode_server the packet type.
+## Relabel packets to embrace_dp_c_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -24393,12 +24836,12 @@ interface(`corenet_dontaudit_sendrecv_hadoop_namenode_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hadoop_namenode_server_packets',`
+interface(`corenet_relabelto_embrace_dp_c_server_packets',`
gen_require(`
- type hadoop_namenode_server_packet_t;
+ type embrace_dp_c_server_packet_t;
')
- allow $1 hadoop_namenode_server_packet_t:packet relabelto;
+ allow $1 embrace_dp_c_server_packet_t:packet relabelto;
')
@@ -24406,7 +24849,7 @@ interface(`corenet_relabelto_hadoop_namenode_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the hddtemp port.
+## Send and receive TCP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24415,17 +24858,17 @@ interface(`corenet_relabelto_hadoop_namenode_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_hddtemp_port',`
+interface(`corenet_tcp_sendrecv_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 epmap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the hddtemp port.
+## Send UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24434,17 +24877,17 @@ interface(`corenet_tcp_sendrecv_hddtemp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_hddtemp_port',`
+interface(`corenet_udp_send_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:udp_socket send_msg;
+ allow $1 epmap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the hddtemp port.
+## Do not audit attempts to send UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24453,17 +24896,17 @@ interface(`corenet_udp_send_hddtemp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_hddtemp_port',`
+interface(`corenet_dontaudit_udp_send_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- dontaudit $1 hddtemp_port_t:udp_socket send_msg;
+ dontaudit $1 epmap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the hddtemp port.
+## Receive UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24472,17 +24915,17 @@ interface(`corenet_dontaudit_udp_send_hddtemp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_hddtemp_port',`
+interface(`corenet_udp_receive_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:udp_socket recv_msg;
+ allow $1 epmap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the hddtemp port.
+## Do not audit attempts to receive UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24491,17 +24934,17 @@ interface(`corenet_udp_receive_hddtemp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_hddtemp_port',`
+interface(`corenet_dontaudit_udp_receive_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- dontaudit $1 hddtemp_port_t:udp_socket recv_msg;
+ dontaudit $1 epmap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the hddtemp port.
+## Send and receive UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24510,15 +24953,15 @@ interface(`corenet_dontaudit_udp_receive_hddtemp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_hddtemp_port',`
- corenet_udp_send_hddtemp_port($1)
- corenet_udp_receive_hddtemp_port($1)
+interface(`corenet_udp_sendrecv_epmap_port',`
+ corenet_udp_send_epmap_port($1)
+ corenet_udp_receive_epmap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the hddtemp port.
+## UDP traffic on the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24527,14 +24970,14 @@ interface(`corenet_udp_sendrecv_hddtemp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_hddtemp_port',`
- corenet_dontaudit_udp_send_hddtemp_port($1)
- corenet_dontaudit_udp_receive_hddtemp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_epmap_port',`
+ corenet_dontaudit_udp_send_epmap_port($1)
+ corenet_dontaudit_udp_receive_epmap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the hddtemp port.
+## Bind TCP sockets to the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24543,18 +24986,18 @@ interface(`corenet_dontaudit_udp_sendrecv_hddtemp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_hddtemp_port',`
+interface(`corenet_tcp_bind_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:tcp_socket name_bind;
-
+ allow $1 epmap_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the hddtemp port.
+## Bind UDP sockets to the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24563,18 +25006,18 @@ interface(`corenet_tcp_bind_hddtemp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_hddtemp_port',`
+interface(`corenet_udp_bind_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:udp_socket name_bind;
-
+ allow $1 epmap_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the hddtemp port.
+## Make a TCP connection to the epmap port.
## </summary>
## <param name="domain">
## <summary>
@@ -24582,18 +25025,18 @@ interface(`corenet_udp_bind_hddtemp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_hddtemp_port',`
+interface(`corenet_tcp_connect_epmap_port',`
gen_require(`
- type hddtemp_port_t;
+ type epmap_port_t;
')
- allow $1 hddtemp_port_t:tcp_socket name_connect;
+ allow $1 epmap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send hddtemp_client packets.
+## Send epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24602,17 +25045,17 @@ interface(`corenet_tcp_connect_hddtemp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hddtemp_client_packets',`
+interface(`corenet_send_epmap_client_packets',`
gen_require(`
- type hddtemp_client_packet_t;
+ type epmap_client_packet_t;
')
- allow $1 hddtemp_client_packet_t:packet send;
+ allow $1 epmap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hddtemp_client packets.
+## Do not audit attempts to send epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24621,17 +25064,17 @@ interface(`corenet_send_hddtemp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hddtemp_client_packets',`
+interface(`corenet_dontaudit_send_epmap_client_packets',`
gen_require(`
- type hddtemp_client_packet_t;
+ type epmap_client_packet_t;
')
- dontaudit $1 hddtemp_client_packet_t:packet send;
+ dontaudit $1 epmap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive hddtemp_client packets.
+## Receive epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24640,17 +25083,17 @@ interface(`corenet_dontaudit_send_hddtemp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hddtemp_client_packets',`
+interface(`corenet_receive_epmap_client_packets',`
gen_require(`
- type hddtemp_client_packet_t;
+ type epmap_client_packet_t;
')
- allow $1 hddtemp_client_packet_t:packet recv;
+ allow $1 epmap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hddtemp_client packets.
+## Do not audit attempts to receive epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24659,17 +25102,17 @@ interface(`corenet_receive_hddtemp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hddtemp_client_packets',`
+interface(`corenet_dontaudit_receive_epmap_client_packets',`
gen_require(`
- type hddtemp_client_packet_t;
+ type epmap_client_packet_t;
')
- dontaudit $1 hddtemp_client_packet_t:packet recv;
+ dontaudit $1 epmap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hddtemp_client packets.
+## Send and receive epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24678,14 +25121,14 @@ interface(`corenet_dontaudit_receive_hddtemp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hddtemp_client_packets',`
- corenet_send_hddtemp_client_packets($1)
- corenet_receive_hddtemp_client_packets($1)
+interface(`corenet_sendrecv_epmap_client_packets',`
+ corenet_send_epmap_client_packets($1)
+ corenet_receive_epmap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hddtemp_client packets.
+## Do not audit attempts to send and receive epmap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24694,14 +25137,14 @@ interface(`corenet_sendrecv_hddtemp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hddtemp_client_packets',`
- corenet_dontaudit_send_hddtemp_client_packets($1)
- corenet_dontaudit_receive_hddtemp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_epmap_client_packets',`
+ corenet_dontaudit_send_epmap_client_packets($1)
+ corenet_dontaudit_receive_epmap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to hddtemp_client the packet type.
+## Relabel packets to epmap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -24709,18 +25152,18 @@ interface(`corenet_dontaudit_sendrecv_hddtemp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hddtemp_client_packets',`
+interface(`corenet_relabelto_epmap_client_packets',`
gen_require(`
- type hddtemp_client_packet_t;
+ type epmap_client_packet_t;
')
- allow $1 hddtemp_client_packet_t:packet relabelto;
+ allow $1 epmap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send hddtemp_server packets.
+## Send epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24729,17 +25172,17 @@ interface(`corenet_relabelto_hddtemp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hddtemp_server_packets',`
+interface(`corenet_send_epmap_server_packets',`
gen_require(`
- type hddtemp_server_packet_t;
+ type epmap_server_packet_t;
')
- allow $1 hddtemp_server_packet_t:packet send;
+ allow $1 epmap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hddtemp_server packets.
+## Do not audit attempts to send epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24748,17 +25191,17 @@ interface(`corenet_send_hddtemp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hddtemp_server_packets',`
+interface(`corenet_dontaudit_send_epmap_server_packets',`
gen_require(`
- type hddtemp_server_packet_t;
+ type epmap_server_packet_t;
')
- dontaudit $1 hddtemp_server_packet_t:packet send;
+ dontaudit $1 epmap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive hddtemp_server packets.
+## Receive epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24767,17 +25210,17 @@ interface(`corenet_dontaudit_send_hddtemp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hddtemp_server_packets',`
+interface(`corenet_receive_epmap_server_packets',`
gen_require(`
- type hddtemp_server_packet_t;
+ type epmap_server_packet_t;
')
- allow $1 hddtemp_server_packet_t:packet recv;
+ allow $1 epmap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hddtemp_server packets.
+## Do not audit attempts to receive epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24786,17 +25229,17 @@ interface(`corenet_receive_hddtemp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hddtemp_server_packets',`
+interface(`corenet_dontaudit_receive_epmap_server_packets',`
gen_require(`
- type hddtemp_server_packet_t;
+ type epmap_server_packet_t;
')
- dontaudit $1 hddtemp_server_packet_t:packet recv;
+ dontaudit $1 epmap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hddtemp_server packets.
+## Send and receive epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24805,14 +25248,14 @@ interface(`corenet_dontaudit_receive_hddtemp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hddtemp_server_packets',`
- corenet_send_hddtemp_server_packets($1)
- corenet_receive_hddtemp_server_packets($1)
+interface(`corenet_sendrecv_epmap_server_packets',`
+ corenet_send_epmap_server_packets($1)
+ corenet_receive_epmap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hddtemp_server packets.
+## Do not audit attempts to send and receive epmap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -24821,14 +25264,14 @@ interface(`corenet_sendrecv_hddtemp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hddtemp_server_packets',`
- corenet_dontaudit_send_hddtemp_server_packets($1)
- corenet_dontaudit_receive_hddtemp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_epmap_server_packets',`
+ corenet_dontaudit_send_epmap_server_packets($1)
+ corenet_dontaudit_receive_epmap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to hddtemp_server the packet type.
+## Relabel packets to epmap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -24836,12 +25279,12 @@ interface(`corenet_dontaudit_sendrecv_hddtemp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hddtemp_server_packets',`
+interface(`corenet_relabelto_epmap_server_packets',`
gen_require(`
- type hddtemp_server_packet_t;
+ type epmap_server_packet_t;
')
- allow $1 hddtemp_server_packet_t:packet relabelto;
+ allow $1 epmap_server_packet_t:packet relabelto;
')
@@ -24849,7 +25292,7 @@ interface(`corenet_relabelto_hddtemp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the howl port.
+## Send and receive TCP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24858,17 +25301,17 @@ interface(`corenet_relabelto_hddtemp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_howl_port',`
+interface(`corenet_tcp_sendrecv_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 epmd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the howl port.
+## Send UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24877,17 +25320,17 @@ interface(`corenet_tcp_sendrecv_howl_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_howl_port',`
+interface(`corenet_udp_send_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:udp_socket send_msg;
+ allow $1 epmd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the howl port.
+## Do not audit attempts to send UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24896,17 +25339,17 @@ interface(`corenet_udp_send_howl_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_howl_port',`
+interface(`corenet_dontaudit_udp_send_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- dontaudit $1 howl_port_t:udp_socket send_msg;
+ dontaudit $1 epmd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the howl port.
+## Receive UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24915,17 +25358,17 @@ interface(`corenet_dontaudit_udp_send_howl_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_howl_port',`
+interface(`corenet_udp_receive_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:udp_socket recv_msg;
+ allow $1 epmd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the howl port.
+## Do not audit attempts to receive UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24934,17 +25377,17 @@ interface(`corenet_udp_receive_howl_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_howl_port',`
+interface(`corenet_dontaudit_udp_receive_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- dontaudit $1 howl_port_t:udp_socket recv_msg;
+ dontaudit $1 epmd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the howl port.
+## Send and receive UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24953,15 +25396,15 @@ interface(`corenet_dontaudit_udp_receive_howl_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_howl_port',`
- corenet_udp_send_howl_port($1)
- corenet_udp_receive_howl_port($1)
+interface(`corenet_udp_sendrecv_epmd_port',`
+ corenet_udp_send_epmd_port($1)
+ corenet_udp_receive_epmd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the howl port.
+## UDP traffic on the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24970,14 +25413,14 @@ interface(`corenet_udp_sendrecv_howl_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_howl_port',`
- corenet_dontaudit_udp_send_howl_port($1)
- corenet_dontaudit_udp_receive_howl_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_epmd_port',`
+ corenet_dontaudit_udp_send_epmd_port($1)
+ corenet_dontaudit_udp_receive_epmd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the howl port.
+## Bind TCP sockets to the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -24986,18 +25429,18 @@ interface(`corenet_dontaudit_udp_sendrecv_howl_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_howl_port',`
+interface(`corenet_tcp_bind_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:tcp_socket name_bind;
+ allow $1 epmd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the howl port.
+## Bind UDP sockets to the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25006,18 +25449,18 @@ interface(`corenet_tcp_bind_howl_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_howl_port',`
+interface(`corenet_udp_bind_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:udp_socket name_bind;
+ allow $1 epmd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the howl port.
+## Make a TCP connection to the epmd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25025,18 +25468,18 @@ interface(`corenet_udp_bind_howl_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_howl_port',`
+interface(`corenet_tcp_connect_epmd_port',`
gen_require(`
- type howl_port_t;
+ type epmd_port_t;
')
- allow $1 howl_port_t:tcp_socket name_connect;
+ allow $1 epmd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send howl_client packets.
+## Send epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25045,17 +25488,17 @@ interface(`corenet_tcp_connect_howl_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_howl_client_packets',`
+interface(`corenet_send_epmd_client_packets',`
gen_require(`
- type howl_client_packet_t;
+ type epmd_client_packet_t;
')
- allow $1 howl_client_packet_t:packet send;
+ allow $1 epmd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send howl_client packets.
+## Do not audit attempts to send epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25064,17 +25507,17 @@ interface(`corenet_send_howl_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_howl_client_packets',`
+interface(`corenet_dontaudit_send_epmd_client_packets',`
gen_require(`
- type howl_client_packet_t;
+ type epmd_client_packet_t;
')
- dontaudit $1 howl_client_packet_t:packet send;
+ dontaudit $1 epmd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive howl_client packets.
+## Receive epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25083,17 +25526,17 @@ interface(`corenet_dontaudit_send_howl_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_howl_client_packets',`
+interface(`corenet_receive_epmd_client_packets',`
gen_require(`
- type howl_client_packet_t;
+ type epmd_client_packet_t;
')
- allow $1 howl_client_packet_t:packet recv;
+ allow $1 epmd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive howl_client packets.
+## Do not audit attempts to receive epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25102,17 +25545,17 @@ interface(`corenet_receive_howl_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_howl_client_packets',`
+interface(`corenet_dontaudit_receive_epmd_client_packets',`
gen_require(`
- type howl_client_packet_t;
+ type epmd_client_packet_t;
')
- dontaudit $1 howl_client_packet_t:packet recv;
+ dontaudit $1 epmd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive howl_client packets.
+## Send and receive epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25121,14 +25564,14 @@ interface(`corenet_dontaudit_receive_howl_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_howl_client_packets',`
- corenet_send_howl_client_packets($1)
- corenet_receive_howl_client_packets($1)
+interface(`corenet_sendrecv_epmd_client_packets',`
+ corenet_send_epmd_client_packets($1)
+ corenet_receive_epmd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive howl_client packets.
+## Do not audit attempts to send and receive epmd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25137,14 +25580,14 @@ interface(`corenet_sendrecv_howl_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_howl_client_packets',`
- corenet_dontaudit_send_howl_client_packets($1)
- corenet_dontaudit_receive_howl_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_epmd_client_packets',`
+ corenet_dontaudit_send_epmd_client_packets($1)
+ corenet_dontaudit_receive_epmd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to howl_client the packet type.
+## Relabel packets to epmd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -25152,18 +25595,18 @@ interface(`corenet_dontaudit_sendrecv_howl_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_howl_client_packets',`
+interface(`corenet_relabelto_epmd_client_packets',`
gen_require(`
- type howl_client_packet_t;
+ type epmd_client_packet_t;
')
- allow $1 howl_client_packet_t:packet relabelto;
+ allow $1 epmd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send howl_server packets.
+## Send epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25172,17 +25615,17 @@ interface(`corenet_relabelto_howl_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_howl_server_packets',`
+interface(`corenet_send_epmd_server_packets',`
gen_require(`
- type howl_server_packet_t;
+ type epmd_server_packet_t;
')
- allow $1 howl_server_packet_t:packet send;
+ allow $1 epmd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send howl_server packets.
+## Do not audit attempts to send epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25191,17 +25634,17 @@ interface(`corenet_send_howl_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_howl_server_packets',`
+interface(`corenet_dontaudit_send_epmd_server_packets',`
gen_require(`
- type howl_server_packet_t;
+ type epmd_server_packet_t;
')
- dontaudit $1 howl_server_packet_t:packet send;
+ dontaudit $1 epmd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive howl_server packets.
+## Receive epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25210,17 +25653,17 @@ interface(`corenet_dontaudit_send_howl_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_howl_server_packets',`
+interface(`corenet_receive_epmd_server_packets',`
gen_require(`
- type howl_server_packet_t;
+ type epmd_server_packet_t;
')
- allow $1 howl_server_packet_t:packet recv;
+ allow $1 epmd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive howl_server packets.
+## Do not audit attempts to receive epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25229,17 +25672,17 @@ interface(`corenet_receive_howl_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_howl_server_packets',`
+interface(`corenet_dontaudit_receive_epmd_server_packets',`
gen_require(`
- type howl_server_packet_t;
+ type epmd_server_packet_t;
')
- dontaudit $1 howl_server_packet_t:packet recv;
+ dontaudit $1 epmd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive howl_server packets.
+## Send and receive epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25248,14 +25691,14 @@ interface(`corenet_dontaudit_receive_howl_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_howl_server_packets',`
- corenet_send_howl_server_packets($1)
- corenet_receive_howl_server_packets($1)
+interface(`corenet_sendrecv_epmd_server_packets',`
+ corenet_send_epmd_server_packets($1)
+ corenet_receive_epmd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive howl_server packets.
+## Do not audit attempts to send and receive epmd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25264,14 +25707,14 @@ interface(`corenet_sendrecv_howl_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_howl_server_packets',`
- corenet_dontaudit_send_howl_server_packets($1)
- corenet_dontaudit_receive_howl_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_epmd_server_packets',`
+ corenet_dontaudit_send_epmd_server_packets($1)
+ corenet_dontaudit_receive_epmd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to howl_server the packet type.
+## Relabel packets to epmd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -25279,12 +25722,12 @@ interface(`corenet_dontaudit_sendrecv_howl_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_howl_server_packets',`
+interface(`corenet_relabelto_epmd_server_packets',`
gen_require(`
- type howl_server_packet_t;
+ type epmd_server_packet_t;
')
- allow $1 howl_server_packet_t:packet relabelto;
+ allow $1 epmd_server_packet_t:packet relabelto;
')
@@ -25292,7 +25735,7 @@ interface(`corenet_relabelto_howl_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the hplip port.
+## Send and receive TCP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25301,17 +25744,17 @@ interface(`corenet_relabelto_howl_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_hplip_port',`
+interface(`corenet_tcp_sendrecv_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 fingerd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the hplip port.
+## Send UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25320,17 +25763,17 @@ interface(`corenet_tcp_sendrecv_hplip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_hplip_port',`
+interface(`corenet_udp_send_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:udp_socket send_msg;
+ allow $1 fingerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the hplip port.
+## Do not audit attempts to send UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25339,17 +25782,17 @@ interface(`corenet_udp_send_hplip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_hplip_port',`
+interface(`corenet_dontaudit_udp_send_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- dontaudit $1 hplip_port_t:udp_socket send_msg;
+ dontaudit $1 fingerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the hplip port.
+## Receive UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25358,17 +25801,17 @@ interface(`corenet_dontaudit_udp_send_hplip_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_hplip_port',`
+interface(`corenet_udp_receive_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:udp_socket recv_msg;
+ allow $1 fingerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the hplip port.
+## Do not audit attempts to receive UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25377,17 +25820,17 @@ interface(`corenet_udp_receive_hplip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_hplip_port',`
+interface(`corenet_dontaudit_udp_receive_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- dontaudit $1 hplip_port_t:udp_socket recv_msg;
+ dontaudit $1 fingerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the hplip port.
+## Send and receive UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25396,15 +25839,15 @@ interface(`corenet_dontaudit_udp_receive_hplip_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_hplip_port',`
- corenet_udp_send_hplip_port($1)
- corenet_udp_receive_hplip_port($1)
+interface(`corenet_udp_sendrecv_fingerd_port',`
+ corenet_udp_send_fingerd_port($1)
+ corenet_udp_receive_fingerd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the hplip port.
+## UDP traffic on the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25413,14 +25856,14 @@ interface(`corenet_udp_sendrecv_hplip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_hplip_port',`
- corenet_dontaudit_udp_send_hplip_port($1)
- corenet_dontaudit_udp_receive_hplip_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_fingerd_port',`
+ corenet_dontaudit_udp_send_fingerd_port($1)
+ corenet_dontaudit_udp_receive_fingerd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the hplip port.
+## Bind TCP sockets to the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25429,18 +25872,18 @@ interface(`corenet_dontaudit_udp_sendrecv_hplip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_hplip_port',`
+interface(`corenet_tcp_bind_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:tcp_socket name_bind;
-
+ allow $1 fingerd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the hplip port.
+## Bind UDP sockets to the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25449,18 +25892,18 @@ interface(`corenet_tcp_bind_hplip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_hplip_port',`
+interface(`corenet_udp_bind_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:udp_socket name_bind;
-
+ allow $1 fingerd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the hplip port.
+## Make a TCP connection to the fingerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -25468,18 +25911,18 @@ interface(`corenet_udp_bind_hplip_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_hplip_port',`
+interface(`corenet_tcp_connect_fingerd_port',`
gen_require(`
- type hplip_port_t;
+ type fingerd_port_t;
')
- allow $1 hplip_port_t:tcp_socket name_connect;
+ allow $1 fingerd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send hplip_client packets.
+## Send fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25488,17 +25931,17 @@ interface(`corenet_tcp_connect_hplip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hplip_client_packets',`
+interface(`corenet_send_fingerd_client_packets',`
gen_require(`
- type hplip_client_packet_t;
+ type fingerd_client_packet_t;
')
- allow $1 hplip_client_packet_t:packet send;
+ allow $1 fingerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hplip_client packets.
+## Do not audit attempts to send fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25507,17 +25950,17 @@ interface(`corenet_send_hplip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hplip_client_packets',`
+interface(`corenet_dontaudit_send_fingerd_client_packets',`
gen_require(`
- type hplip_client_packet_t;
+ type fingerd_client_packet_t;
')
- dontaudit $1 hplip_client_packet_t:packet send;
+ dontaudit $1 fingerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive hplip_client packets.
+## Receive fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25526,17 +25969,17 @@ interface(`corenet_dontaudit_send_hplip_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hplip_client_packets',`
+interface(`corenet_receive_fingerd_client_packets',`
gen_require(`
- type hplip_client_packet_t;
+ type fingerd_client_packet_t;
')
- allow $1 hplip_client_packet_t:packet recv;
+ allow $1 fingerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hplip_client packets.
+## Do not audit attempts to receive fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25545,17 +25988,17 @@ interface(`corenet_receive_hplip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hplip_client_packets',`
+interface(`corenet_dontaudit_receive_fingerd_client_packets',`
gen_require(`
- type hplip_client_packet_t;
+ type fingerd_client_packet_t;
')
- dontaudit $1 hplip_client_packet_t:packet recv;
+ dontaudit $1 fingerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hplip_client packets.
+## Send and receive fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25564,14 +26007,14 @@ interface(`corenet_dontaudit_receive_hplip_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hplip_client_packets',`
- corenet_send_hplip_client_packets($1)
- corenet_receive_hplip_client_packets($1)
+interface(`corenet_sendrecv_fingerd_client_packets',`
+ corenet_send_fingerd_client_packets($1)
+ corenet_receive_fingerd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hplip_client packets.
+## Do not audit attempts to send and receive fingerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25580,14 +26023,14 @@ interface(`corenet_sendrecv_hplip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hplip_client_packets',`
- corenet_dontaudit_send_hplip_client_packets($1)
- corenet_dontaudit_receive_hplip_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_fingerd_client_packets',`
+ corenet_dontaudit_send_fingerd_client_packets($1)
+ corenet_dontaudit_receive_fingerd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to hplip_client the packet type.
+## Relabel packets to fingerd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -25595,18 +26038,18 @@ interface(`corenet_dontaudit_sendrecv_hplip_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hplip_client_packets',`
+interface(`corenet_relabelto_fingerd_client_packets',`
gen_require(`
- type hplip_client_packet_t;
+ type fingerd_client_packet_t;
')
- allow $1 hplip_client_packet_t:packet relabelto;
+ allow $1 fingerd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send hplip_server packets.
+## Send fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25615,17 +26058,17 @@ interface(`corenet_relabelto_hplip_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_hplip_server_packets',`
+interface(`corenet_send_fingerd_server_packets',`
gen_require(`
- type hplip_server_packet_t;
+ type fingerd_server_packet_t;
')
- allow $1 hplip_server_packet_t:packet send;
+ allow $1 fingerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send hplip_server packets.
+## Do not audit attempts to send fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25634,17 +26077,17 @@ interface(`corenet_send_hplip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_hplip_server_packets',`
+interface(`corenet_dontaudit_send_fingerd_server_packets',`
gen_require(`
- type hplip_server_packet_t;
+ type fingerd_server_packet_t;
')
- dontaudit $1 hplip_server_packet_t:packet send;
+ dontaudit $1 fingerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive hplip_server packets.
+## Receive fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25653,17 +26096,17 @@ interface(`corenet_dontaudit_send_hplip_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_hplip_server_packets',`
+interface(`corenet_receive_fingerd_server_packets',`
gen_require(`
- type hplip_server_packet_t;
+ type fingerd_server_packet_t;
')
- allow $1 hplip_server_packet_t:packet recv;
+ allow $1 fingerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive hplip_server packets.
+## Do not audit attempts to receive fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25672,17 +26115,17 @@ interface(`corenet_receive_hplip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_hplip_server_packets',`
+interface(`corenet_dontaudit_receive_fingerd_server_packets',`
gen_require(`
- type hplip_server_packet_t;
+ type fingerd_server_packet_t;
')
- dontaudit $1 hplip_server_packet_t:packet recv;
+ dontaudit $1 fingerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive hplip_server packets.
+## Send and receive fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25691,14 +26134,14 @@ interface(`corenet_dontaudit_receive_hplip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_hplip_server_packets',`
- corenet_send_hplip_server_packets($1)
- corenet_receive_hplip_server_packets($1)
+interface(`corenet_sendrecv_fingerd_server_packets',`
+ corenet_send_fingerd_server_packets($1)
+ corenet_receive_fingerd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive hplip_server packets.
+## Do not audit attempts to send and receive fingerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25707,14 +26150,14 @@ interface(`corenet_sendrecv_hplip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_hplip_server_packets',`
- corenet_dontaudit_send_hplip_server_packets($1)
- corenet_dontaudit_receive_hplip_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_fingerd_server_packets',`
+ corenet_dontaudit_send_fingerd_server_packets($1)
+ corenet_dontaudit_receive_fingerd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to hplip_server the packet type.
+## Relabel packets to fingerd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -25722,12 +26165,12 @@ interface(`corenet_dontaudit_sendrecv_hplip_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_hplip_server_packets',`
+interface(`corenet_relabelto_fingerd_server_packets',`
gen_require(`
- type hplip_server_packet_t;
+ type fingerd_server_packet_t;
')
- allow $1 hplip_server_packet_t:packet relabelto;
+ allow $1 fingerd_server_packet_t:packet relabelto;
')
@@ -25735,7 +26178,7 @@ interface(`corenet_relabelto_hplip_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the http port.
+## Send and receive TCP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25744,17 +26187,17 @@ interface(`corenet_relabelto_hplip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_http_port',`
+interface(`corenet_tcp_sendrecv_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ftp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the http port.
+## Send UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25763,17 +26206,17 @@ interface(`corenet_tcp_sendrecv_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_http_port',`
+interface(`corenet_udp_send_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:udp_socket send_msg;
+ allow $1 ftp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the http port.
+## Do not audit attempts to send UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25782,17 +26225,17 @@ interface(`corenet_udp_send_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_http_port',`
+interface(`corenet_dontaudit_udp_send_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- dontaudit $1 http_port_t:udp_socket send_msg;
+ dontaudit $1 ftp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the http port.
+## Receive UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25801,17 +26244,17 @@ interface(`corenet_dontaudit_udp_send_http_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_http_port',`
+interface(`corenet_udp_receive_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:udp_socket recv_msg;
+ allow $1 ftp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the http port.
+## Do not audit attempts to receive UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25820,17 +26263,17 @@ interface(`corenet_udp_receive_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_http_port',`
+interface(`corenet_dontaudit_udp_receive_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- dontaudit $1 http_port_t:udp_socket recv_msg;
+ dontaudit $1 ftp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the http port.
+## Send and receive UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25839,15 +26282,15 @@ interface(`corenet_dontaudit_udp_receive_http_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_http_port',`
- corenet_udp_send_http_port($1)
- corenet_udp_receive_http_port($1)
+interface(`corenet_udp_sendrecv_ftp_port',`
+ corenet_udp_send_ftp_port($1)
+ corenet_udp_receive_ftp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the http port.
+## UDP traffic on the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25856,14 +26299,14 @@ interface(`corenet_udp_sendrecv_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_http_port',`
- corenet_dontaudit_udp_send_http_port($1)
- corenet_dontaudit_udp_receive_http_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ftp_port',`
+ corenet_dontaudit_udp_send_ftp_port($1)
+ corenet_dontaudit_udp_receive_ftp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the http port.
+## Bind TCP sockets to the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25872,18 +26315,18 @@ interface(`corenet_dontaudit_udp_sendrecv_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_http_port',`
+interface(`corenet_tcp_bind_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:tcp_socket name_bind;
+ allow $1 ftp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the http port.
+## Bind UDP sockets to the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25892,18 +26335,18 @@ interface(`corenet_tcp_bind_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_http_port',`
+interface(`corenet_udp_bind_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:udp_socket name_bind;
+ allow $1 ftp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the http port.
+## Make a TCP connection to the ftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -25911,18 +26354,18 @@ interface(`corenet_udp_bind_http_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_http_port',`
+interface(`corenet_tcp_connect_ftp_port',`
gen_require(`
- type http_port_t;
+ type ftp_port_t;
')
- allow $1 http_port_t:tcp_socket name_connect;
+ allow $1 ftp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send http_client packets.
+## Send ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25931,17 +26374,17 @@ interface(`corenet_tcp_connect_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_http_client_packets',`
+interface(`corenet_send_ftp_client_packets',`
gen_require(`
- type http_client_packet_t;
+ type ftp_client_packet_t;
')
- allow $1 http_client_packet_t:packet send;
+ allow $1 ftp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send http_client packets.
+## Do not audit attempts to send ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25950,17 +26393,17 @@ interface(`corenet_send_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_http_client_packets',`
+interface(`corenet_dontaudit_send_ftp_client_packets',`
gen_require(`
- type http_client_packet_t;
+ type ftp_client_packet_t;
')
- dontaudit $1 http_client_packet_t:packet send;
+ dontaudit $1 ftp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive http_client packets.
+## Receive ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25969,17 +26412,17 @@ interface(`corenet_dontaudit_send_http_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_http_client_packets',`
+interface(`corenet_receive_ftp_client_packets',`
gen_require(`
- type http_client_packet_t;
+ type ftp_client_packet_t;
')
- allow $1 http_client_packet_t:packet recv;
+ allow $1 ftp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive http_client packets.
+## Do not audit attempts to receive ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -25988,17 +26431,17 @@ interface(`corenet_receive_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_http_client_packets',`
+interface(`corenet_dontaudit_receive_ftp_client_packets',`
gen_require(`
- type http_client_packet_t;
+ type ftp_client_packet_t;
')
- dontaudit $1 http_client_packet_t:packet recv;
+ dontaudit $1 ftp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive http_client packets.
+## Send and receive ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26007,14 +26450,14 @@ interface(`corenet_dontaudit_receive_http_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_http_client_packets',`
- corenet_send_http_client_packets($1)
- corenet_receive_http_client_packets($1)
+interface(`corenet_sendrecv_ftp_client_packets',`
+ corenet_send_ftp_client_packets($1)
+ corenet_receive_ftp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive http_client packets.
+## Do not audit attempts to send and receive ftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26023,14 +26466,14 @@ interface(`corenet_sendrecv_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_http_client_packets',`
- corenet_dontaudit_send_http_client_packets($1)
- corenet_dontaudit_receive_http_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ftp_client_packets',`
+ corenet_dontaudit_send_ftp_client_packets($1)
+ corenet_dontaudit_receive_ftp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to http_client the packet type.
+## Relabel packets to ftp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -26038,18 +26481,18 @@ interface(`corenet_dontaudit_sendrecv_http_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_http_client_packets',`
+interface(`corenet_relabelto_ftp_client_packets',`
gen_require(`
- type http_client_packet_t;
+ type ftp_client_packet_t;
')
- allow $1 http_client_packet_t:packet relabelto;
+ allow $1 ftp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send http_server packets.
+## Send ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26058,17 +26501,17 @@ interface(`corenet_relabelto_http_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_http_server_packets',`
+interface(`corenet_send_ftp_server_packets',`
gen_require(`
- type http_server_packet_t;
+ type ftp_server_packet_t;
')
- allow $1 http_server_packet_t:packet send;
+ allow $1 ftp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send http_server packets.
+## Do not audit attempts to send ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26077,17 +26520,17 @@ interface(`corenet_send_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_http_server_packets',`
+interface(`corenet_dontaudit_send_ftp_server_packets',`
gen_require(`
- type http_server_packet_t;
+ type ftp_server_packet_t;
')
- dontaudit $1 http_server_packet_t:packet send;
+ dontaudit $1 ftp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive http_server packets.
+## Receive ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26096,17 +26539,17 @@ interface(`corenet_dontaudit_send_http_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_http_server_packets',`
+interface(`corenet_receive_ftp_server_packets',`
gen_require(`
- type http_server_packet_t;
+ type ftp_server_packet_t;
')
- allow $1 http_server_packet_t:packet recv;
+ allow $1 ftp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive http_server packets.
+## Do not audit attempts to receive ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26115,17 +26558,17 @@ interface(`corenet_receive_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_http_server_packets',`
+interface(`corenet_dontaudit_receive_ftp_server_packets',`
gen_require(`
- type http_server_packet_t;
+ type ftp_server_packet_t;
')
- dontaudit $1 http_server_packet_t:packet recv;
+ dontaudit $1 ftp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive http_server packets.
+## Send and receive ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26134,14 +26577,14 @@ interface(`corenet_dontaudit_receive_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_http_server_packets',`
- corenet_send_http_server_packets($1)
- corenet_receive_http_server_packets($1)
+interface(`corenet_sendrecv_ftp_server_packets',`
+ corenet_send_ftp_server_packets($1)
+ corenet_receive_ftp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive http_server packets.
+## Do not audit attempts to send and receive ftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26150,14 +26593,14 @@ interface(`corenet_sendrecv_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_http_server_packets',`
- corenet_dontaudit_send_http_server_packets($1)
- corenet_dontaudit_receive_http_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ftp_server_packets',`
+ corenet_dontaudit_send_ftp_server_packets($1)
+ corenet_dontaudit_receive_ftp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to http_server the packet type.
+## Relabel packets to ftp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -26165,20 +26608,20 @@ interface(`corenet_dontaudit_sendrecv_http_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_http_server_packets',`
+interface(`corenet_relabelto_ftp_server_packets',`
gen_require(`
- type http_server_packet_t;
+ type ftp_server_packet_t;
')
- allow $1 http_server_packet_t:packet relabelto;
+ allow $1 ftp_server_packet_t:packet relabelto;
')
- #8443 is mod_nss default port
+
########################################
## <summary>
-## Send and receive TCP traffic on the http_cache port.
+## Send and receive TCP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26187,17 +26630,17 @@ interface(`corenet_relabelto_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_http_cache_port',`
+interface(`corenet_tcp_sendrecv_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ftp_data_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the http_cache port.
+## Send UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26206,17 +26649,17 @@ interface(`corenet_tcp_sendrecv_http_cache_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_http_cache_port',`
+interface(`corenet_udp_send_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:udp_socket send_msg;
+ allow $1 ftp_data_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the http_cache port.
+## Do not audit attempts to send UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26225,17 +26668,17 @@ interface(`corenet_udp_send_http_cache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_http_cache_port',`
+interface(`corenet_dontaudit_udp_send_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- dontaudit $1 http_cache_port_t:udp_socket send_msg;
+ dontaudit $1 ftp_data_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the http_cache port.
+## Receive UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26244,17 +26687,17 @@ interface(`corenet_dontaudit_udp_send_http_cache_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_http_cache_port',`
+interface(`corenet_udp_receive_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:udp_socket recv_msg;
+ allow $1 ftp_data_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the http_cache port.
+## Do not audit attempts to receive UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26263,17 +26706,17 @@ interface(`corenet_udp_receive_http_cache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_http_cache_port',`
+interface(`corenet_dontaudit_udp_receive_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- dontaudit $1 http_cache_port_t:udp_socket recv_msg;
+ dontaudit $1 ftp_data_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the http_cache port.
+## Send and receive UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26282,15 +26725,15 @@ interface(`corenet_dontaudit_udp_receive_http_cache_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_http_cache_port',`
- corenet_udp_send_http_cache_port($1)
- corenet_udp_receive_http_cache_port($1)
+interface(`corenet_udp_sendrecv_ftp_data_port',`
+ corenet_udp_send_ftp_data_port($1)
+ corenet_udp_receive_ftp_data_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the http_cache port.
+## UDP traffic on the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26299,14 +26742,14 @@ interface(`corenet_udp_sendrecv_http_cache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_http_cache_port',`
- corenet_dontaudit_udp_send_http_cache_port($1)
- corenet_dontaudit_udp_receive_http_cache_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ftp_data_port',`
+ corenet_dontaudit_udp_send_ftp_data_port($1)
+ corenet_dontaudit_udp_receive_ftp_data_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the http_cache port.
+## Bind TCP sockets to the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26315,18 +26758,18 @@ interface(`corenet_dontaudit_udp_sendrecv_http_cache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_http_cache_port',`
+interface(`corenet_tcp_bind_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:tcp_socket name_bind;
+ allow $1 ftp_data_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the http_cache port.
+## Bind UDP sockets to the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26335,18 +26778,18 @@ interface(`corenet_tcp_bind_http_cache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_http_cache_port',`
+interface(`corenet_udp_bind_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:udp_socket name_bind;
+ allow $1 ftp_data_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the http_cache port.
+## Make a TCP connection to the ftp_data port.
## </summary>
## <param name="domain">
## <summary>
@@ -26354,18 +26797,18 @@ interface(`corenet_udp_bind_http_cache_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_http_cache_port',`
+interface(`corenet_tcp_connect_ftp_data_port',`
gen_require(`
- type http_cache_port_t;
+ type ftp_data_port_t;
')
- allow $1 http_cache_port_t:tcp_socket name_connect;
+ allow $1 ftp_data_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send http_cache_client packets.
+## Send ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26374,17 +26817,17 @@ interface(`corenet_tcp_connect_http_cache_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_http_cache_client_packets',`
+interface(`corenet_send_ftp_data_client_packets',`
gen_require(`
- type http_cache_client_packet_t;
+ type ftp_data_client_packet_t;
')
- allow $1 http_cache_client_packet_t:packet send;
+ allow $1 ftp_data_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send http_cache_client packets.
+## Do not audit attempts to send ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26393,17 +26836,17 @@ interface(`corenet_send_http_cache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_http_cache_client_packets',`
+interface(`corenet_dontaudit_send_ftp_data_client_packets',`
gen_require(`
- type http_cache_client_packet_t;
+ type ftp_data_client_packet_t;
')
- dontaudit $1 http_cache_client_packet_t:packet send;
+ dontaudit $1 ftp_data_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive http_cache_client packets.
+## Receive ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26412,17 +26855,17 @@ interface(`corenet_dontaudit_send_http_cache_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_http_cache_client_packets',`
+interface(`corenet_receive_ftp_data_client_packets',`
gen_require(`
- type http_cache_client_packet_t;
+ type ftp_data_client_packet_t;
')
- allow $1 http_cache_client_packet_t:packet recv;
+ allow $1 ftp_data_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive http_cache_client packets.
+## Do not audit attempts to receive ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26431,17 +26874,17 @@ interface(`corenet_receive_http_cache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_http_cache_client_packets',`
+interface(`corenet_dontaudit_receive_ftp_data_client_packets',`
gen_require(`
- type http_cache_client_packet_t;
+ type ftp_data_client_packet_t;
')
- dontaudit $1 http_cache_client_packet_t:packet recv;
+ dontaudit $1 ftp_data_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive http_cache_client packets.
+## Send and receive ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26450,14 +26893,14 @@ interface(`corenet_dontaudit_receive_http_cache_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_http_cache_client_packets',`
- corenet_send_http_cache_client_packets($1)
- corenet_receive_http_cache_client_packets($1)
+interface(`corenet_sendrecv_ftp_data_client_packets',`
+ corenet_send_ftp_data_client_packets($1)
+ corenet_receive_ftp_data_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive http_cache_client packets.
+## Do not audit attempts to send and receive ftp_data_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26466,14 +26909,14 @@ interface(`corenet_sendrecv_http_cache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_http_cache_client_packets',`
- corenet_dontaudit_send_http_cache_client_packets($1)
- corenet_dontaudit_receive_http_cache_client_packets($1)
-')
+interface(`corenet_dontaudit_sendrecv_ftp_data_client_packets',`
+ corenet_dontaudit_send_ftp_data_client_packets($1)
+ corenet_dontaudit_receive_ftp_data_client_packets($1)
+')
########################################
## <summary>
-## Relabel packets to http_cache_client the packet type.
+## Relabel packets to ftp_data_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -26481,18 +26924,18 @@ interface(`corenet_dontaudit_sendrecv_http_cache_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_http_cache_client_packets',`
+interface(`corenet_relabelto_ftp_data_client_packets',`
gen_require(`
- type http_cache_client_packet_t;
+ type ftp_data_client_packet_t;
')
- allow $1 http_cache_client_packet_t:packet relabelto;
+ allow $1 ftp_data_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send http_cache_server packets.
+## Send ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26501,17 +26944,17 @@ interface(`corenet_relabelto_http_cache_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_http_cache_server_packets',`
+interface(`corenet_send_ftp_data_server_packets',`
gen_require(`
- type http_cache_server_packet_t;
+ type ftp_data_server_packet_t;
')
- allow $1 http_cache_server_packet_t:packet send;
+ allow $1 ftp_data_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send http_cache_server packets.
+## Do not audit attempts to send ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26520,17 +26963,17 @@ interface(`corenet_send_http_cache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_http_cache_server_packets',`
+interface(`corenet_dontaudit_send_ftp_data_server_packets',`
gen_require(`
- type http_cache_server_packet_t;
+ type ftp_data_server_packet_t;
')
- dontaudit $1 http_cache_server_packet_t:packet send;
+ dontaudit $1 ftp_data_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive http_cache_server packets.
+## Receive ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26539,17 +26982,17 @@ interface(`corenet_dontaudit_send_http_cache_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_http_cache_server_packets',`
+interface(`corenet_receive_ftp_data_server_packets',`
gen_require(`
- type http_cache_server_packet_t;
+ type ftp_data_server_packet_t;
')
- allow $1 http_cache_server_packet_t:packet recv;
+ allow $1 ftp_data_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive http_cache_server packets.
+## Do not audit attempts to receive ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26558,17 +27001,17 @@ interface(`corenet_receive_http_cache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_http_cache_server_packets',`
+interface(`corenet_dontaudit_receive_ftp_data_server_packets',`
gen_require(`
- type http_cache_server_packet_t;
+ type ftp_data_server_packet_t;
')
- dontaudit $1 http_cache_server_packet_t:packet recv;
+ dontaudit $1 ftp_data_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive http_cache_server packets.
+## Send and receive ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26577,14 +27020,14 @@ interface(`corenet_dontaudit_receive_http_cache_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_http_cache_server_packets',`
- corenet_send_http_cache_server_packets($1)
- corenet_receive_http_cache_server_packets($1)
+interface(`corenet_sendrecv_ftp_data_server_packets',`
+ corenet_send_ftp_data_server_packets($1)
+ corenet_receive_ftp_data_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive http_cache_server packets.
+## Do not audit attempts to send and receive ftp_data_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26593,14 +27036,14 @@ interface(`corenet_sendrecv_http_cache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_http_cache_server_packets',`
- corenet_dontaudit_send_http_cache_server_packets($1)
- corenet_dontaudit_receive_http_cache_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ftp_data_server_packets',`
+ corenet_dontaudit_send_ftp_data_server_packets($1)
+ corenet_dontaudit_receive_ftp_data_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to http_cache_server the packet type.
+## Relabel packets to ftp_data_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -26608,20 +27051,20 @@ interface(`corenet_dontaudit_sendrecv_http_cache_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_http_cache_server_packets',`
+interface(`corenet_relabelto_ftp_data_server_packets',`
gen_require(`
- type http_cache_server_packet_t;
+ type ftp_data_server_packet_t;
')
- allow $1 http_cache_server_packet_t:packet relabelto;
+ allow $1 ftp_data_server_packet_t:packet relabelto;
')
- # 8118 is for privoxy
+
########################################
## <summary>
-## Send and receive TCP traffic on the i18n_input port.
+## Send and receive TCP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26630,17 +27073,17 @@ interface(`corenet_relabelto_http_cache_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_i18n_input_port',`
+interface(`corenet_tcp_sendrecv_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 gatekeeper_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the i18n_input port.
+## Send UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26649,17 +27092,17 @@ interface(`corenet_tcp_sendrecv_i18n_input_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_i18n_input_port',`
+interface(`corenet_udp_send_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:udp_socket send_msg;
+ allow $1 gatekeeper_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the i18n_input port.
+## Do not audit attempts to send UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26668,17 +27111,17 @@ interface(`corenet_udp_send_i18n_input_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_i18n_input_port',`
+interface(`corenet_dontaudit_udp_send_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- dontaudit $1 i18n_input_port_t:udp_socket send_msg;
+ dontaudit $1 gatekeeper_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the i18n_input port.
+## Receive UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26687,17 +27130,17 @@ interface(`corenet_dontaudit_udp_send_i18n_input_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_i18n_input_port',`
+interface(`corenet_udp_receive_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:udp_socket recv_msg;
+ allow $1 gatekeeper_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the i18n_input port.
+## Do not audit attempts to receive UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26706,17 +27149,17 @@ interface(`corenet_udp_receive_i18n_input_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_i18n_input_port',`
+interface(`corenet_dontaudit_udp_receive_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- dontaudit $1 i18n_input_port_t:udp_socket recv_msg;
+ dontaudit $1 gatekeeper_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the i18n_input port.
+## Send and receive UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26725,15 +27168,15 @@ interface(`corenet_dontaudit_udp_receive_i18n_input_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_i18n_input_port',`
- corenet_udp_send_i18n_input_port($1)
- corenet_udp_receive_i18n_input_port($1)
+interface(`corenet_udp_sendrecv_gatekeeper_port',`
+ corenet_udp_send_gatekeeper_port($1)
+ corenet_udp_receive_gatekeeper_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the i18n_input port.
+## UDP traffic on the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26742,14 +27185,14 @@ interface(`corenet_udp_sendrecv_i18n_input_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_i18n_input_port',`
- corenet_dontaudit_udp_send_i18n_input_port($1)
- corenet_dontaudit_udp_receive_i18n_input_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_gatekeeper_port',`
+ corenet_dontaudit_udp_send_gatekeeper_port($1)
+ corenet_dontaudit_udp_receive_gatekeeper_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the i18n_input port.
+## Bind TCP sockets to the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26758,18 +27201,18 @@ interface(`corenet_dontaudit_udp_sendrecv_i18n_input_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_i18n_input_port',`
+interface(`corenet_tcp_bind_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:tcp_socket name_bind;
+ allow $1 gatekeeper_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the i18n_input port.
+## Bind UDP sockets to the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26778,18 +27221,18 @@ interface(`corenet_tcp_bind_i18n_input_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_i18n_input_port',`
+interface(`corenet_udp_bind_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:udp_socket name_bind;
+ allow $1 gatekeeper_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the i18n_input port.
+## Make a TCP connection to the gatekeeper port.
## </summary>
## <param name="domain">
## <summary>
@@ -26797,18 +27240,18 @@ interface(`corenet_udp_bind_i18n_input_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_i18n_input_port',`
+interface(`corenet_tcp_connect_gatekeeper_port',`
gen_require(`
- type i18n_input_port_t;
+ type gatekeeper_port_t;
')
- allow $1 i18n_input_port_t:tcp_socket name_connect;
+ allow $1 gatekeeper_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send i18n_input_client packets.
+## Send gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26817,17 +27260,17 @@ interface(`corenet_tcp_connect_i18n_input_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_i18n_input_client_packets',`
+interface(`corenet_send_gatekeeper_client_packets',`
gen_require(`
- type i18n_input_client_packet_t;
+ type gatekeeper_client_packet_t;
')
- allow $1 i18n_input_client_packet_t:packet send;
+ allow $1 gatekeeper_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send i18n_input_client packets.
+## Do not audit attempts to send gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26836,17 +27279,17 @@ interface(`corenet_send_i18n_input_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_i18n_input_client_packets',`
+interface(`corenet_dontaudit_send_gatekeeper_client_packets',`
gen_require(`
- type i18n_input_client_packet_t;
+ type gatekeeper_client_packet_t;
')
- dontaudit $1 i18n_input_client_packet_t:packet send;
+ dontaudit $1 gatekeeper_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive i18n_input_client packets.
+## Receive gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26855,17 +27298,17 @@ interface(`corenet_dontaudit_send_i18n_input_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_i18n_input_client_packets',`
+interface(`corenet_receive_gatekeeper_client_packets',`
gen_require(`
- type i18n_input_client_packet_t;
+ type gatekeeper_client_packet_t;
')
- allow $1 i18n_input_client_packet_t:packet recv;
+ allow $1 gatekeeper_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive i18n_input_client packets.
+## Do not audit attempts to receive gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26874,17 +27317,17 @@ interface(`corenet_receive_i18n_input_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_i18n_input_client_packets',`
+interface(`corenet_dontaudit_receive_gatekeeper_client_packets',`
gen_require(`
- type i18n_input_client_packet_t;
+ type gatekeeper_client_packet_t;
')
- dontaudit $1 i18n_input_client_packet_t:packet recv;
+ dontaudit $1 gatekeeper_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive i18n_input_client packets.
+## Send and receive gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26893,14 +27336,14 @@ interface(`corenet_dontaudit_receive_i18n_input_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_i18n_input_client_packets',`
- corenet_send_i18n_input_client_packets($1)
- corenet_receive_i18n_input_client_packets($1)
+interface(`corenet_sendrecv_gatekeeper_client_packets',`
+ corenet_send_gatekeeper_client_packets($1)
+ corenet_receive_gatekeeper_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive i18n_input_client packets.
+## Do not audit attempts to send and receive gatekeeper_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26909,14 +27352,14 @@ interface(`corenet_sendrecv_i18n_input_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_i18n_input_client_packets',`
- corenet_dontaudit_send_i18n_input_client_packets($1)
- corenet_dontaudit_receive_i18n_input_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_gatekeeper_client_packets',`
+ corenet_dontaudit_send_gatekeeper_client_packets($1)
+ corenet_dontaudit_receive_gatekeeper_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to i18n_input_client the packet type.
+## Relabel packets to gatekeeper_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -26924,18 +27367,18 @@ interface(`corenet_dontaudit_sendrecv_i18n_input_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_i18n_input_client_packets',`
+interface(`corenet_relabelto_gatekeeper_client_packets',`
gen_require(`
- type i18n_input_client_packet_t;
+ type gatekeeper_client_packet_t;
')
- allow $1 i18n_input_client_packet_t:packet relabelto;
+ allow $1 gatekeeper_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send i18n_input_server packets.
+## Send gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26944,17 +27387,17 @@ interface(`corenet_relabelto_i18n_input_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_i18n_input_server_packets',`
+interface(`corenet_send_gatekeeper_server_packets',`
gen_require(`
- type i18n_input_server_packet_t;
+ type gatekeeper_server_packet_t;
')
- allow $1 i18n_input_server_packet_t:packet send;
+ allow $1 gatekeeper_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send i18n_input_server packets.
+## Do not audit attempts to send gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26963,17 +27406,17 @@ interface(`corenet_send_i18n_input_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_i18n_input_server_packets',`
+interface(`corenet_dontaudit_send_gatekeeper_server_packets',`
gen_require(`
- type i18n_input_server_packet_t;
+ type gatekeeper_server_packet_t;
')
- dontaudit $1 i18n_input_server_packet_t:packet send;
+ dontaudit $1 gatekeeper_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive i18n_input_server packets.
+## Receive gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -26982,17 +27425,17 @@ interface(`corenet_dontaudit_send_i18n_input_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_i18n_input_server_packets',`
+interface(`corenet_receive_gatekeeper_server_packets',`
gen_require(`
- type i18n_input_server_packet_t;
+ type gatekeeper_server_packet_t;
')
- allow $1 i18n_input_server_packet_t:packet recv;
+ allow $1 gatekeeper_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive i18n_input_server packets.
+## Do not audit attempts to receive gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27001,17 +27444,17 @@ interface(`corenet_receive_i18n_input_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_i18n_input_server_packets',`
+interface(`corenet_dontaudit_receive_gatekeeper_server_packets',`
gen_require(`
- type i18n_input_server_packet_t;
+ type gatekeeper_server_packet_t;
')
- dontaudit $1 i18n_input_server_packet_t:packet recv;
+ dontaudit $1 gatekeeper_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive i18n_input_server packets.
+## Send and receive gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27020,14 +27463,14 @@ interface(`corenet_dontaudit_receive_i18n_input_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_i18n_input_server_packets',`
- corenet_send_i18n_input_server_packets($1)
- corenet_receive_i18n_input_server_packets($1)
+interface(`corenet_sendrecv_gatekeeper_server_packets',`
+ corenet_send_gatekeeper_server_packets($1)
+ corenet_receive_gatekeeper_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive i18n_input_server packets.
+## Do not audit attempts to send and receive gatekeeper_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27036,14 +27479,14 @@ interface(`corenet_sendrecv_i18n_input_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_i18n_input_server_packets',`
- corenet_dontaudit_send_i18n_input_server_packets($1)
- corenet_dontaudit_receive_i18n_input_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_gatekeeper_server_packets',`
+ corenet_dontaudit_send_gatekeeper_server_packets($1)
+ corenet_dontaudit_receive_gatekeeper_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to i18n_input_server the packet type.
+## Relabel packets to gatekeeper_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -27051,12 +27494,12 @@ interface(`corenet_dontaudit_sendrecv_i18n_input_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_i18n_input_server_packets',`
+interface(`corenet_relabelto_gatekeeper_server_packets',`
gen_require(`
- type i18n_input_server_packet_t;
+ type gatekeeper_server_packet_t;
')
- allow $1 i18n_input_server_packet_t:packet relabelto;
+ allow $1 gatekeeper_server_packet_t:packet relabelto;
')
@@ -27064,7 +27507,7 @@ interface(`corenet_relabelto_i18n_input_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the imaze port.
+## Send and receive TCP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27073,17 +27516,17 @@ interface(`corenet_relabelto_i18n_input_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_imaze_port',`
+interface(`corenet_tcp_sendrecv_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 gds_db_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the imaze port.
+## Send UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27092,17 +27535,17 @@ interface(`corenet_tcp_sendrecv_imaze_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_imaze_port',`
+interface(`corenet_udp_send_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:udp_socket send_msg;
+ allow $1 gds_db_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the imaze port.
+## Do not audit attempts to send UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27111,17 +27554,17 @@ interface(`corenet_udp_send_imaze_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_imaze_port',`
+interface(`corenet_dontaudit_udp_send_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- dontaudit $1 imaze_port_t:udp_socket send_msg;
+ dontaudit $1 gds_db_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the imaze port.
+## Receive UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27130,17 +27573,17 @@ interface(`corenet_dontaudit_udp_send_imaze_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_imaze_port',`
+interface(`corenet_udp_receive_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:udp_socket recv_msg;
+ allow $1 gds_db_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the imaze port.
+## Do not audit attempts to receive UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27149,17 +27592,17 @@ interface(`corenet_udp_receive_imaze_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_imaze_port',`
+interface(`corenet_dontaudit_udp_receive_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- dontaudit $1 imaze_port_t:udp_socket recv_msg;
+ dontaudit $1 gds_db_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the imaze port.
+## Send and receive UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27168,15 +27611,15 @@ interface(`corenet_dontaudit_udp_receive_imaze_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_imaze_port',`
- corenet_udp_send_imaze_port($1)
- corenet_udp_receive_imaze_port($1)
+interface(`corenet_udp_sendrecv_gds_db_port',`
+ corenet_udp_send_gds_db_port($1)
+ corenet_udp_receive_gds_db_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the imaze port.
+## UDP traffic on the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27185,14 +27628,14 @@ interface(`corenet_udp_sendrecv_imaze_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_imaze_port',`
- corenet_dontaudit_udp_send_imaze_port($1)
- corenet_dontaudit_udp_receive_imaze_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_gds_db_port',`
+ corenet_dontaudit_udp_send_gds_db_port($1)
+ corenet_dontaudit_udp_receive_gds_db_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the imaze port.
+## Bind TCP sockets to the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27201,18 +27644,18 @@ interface(`corenet_dontaudit_udp_sendrecv_imaze_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_imaze_port',`
+interface(`corenet_tcp_bind_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:tcp_socket name_bind;
+ allow $1 gds_db_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the imaze port.
+## Bind UDP sockets to the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27221,18 +27664,18 @@ interface(`corenet_tcp_bind_imaze_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_imaze_port',`
+interface(`corenet_udp_bind_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:udp_socket name_bind;
+ allow $1 gds_db_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the imaze port.
+## Make a TCP connection to the gds_db port.
## </summary>
## <param name="domain">
## <summary>
@@ -27240,18 +27683,18 @@ interface(`corenet_udp_bind_imaze_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_imaze_port',`
+interface(`corenet_tcp_connect_gds_db_port',`
gen_require(`
- type imaze_port_t;
+ type gds_db_port_t;
')
- allow $1 imaze_port_t:tcp_socket name_connect;
+ allow $1 gds_db_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send imaze_client packets.
+## Send gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27260,17 +27703,17 @@ interface(`corenet_tcp_connect_imaze_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_imaze_client_packets',`
+interface(`corenet_send_gds_db_client_packets',`
gen_require(`
- type imaze_client_packet_t;
+ type gds_db_client_packet_t;
')
- allow $1 imaze_client_packet_t:packet send;
+ allow $1 gds_db_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send imaze_client packets.
+## Do not audit attempts to send gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27279,17 +27722,17 @@ interface(`corenet_send_imaze_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_imaze_client_packets',`
+interface(`corenet_dontaudit_send_gds_db_client_packets',`
gen_require(`
- type imaze_client_packet_t;
+ type gds_db_client_packet_t;
')
- dontaudit $1 imaze_client_packet_t:packet send;
+ dontaudit $1 gds_db_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive imaze_client packets.
+## Receive gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27298,17 +27741,17 @@ interface(`corenet_dontaudit_send_imaze_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_imaze_client_packets',`
+interface(`corenet_receive_gds_db_client_packets',`
gen_require(`
- type imaze_client_packet_t;
+ type gds_db_client_packet_t;
')
- allow $1 imaze_client_packet_t:packet recv;
+ allow $1 gds_db_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive imaze_client packets.
+## Do not audit attempts to receive gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27317,17 +27760,17 @@ interface(`corenet_receive_imaze_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_imaze_client_packets',`
+interface(`corenet_dontaudit_receive_gds_db_client_packets',`
gen_require(`
- type imaze_client_packet_t;
+ type gds_db_client_packet_t;
')
- dontaudit $1 imaze_client_packet_t:packet recv;
+ dontaudit $1 gds_db_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive imaze_client packets.
+## Send and receive gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27336,14 +27779,14 @@ interface(`corenet_dontaudit_receive_imaze_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_imaze_client_packets',`
- corenet_send_imaze_client_packets($1)
- corenet_receive_imaze_client_packets($1)
+interface(`corenet_sendrecv_gds_db_client_packets',`
+ corenet_send_gds_db_client_packets($1)
+ corenet_receive_gds_db_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive imaze_client packets.
+## Do not audit attempts to send and receive gds_db_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27352,14 +27795,14 @@ interface(`corenet_sendrecv_imaze_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_imaze_client_packets',`
- corenet_dontaudit_send_imaze_client_packets($1)
- corenet_dontaudit_receive_imaze_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_gds_db_client_packets',`
+ corenet_dontaudit_send_gds_db_client_packets($1)
+ corenet_dontaudit_receive_gds_db_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to imaze_client the packet type.
+## Relabel packets to gds_db_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -27367,18 +27810,18 @@ interface(`corenet_dontaudit_sendrecv_imaze_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_imaze_client_packets',`
+interface(`corenet_relabelto_gds_db_client_packets',`
gen_require(`
- type imaze_client_packet_t;
+ type gds_db_client_packet_t;
')
- allow $1 imaze_client_packet_t:packet relabelto;
+ allow $1 gds_db_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send imaze_server packets.
+## Send gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27387,17 +27830,17 @@ interface(`corenet_relabelto_imaze_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_imaze_server_packets',`
+interface(`corenet_send_gds_db_server_packets',`
gen_require(`
- type imaze_server_packet_t;
+ type gds_db_server_packet_t;
')
- allow $1 imaze_server_packet_t:packet send;
+ allow $1 gds_db_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send imaze_server packets.
+## Do not audit attempts to send gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27406,17 +27849,17 @@ interface(`corenet_send_imaze_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_imaze_server_packets',`
+interface(`corenet_dontaudit_send_gds_db_server_packets',`
gen_require(`
- type imaze_server_packet_t;
+ type gds_db_server_packet_t;
')
- dontaudit $1 imaze_server_packet_t:packet send;
+ dontaudit $1 gds_db_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive imaze_server packets.
+## Receive gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27425,17 +27868,17 @@ interface(`corenet_dontaudit_send_imaze_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_imaze_server_packets',`
+interface(`corenet_receive_gds_db_server_packets',`
gen_require(`
- type imaze_server_packet_t;
+ type gds_db_server_packet_t;
')
- allow $1 imaze_server_packet_t:packet recv;
+ allow $1 gds_db_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive imaze_server packets.
+## Do not audit attempts to receive gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27444,17 +27887,17 @@ interface(`corenet_receive_imaze_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_imaze_server_packets',`
+interface(`corenet_dontaudit_receive_gds_db_server_packets',`
gen_require(`
- type imaze_server_packet_t;
+ type gds_db_server_packet_t;
')
- dontaudit $1 imaze_server_packet_t:packet recv;
+ dontaudit $1 gds_db_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive imaze_server packets.
+## Send and receive gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27463,14 +27906,14 @@ interface(`corenet_dontaudit_receive_imaze_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_imaze_server_packets',`
- corenet_send_imaze_server_packets($1)
- corenet_receive_imaze_server_packets($1)
+interface(`corenet_sendrecv_gds_db_server_packets',`
+ corenet_send_gds_db_server_packets($1)
+ corenet_receive_gds_db_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive imaze_server packets.
+## Do not audit attempts to send and receive gds_db_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27479,14 +27922,14 @@ interface(`corenet_sendrecv_imaze_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_imaze_server_packets',`
- corenet_dontaudit_send_imaze_server_packets($1)
- corenet_dontaudit_receive_imaze_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_gds_db_server_packets',`
+ corenet_dontaudit_send_gds_db_server_packets($1)
+ corenet_dontaudit_receive_gds_db_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to imaze_server the packet type.
+## Relabel packets to gds_db_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -27494,12 +27937,12 @@ interface(`corenet_dontaudit_sendrecv_imaze_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_imaze_server_packets',`
+interface(`corenet_relabelto_gds_db_server_packets',`
gen_require(`
- type imaze_server_packet_t;
+ type gds_db_server_packet_t;
')
- allow $1 imaze_server_packet_t:packet relabelto;
+ allow $1 gds_db_server_packet_t:packet relabelto;
')
@@ -27507,7 +27950,7 @@ interface(`corenet_relabelto_imaze_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the inetd_child port.
+## Send and receive TCP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27516,17 +27959,17 @@ interface(`corenet_relabelto_imaze_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_inetd_child_port',`
+interface(`corenet_tcp_sendrecv_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 giftd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the inetd_child port.
+## Send UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27535,17 +27978,17 @@ interface(`corenet_tcp_sendrecv_inetd_child_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_inetd_child_port',`
+interface(`corenet_udp_send_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:udp_socket send_msg;
+ allow $1 giftd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the inetd_child port.
+## Do not audit attempts to send UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27554,17 +27997,17 @@ interface(`corenet_udp_send_inetd_child_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_inetd_child_port',`
+interface(`corenet_dontaudit_udp_send_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- dontaudit $1 inetd_child_port_t:udp_socket send_msg;
+ dontaudit $1 giftd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the inetd_child port.
+## Receive UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27573,17 +28016,17 @@ interface(`corenet_dontaudit_udp_send_inetd_child_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_inetd_child_port',`
+interface(`corenet_udp_receive_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:udp_socket recv_msg;
+ allow $1 giftd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the inetd_child port.
+## Do not audit attempts to receive UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27592,17 +28035,17 @@ interface(`corenet_udp_receive_inetd_child_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_inetd_child_port',`
+interface(`corenet_dontaudit_udp_receive_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- dontaudit $1 inetd_child_port_t:udp_socket recv_msg;
+ dontaudit $1 giftd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the inetd_child port.
+## Send and receive UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27611,15 +28054,15 @@ interface(`corenet_dontaudit_udp_receive_inetd_child_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_inetd_child_port',`
- corenet_udp_send_inetd_child_port($1)
- corenet_udp_receive_inetd_child_port($1)
+interface(`corenet_udp_sendrecv_giftd_port',`
+ corenet_udp_send_giftd_port($1)
+ corenet_udp_receive_giftd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the inetd_child port.
+## UDP traffic on the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27628,14 +28071,14 @@ interface(`corenet_udp_sendrecv_inetd_child_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_inetd_child_port',`
- corenet_dontaudit_udp_send_inetd_child_port($1)
- corenet_dontaudit_udp_receive_inetd_child_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_giftd_port',`
+ corenet_dontaudit_udp_send_giftd_port($1)
+ corenet_dontaudit_udp_receive_giftd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the inetd_child port.
+## Bind TCP sockets to the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27644,18 +28087,18 @@ interface(`corenet_dontaudit_udp_sendrecv_inetd_child_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_inetd_child_port',`
+interface(`corenet_tcp_bind_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 giftd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the inetd_child port.
+## Bind UDP sockets to the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27664,18 +28107,18 @@ interface(`corenet_tcp_bind_inetd_child_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_inetd_child_port',`
+interface(`corenet_udp_bind_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 giftd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the inetd_child port.
+## Make a TCP connection to the giftd port.
## </summary>
## <param name="domain">
## <summary>
@@ -27683,18 +28126,18 @@ interface(`corenet_udp_bind_inetd_child_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_inetd_child_port',`
+interface(`corenet_tcp_connect_giftd_port',`
gen_require(`
- type inetd_child_port_t;
+ type giftd_port_t;
')
- allow $1 inetd_child_port_t:tcp_socket name_connect;
+ allow $1 giftd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send inetd_child_client packets.
+## Send giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27703,17 +28146,17 @@ interface(`corenet_tcp_connect_inetd_child_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_inetd_child_client_packets',`
+interface(`corenet_send_giftd_client_packets',`
gen_require(`
- type inetd_child_client_packet_t;
+ type giftd_client_packet_t;
')
- allow $1 inetd_child_client_packet_t:packet send;
+ allow $1 giftd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send inetd_child_client packets.
+## Do not audit attempts to send giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27722,17 +28165,17 @@ interface(`corenet_send_inetd_child_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_inetd_child_client_packets',`
+interface(`corenet_dontaudit_send_giftd_client_packets',`
gen_require(`
- type inetd_child_client_packet_t;
+ type giftd_client_packet_t;
')
- dontaudit $1 inetd_child_client_packet_t:packet send;
+ dontaudit $1 giftd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive inetd_child_client packets.
+## Receive giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27741,17 +28184,17 @@ interface(`corenet_dontaudit_send_inetd_child_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_inetd_child_client_packets',`
+interface(`corenet_receive_giftd_client_packets',`
gen_require(`
- type inetd_child_client_packet_t;
+ type giftd_client_packet_t;
')
- allow $1 inetd_child_client_packet_t:packet recv;
+ allow $1 giftd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive inetd_child_client packets.
+## Do not audit attempts to receive giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27760,17 +28203,17 @@ interface(`corenet_receive_inetd_child_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_inetd_child_client_packets',`
+interface(`corenet_dontaudit_receive_giftd_client_packets',`
gen_require(`
- type inetd_child_client_packet_t;
+ type giftd_client_packet_t;
')
- dontaudit $1 inetd_child_client_packet_t:packet recv;
+ dontaudit $1 giftd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive inetd_child_client packets.
+## Send and receive giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27779,14 +28222,14 @@ interface(`corenet_dontaudit_receive_inetd_child_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_inetd_child_client_packets',`
- corenet_send_inetd_child_client_packets($1)
- corenet_receive_inetd_child_client_packets($1)
+interface(`corenet_sendrecv_giftd_client_packets',`
+ corenet_send_giftd_client_packets($1)
+ corenet_receive_giftd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive inetd_child_client packets.
+## Do not audit attempts to send and receive giftd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27795,14 +28238,14 @@ interface(`corenet_sendrecv_inetd_child_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_inetd_child_client_packets',`
- corenet_dontaudit_send_inetd_child_client_packets($1)
- corenet_dontaudit_receive_inetd_child_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_giftd_client_packets',`
+ corenet_dontaudit_send_giftd_client_packets($1)
+ corenet_dontaudit_receive_giftd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to inetd_child_client the packet type.
+## Relabel packets to giftd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -27810,18 +28253,18 @@ interface(`corenet_dontaudit_sendrecv_inetd_child_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_inetd_child_client_packets',`
+interface(`corenet_relabelto_giftd_client_packets',`
gen_require(`
- type inetd_child_client_packet_t;
+ type giftd_client_packet_t;
')
- allow $1 inetd_child_client_packet_t:packet relabelto;
+ allow $1 giftd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send inetd_child_server packets.
+## Send giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27830,17 +28273,17 @@ interface(`corenet_relabelto_inetd_child_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_inetd_child_server_packets',`
+interface(`corenet_send_giftd_server_packets',`
gen_require(`
- type inetd_child_server_packet_t;
+ type giftd_server_packet_t;
')
- allow $1 inetd_child_server_packet_t:packet send;
+ allow $1 giftd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send inetd_child_server packets.
+## Do not audit attempts to send giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27849,17 +28292,17 @@ interface(`corenet_send_inetd_child_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_inetd_child_server_packets',`
+interface(`corenet_dontaudit_send_giftd_server_packets',`
gen_require(`
- type inetd_child_server_packet_t;
+ type giftd_server_packet_t;
')
- dontaudit $1 inetd_child_server_packet_t:packet send;
+ dontaudit $1 giftd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive inetd_child_server packets.
+## Receive giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27868,17 +28311,17 @@ interface(`corenet_dontaudit_send_inetd_child_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_inetd_child_server_packets',`
+interface(`corenet_receive_giftd_server_packets',`
gen_require(`
- type inetd_child_server_packet_t;
+ type giftd_server_packet_t;
')
- allow $1 inetd_child_server_packet_t:packet recv;
+ allow $1 giftd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive inetd_child_server packets.
+## Do not audit attempts to receive giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27887,17 +28330,17 @@ interface(`corenet_receive_inetd_child_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_inetd_child_server_packets',`
+interface(`corenet_dontaudit_receive_giftd_server_packets',`
gen_require(`
- type inetd_child_server_packet_t;
+ type giftd_server_packet_t;
')
- dontaudit $1 inetd_child_server_packet_t:packet recv;
+ dontaudit $1 giftd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive inetd_child_server packets.
+## Send and receive giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27906,14 +28349,14 @@ interface(`corenet_dontaudit_receive_inetd_child_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_inetd_child_server_packets',`
- corenet_send_inetd_child_server_packets($1)
- corenet_receive_inetd_child_server_packets($1)
+interface(`corenet_sendrecv_giftd_server_packets',`
+ corenet_send_giftd_server_packets($1)
+ corenet_receive_giftd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive inetd_child_server packets.
+## Do not audit attempts to send and receive giftd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -27922,14 +28365,14 @@ interface(`corenet_sendrecv_inetd_child_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_inetd_child_server_packets',`
- corenet_dontaudit_send_inetd_child_server_packets($1)
- corenet_dontaudit_receive_inetd_child_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_giftd_server_packets',`
+ corenet_dontaudit_send_giftd_server_packets($1)
+ corenet_dontaudit_receive_giftd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to inetd_child_server the packet type.
+## Relabel packets to giftd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -27937,12 +28380,12 @@ interface(`corenet_dontaudit_sendrecv_inetd_child_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_inetd_child_server_packets',`
+interface(`corenet_relabelto_giftd_server_packets',`
gen_require(`
- type inetd_child_server_packet_t;
+ type giftd_server_packet_t;
')
- allow $1 inetd_child_server_packet_t:packet relabelto;
+ allow $1 giftd_server_packet_t:packet relabelto;
')
@@ -27950,7 +28393,7 @@ interface(`corenet_relabelto_inetd_child_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the innd port.
+## Send and receive TCP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -27959,17 +28402,17 @@ interface(`corenet_relabelto_inetd_child_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_innd_port',`
+interface(`corenet_tcp_sendrecv_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 git_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the innd port.
+## Send UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -27978,17 +28421,17 @@ interface(`corenet_tcp_sendrecv_innd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_innd_port',`
+interface(`corenet_udp_send_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:udp_socket send_msg;
+ allow $1 git_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the innd port.
+## Do not audit attempts to send UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -27997,17 +28440,17 @@ interface(`corenet_udp_send_innd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_innd_port',`
+interface(`corenet_dontaudit_udp_send_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- dontaudit $1 innd_port_t:udp_socket send_msg;
+ dontaudit $1 git_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the innd port.
+## Receive UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28016,17 +28459,17 @@ interface(`corenet_dontaudit_udp_send_innd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_innd_port',`
+interface(`corenet_udp_receive_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:udp_socket recv_msg;
+ allow $1 git_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the innd port.
+## Do not audit attempts to receive UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28035,17 +28478,17 @@ interface(`corenet_udp_receive_innd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_innd_port',`
+interface(`corenet_dontaudit_udp_receive_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- dontaudit $1 innd_port_t:udp_socket recv_msg;
+ dontaudit $1 git_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the innd port.
+## Send and receive UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28054,15 +28497,15 @@ interface(`corenet_dontaudit_udp_receive_innd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_innd_port',`
- corenet_udp_send_innd_port($1)
- corenet_udp_receive_innd_port($1)
+interface(`corenet_udp_sendrecv_git_port',`
+ corenet_udp_send_git_port($1)
+ corenet_udp_receive_git_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the innd port.
+## UDP traffic on the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28071,14 +28514,14 @@ interface(`corenet_udp_sendrecv_innd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_innd_port',`
- corenet_dontaudit_udp_send_innd_port($1)
- corenet_dontaudit_udp_receive_innd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_git_port',`
+ corenet_dontaudit_udp_send_git_port($1)
+ corenet_dontaudit_udp_receive_git_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the innd port.
+## Bind TCP sockets to the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28087,18 +28530,18 @@ interface(`corenet_dontaudit_udp_sendrecv_innd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_innd_port',`
+interface(`corenet_tcp_bind_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 git_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the innd port.
+## Bind UDP sockets to the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28107,18 +28550,18 @@ interface(`corenet_tcp_bind_innd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_innd_port',`
+interface(`corenet_udp_bind_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 git_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the innd port.
+## Make a TCP connection to the git port.
## </summary>
## <param name="domain">
## <summary>
@@ -28126,18 +28569,18 @@ interface(`corenet_udp_bind_innd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_innd_port',`
+interface(`corenet_tcp_connect_git_port',`
gen_require(`
- type innd_port_t;
+ type git_port_t;
')
- allow $1 innd_port_t:tcp_socket name_connect;
+ allow $1 git_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send innd_client packets.
+## Send git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28146,17 +28589,17 @@ interface(`corenet_tcp_connect_innd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_innd_client_packets',`
+interface(`corenet_send_git_client_packets',`
gen_require(`
- type innd_client_packet_t;
+ type git_client_packet_t;
')
- allow $1 innd_client_packet_t:packet send;
+ allow $1 git_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send innd_client packets.
+## Do not audit attempts to send git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28165,17 +28608,17 @@ interface(`corenet_send_innd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_innd_client_packets',`
+interface(`corenet_dontaudit_send_git_client_packets',`
gen_require(`
- type innd_client_packet_t;
+ type git_client_packet_t;
')
- dontaudit $1 innd_client_packet_t:packet send;
+ dontaudit $1 git_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive innd_client packets.
+## Receive git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28184,17 +28627,17 @@ interface(`corenet_dontaudit_send_innd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_innd_client_packets',`
+interface(`corenet_receive_git_client_packets',`
gen_require(`
- type innd_client_packet_t;
+ type git_client_packet_t;
')
- allow $1 innd_client_packet_t:packet recv;
+ allow $1 git_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive innd_client packets.
+## Do not audit attempts to receive git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28203,17 +28646,17 @@ interface(`corenet_receive_innd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_innd_client_packets',`
+interface(`corenet_dontaudit_receive_git_client_packets',`
gen_require(`
- type innd_client_packet_t;
+ type git_client_packet_t;
')
- dontaudit $1 innd_client_packet_t:packet recv;
+ dontaudit $1 git_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive innd_client packets.
+## Send and receive git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28222,14 +28665,14 @@ interface(`corenet_dontaudit_receive_innd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_innd_client_packets',`
- corenet_send_innd_client_packets($1)
- corenet_receive_innd_client_packets($1)
+interface(`corenet_sendrecv_git_client_packets',`
+ corenet_send_git_client_packets($1)
+ corenet_receive_git_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive innd_client packets.
+## Do not audit attempts to send and receive git_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28238,14 +28681,14 @@ interface(`corenet_sendrecv_innd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_innd_client_packets',`
- corenet_dontaudit_send_innd_client_packets($1)
- corenet_dontaudit_receive_innd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_git_client_packets',`
+ corenet_dontaudit_send_git_client_packets($1)
+ corenet_dontaudit_receive_git_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to innd_client the packet type.
+## Relabel packets to git_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -28253,18 +28696,18 @@ interface(`corenet_dontaudit_sendrecv_innd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_innd_client_packets',`
+interface(`corenet_relabelto_git_client_packets',`
gen_require(`
- type innd_client_packet_t;
+ type git_client_packet_t;
')
- allow $1 innd_client_packet_t:packet relabelto;
+ allow $1 git_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send innd_server packets.
+## Send git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28273,17 +28716,17 @@ interface(`corenet_relabelto_innd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_innd_server_packets',`
+interface(`corenet_send_git_server_packets',`
gen_require(`
- type innd_server_packet_t;
+ type git_server_packet_t;
')
- allow $1 innd_server_packet_t:packet send;
+ allow $1 git_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send innd_server packets.
+## Do not audit attempts to send git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28292,17 +28735,17 @@ interface(`corenet_send_innd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_innd_server_packets',`
+interface(`corenet_dontaudit_send_git_server_packets',`
gen_require(`
- type innd_server_packet_t;
+ type git_server_packet_t;
')
- dontaudit $1 innd_server_packet_t:packet send;
+ dontaudit $1 git_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive innd_server packets.
+## Receive git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28311,17 +28754,17 @@ interface(`corenet_dontaudit_send_innd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_innd_server_packets',`
+interface(`corenet_receive_git_server_packets',`
gen_require(`
- type innd_server_packet_t;
+ type git_server_packet_t;
')
- allow $1 innd_server_packet_t:packet recv;
+ allow $1 git_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive innd_server packets.
+## Do not audit attempts to receive git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28330,17 +28773,17 @@ interface(`corenet_receive_innd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_innd_server_packets',`
+interface(`corenet_dontaudit_receive_git_server_packets',`
gen_require(`
- type innd_server_packet_t;
+ type git_server_packet_t;
')
- dontaudit $1 innd_server_packet_t:packet recv;
+ dontaudit $1 git_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive innd_server packets.
+## Send and receive git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28349,14 +28792,14 @@ interface(`corenet_dontaudit_receive_innd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_innd_server_packets',`
- corenet_send_innd_server_packets($1)
- corenet_receive_innd_server_packets($1)
+interface(`corenet_sendrecv_git_server_packets',`
+ corenet_send_git_server_packets($1)
+ corenet_receive_git_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive innd_server packets.
+## Do not audit attempts to send and receive git_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28365,14 +28808,14 @@ interface(`corenet_sendrecv_innd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_innd_server_packets',`
- corenet_dontaudit_send_innd_server_packets($1)
- corenet_dontaudit_receive_innd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_git_server_packets',`
+ corenet_dontaudit_send_git_server_packets($1)
+ corenet_dontaudit_receive_git_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to innd_server the packet type.
+## Relabel packets to git_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -28380,12 +28823,12 @@ interface(`corenet_dontaudit_sendrecv_innd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_innd_server_packets',`
+interface(`corenet_relabelto_git_server_packets',`
gen_require(`
- type innd_server_packet_t;
+ type git_server_packet_t;
')
- allow $1 innd_server_packet_t:packet relabelto;
+ allow $1 git_server_packet_t:packet relabelto;
')
@@ -28393,7 +28836,7 @@ interface(`corenet_relabelto_innd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ipmi port.
+## Send and receive TCP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28402,17 +28845,17 @@ interface(`corenet_relabelto_innd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ipmi_port',`
+interface(`corenet_tcp_sendrecv_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 glance_registry_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ipmi port.
+## Send UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28421,17 +28864,17 @@ interface(`corenet_tcp_sendrecv_ipmi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ipmi_port',`
+interface(`corenet_udp_send_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:udp_socket send_msg;
+ allow $1 glance_registry_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ipmi port.
+## Do not audit attempts to send UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28440,17 +28883,17 @@ interface(`corenet_udp_send_ipmi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ipmi_port',`
+interface(`corenet_dontaudit_udp_send_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- dontaudit $1 ipmi_port_t:udp_socket send_msg;
+ dontaudit $1 glance_registry_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ipmi port.
+## Receive UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28459,17 +28902,17 @@ interface(`corenet_dontaudit_udp_send_ipmi_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ipmi_port',`
+interface(`corenet_udp_receive_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:udp_socket recv_msg;
+ allow $1 glance_registry_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ipmi port.
+## Do not audit attempts to receive UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28478,17 +28921,17 @@ interface(`corenet_udp_receive_ipmi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ipmi_port',`
+interface(`corenet_dontaudit_udp_receive_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- dontaudit $1 ipmi_port_t:udp_socket recv_msg;
+ dontaudit $1 glance_registry_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ipmi port.
+## Send and receive UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28497,15 +28940,15 @@ interface(`corenet_dontaudit_udp_receive_ipmi_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ipmi_port',`
- corenet_udp_send_ipmi_port($1)
- corenet_udp_receive_ipmi_port($1)
+interface(`corenet_udp_sendrecv_glance_registry_port',`
+ corenet_udp_send_glance_registry_port($1)
+ corenet_udp_receive_glance_registry_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ipmi port.
+## UDP traffic on the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28514,14 +28957,14 @@ interface(`corenet_udp_sendrecv_ipmi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ipmi_port',`
- corenet_dontaudit_udp_send_ipmi_port($1)
- corenet_dontaudit_udp_receive_ipmi_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_glance_registry_port',`
+ corenet_dontaudit_udp_send_glance_registry_port($1)
+ corenet_dontaudit_udp_receive_glance_registry_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ipmi port.
+## Bind TCP sockets to the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28530,18 +28973,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ipmi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ipmi_port',`
+interface(`corenet_tcp_bind_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 glance_registry_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ipmi port.
+## Bind UDP sockets to the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28550,18 +28993,18 @@ interface(`corenet_tcp_bind_ipmi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ipmi_port',`
+interface(`corenet_udp_bind_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 glance_registry_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ipmi port.
+## Make a TCP connection to the glance_registry port.
## </summary>
## <param name="domain">
## <summary>
@@ -28569,18 +29012,18 @@ interface(`corenet_udp_bind_ipmi_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ipmi_port',`
+interface(`corenet_tcp_connect_glance_registry_port',`
gen_require(`
- type ipmi_port_t;
+ type glance_registry_port_t;
')
- allow $1 ipmi_port_t:tcp_socket name_connect;
+ allow $1 glance_registry_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ipmi_client packets.
+## Send glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28589,17 +29032,17 @@ interface(`corenet_tcp_connect_ipmi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipmi_client_packets',`
+interface(`corenet_send_glance_registry_client_packets',`
gen_require(`
- type ipmi_client_packet_t;
+ type glance_registry_client_packet_t;
')
- allow $1 ipmi_client_packet_t:packet send;
+ allow $1 glance_registry_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipmi_client packets.
+## Do not audit attempts to send glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28608,17 +29051,17 @@ interface(`corenet_send_ipmi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipmi_client_packets',`
+interface(`corenet_dontaudit_send_glance_registry_client_packets',`
gen_require(`
- type ipmi_client_packet_t;
+ type glance_registry_client_packet_t;
')
- dontaudit $1 ipmi_client_packet_t:packet send;
+ dontaudit $1 glance_registry_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipmi_client packets.
+## Receive glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28627,17 +29070,17 @@ interface(`corenet_dontaudit_send_ipmi_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipmi_client_packets',`
+interface(`corenet_receive_glance_registry_client_packets',`
gen_require(`
- type ipmi_client_packet_t;
+ type glance_registry_client_packet_t;
')
- allow $1 ipmi_client_packet_t:packet recv;
+ allow $1 glance_registry_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipmi_client packets.
+## Do not audit attempts to receive glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28646,17 +29089,17 @@ interface(`corenet_receive_ipmi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipmi_client_packets',`
+interface(`corenet_dontaudit_receive_glance_registry_client_packets',`
gen_require(`
- type ipmi_client_packet_t;
+ type glance_registry_client_packet_t;
')
- dontaudit $1 ipmi_client_packet_t:packet recv;
+ dontaudit $1 glance_registry_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipmi_client packets.
+## Send and receive glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28665,14 +29108,14 @@ interface(`corenet_dontaudit_receive_ipmi_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipmi_client_packets',`
- corenet_send_ipmi_client_packets($1)
- corenet_receive_ipmi_client_packets($1)
+interface(`corenet_sendrecv_glance_registry_client_packets',`
+ corenet_send_glance_registry_client_packets($1)
+ corenet_receive_glance_registry_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipmi_client packets.
+## Do not audit attempts to send and receive glance_registry_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28681,14 +29124,14 @@ interface(`corenet_sendrecv_ipmi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipmi_client_packets',`
- corenet_dontaudit_send_ipmi_client_packets($1)
- corenet_dontaudit_receive_ipmi_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_glance_registry_client_packets',`
+ corenet_dontaudit_send_glance_registry_client_packets($1)
+ corenet_dontaudit_receive_glance_registry_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipmi_client the packet type.
+## Relabel packets to glance_registry_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -28696,18 +29139,18 @@ interface(`corenet_dontaudit_sendrecv_ipmi_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipmi_client_packets',`
+interface(`corenet_relabelto_glance_registry_client_packets',`
gen_require(`
- type ipmi_client_packet_t;
+ type glance_registry_client_packet_t;
')
- allow $1 ipmi_client_packet_t:packet relabelto;
+ allow $1 glance_registry_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ipmi_server packets.
+## Send glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28716,17 +29159,17 @@ interface(`corenet_relabelto_ipmi_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipmi_server_packets',`
+interface(`corenet_send_glance_registry_server_packets',`
gen_require(`
- type ipmi_server_packet_t;
+ type glance_registry_server_packet_t;
')
- allow $1 ipmi_server_packet_t:packet send;
+ allow $1 glance_registry_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipmi_server packets.
+## Do not audit attempts to send glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28735,17 +29178,17 @@ interface(`corenet_send_ipmi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipmi_server_packets',`
+interface(`corenet_dontaudit_send_glance_registry_server_packets',`
gen_require(`
- type ipmi_server_packet_t;
+ type glance_registry_server_packet_t;
')
- dontaudit $1 ipmi_server_packet_t:packet send;
+ dontaudit $1 glance_registry_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipmi_server packets.
+## Receive glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28754,17 +29197,17 @@ interface(`corenet_dontaudit_send_ipmi_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipmi_server_packets',`
+interface(`corenet_receive_glance_registry_server_packets',`
gen_require(`
- type ipmi_server_packet_t;
+ type glance_registry_server_packet_t;
')
- allow $1 ipmi_server_packet_t:packet recv;
+ allow $1 glance_registry_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipmi_server packets.
+## Do not audit attempts to receive glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28773,17 +29216,17 @@ interface(`corenet_receive_ipmi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipmi_server_packets',`
+interface(`corenet_dontaudit_receive_glance_registry_server_packets',`
gen_require(`
- type ipmi_server_packet_t;
+ type glance_registry_server_packet_t;
')
- dontaudit $1 ipmi_server_packet_t:packet recv;
+ dontaudit $1 glance_registry_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipmi_server packets.
+## Send and receive glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28792,14 +29235,14 @@ interface(`corenet_dontaudit_receive_ipmi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipmi_server_packets',`
- corenet_send_ipmi_server_packets($1)
- corenet_receive_ipmi_server_packets($1)
+interface(`corenet_sendrecv_glance_registry_server_packets',`
+ corenet_send_glance_registry_server_packets($1)
+ corenet_receive_glance_registry_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipmi_server packets.
+## Do not audit attempts to send and receive glance_registry_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -28808,14 +29251,14 @@ interface(`corenet_sendrecv_ipmi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipmi_server_packets',`
- corenet_dontaudit_send_ipmi_server_packets($1)
- corenet_dontaudit_receive_ipmi_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_glance_registry_server_packets',`
+ corenet_dontaudit_send_glance_registry_server_packets($1)
+ corenet_dontaudit_receive_glance_registry_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipmi_server the packet type.
+## Relabel packets to glance_registry_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -28823,12 +29266,12 @@ interface(`corenet_dontaudit_sendrecv_ipmi_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipmi_server_packets',`
+interface(`corenet_relabelto_glance_registry_server_packets',`
gen_require(`
- type ipmi_server_packet_t;
+ type glance_registry_server_packet_t;
')
- allow $1 ipmi_server_packet_t:packet relabelto;
+ allow $1 glance_registry_server_packet_t:packet relabelto;
')
@@ -28836,7 +29279,7 @@ interface(`corenet_relabelto_ipmi_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ipp port.
+## Send and receive TCP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28845,17 +29288,17 @@ interface(`corenet_relabelto_ipmi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ipp_port',`
+interface(`corenet_tcp_sendrecv_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 gopher_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ipp port.
+## Send UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28864,17 +29307,17 @@ interface(`corenet_tcp_sendrecv_ipp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ipp_port',`
+interface(`corenet_udp_send_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:udp_socket send_msg;
+ allow $1 gopher_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ipp port.
+## Do not audit attempts to send UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28883,17 +29326,17 @@ interface(`corenet_udp_send_ipp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ipp_port',`
+interface(`corenet_dontaudit_udp_send_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- dontaudit $1 ipp_port_t:udp_socket send_msg;
+ dontaudit $1 gopher_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ipp port.
+## Receive UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28902,17 +29345,17 @@ interface(`corenet_dontaudit_udp_send_ipp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ipp_port',`
+interface(`corenet_udp_receive_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:udp_socket recv_msg;
+ allow $1 gopher_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ipp port.
+## Do not audit attempts to receive UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28921,17 +29364,17 @@ interface(`corenet_udp_receive_ipp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ipp_port',`
+interface(`corenet_dontaudit_udp_receive_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- dontaudit $1 ipp_port_t:udp_socket recv_msg;
+ dontaudit $1 gopher_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ipp port.
+## Send and receive UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28940,15 +29383,15 @@ interface(`corenet_dontaudit_udp_receive_ipp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ipp_port',`
- corenet_udp_send_ipp_port($1)
- corenet_udp_receive_ipp_port($1)
+interface(`corenet_udp_sendrecv_gopher_port',`
+ corenet_udp_send_gopher_port($1)
+ corenet_udp_receive_gopher_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ipp port.
+## UDP traffic on the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28957,14 +29400,14 @@ interface(`corenet_udp_sendrecv_ipp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ipp_port',`
- corenet_dontaudit_udp_send_ipp_port($1)
- corenet_dontaudit_udp_receive_ipp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_gopher_port',`
+ corenet_dontaudit_udp_send_gopher_port($1)
+ corenet_dontaudit_udp_receive_gopher_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ipp port.
+## Bind TCP sockets to the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28973,18 +29416,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ipp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ipp_port',`
+interface(`corenet_tcp_bind_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:tcp_socket name_bind;
+ allow $1 gopher_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ipp port.
+## Bind UDP sockets to the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -28993,18 +29436,18 @@ interface(`corenet_tcp_bind_ipp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ipp_port',`
+interface(`corenet_udp_bind_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:udp_socket name_bind;
+ allow $1 gopher_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ipp port.
+## Make a TCP connection to the gopher port.
## </summary>
## <param name="domain">
## <summary>
@@ -29012,18 +29455,18 @@ interface(`corenet_udp_bind_ipp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ipp_port',`
+interface(`corenet_tcp_connect_gopher_port',`
gen_require(`
- type ipp_port_t;
+ type gopher_port_t;
')
- allow $1 ipp_port_t:tcp_socket name_connect;
+ allow $1 gopher_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ipp_client packets.
+## Send gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29032,17 +29475,17 @@ interface(`corenet_tcp_connect_ipp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipp_client_packets',`
+interface(`corenet_send_gopher_client_packets',`
gen_require(`
- type ipp_client_packet_t;
+ type gopher_client_packet_t;
')
- allow $1 ipp_client_packet_t:packet send;
+ allow $1 gopher_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipp_client packets.
+## Do not audit attempts to send gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29051,17 +29494,17 @@ interface(`corenet_send_ipp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipp_client_packets',`
+interface(`corenet_dontaudit_send_gopher_client_packets',`
gen_require(`
- type ipp_client_packet_t;
+ type gopher_client_packet_t;
')
- dontaudit $1 ipp_client_packet_t:packet send;
+ dontaudit $1 gopher_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipp_client packets.
+## Receive gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29070,17 +29513,17 @@ interface(`corenet_dontaudit_send_ipp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipp_client_packets',`
+interface(`corenet_receive_gopher_client_packets',`
gen_require(`
- type ipp_client_packet_t;
+ type gopher_client_packet_t;
')
- allow $1 ipp_client_packet_t:packet recv;
+ allow $1 gopher_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipp_client packets.
+## Do not audit attempts to receive gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29089,17 +29532,17 @@ interface(`corenet_receive_ipp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipp_client_packets',`
+interface(`corenet_dontaudit_receive_gopher_client_packets',`
gen_require(`
- type ipp_client_packet_t;
+ type gopher_client_packet_t;
')
- dontaudit $1 ipp_client_packet_t:packet recv;
+ dontaudit $1 gopher_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipp_client packets.
+## Send and receive gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29108,14 +29551,14 @@ interface(`corenet_dontaudit_receive_ipp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipp_client_packets',`
- corenet_send_ipp_client_packets($1)
- corenet_receive_ipp_client_packets($1)
+interface(`corenet_sendrecv_gopher_client_packets',`
+ corenet_send_gopher_client_packets($1)
+ corenet_receive_gopher_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipp_client packets.
+## Do not audit attempts to send and receive gopher_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29124,14 +29567,14 @@ interface(`corenet_sendrecv_ipp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipp_client_packets',`
- corenet_dontaudit_send_ipp_client_packets($1)
- corenet_dontaudit_receive_ipp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_gopher_client_packets',`
+ corenet_dontaudit_send_gopher_client_packets($1)
+ corenet_dontaudit_receive_gopher_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipp_client the packet type.
+## Relabel packets to gopher_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -29139,18 +29582,18 @@ interface(`corenet_dontaudit_sendrecv_ipp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipp_client_packets',`
+interface(`corenet_relabelto_gopher_client_packets',`
gen_require(`
- type ipp_client_packet_t;
+ type gopher_client_packet_t;
')
- allow $1 ipp_client_packet_t:packet relabelto;
+ allow $1 gopher_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ipp_server packets.
+## Send gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29159,17 +29602,17 @@ interface(`corenet_relabelto_ipp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipp_server_packets',`
+interface(`corenet_send_gopher_server_packets',`
gen_require(`
- type ipp_server_packet_t;
+ type gopher_server_packet_t;
')
- allow $1 ipp_server_packet_t:packet send;
+ allow $1 gopher_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipp_server packets.
+## Do not audit attempts to send gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29178,17 +29621,17 @@ interface(`corenet_send_ipp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipp_server_packets',`
+interface(`corenet_dontaudit_send_gopher_server_packets',`
gen_require(`
- type ipp_server_packet_t;
+ type gopher_server_packet_t;
')
- dontaudit $1 ipp_server_packet_t:packet send;
+ dontaudit $1 gopher_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipp_server packets.
+## Receive gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29197,17 +29640,17 @@ interface(`corenet_dontaudit_send_ipp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipp_server_packets',`
+interface(`corenet_receive_gopher_server_packets',`
gen_require(`
- type ipp_server_packet_t;
+ type gopher_server_packet_t;
')
- allow $1 ipp_server_packet_t:packet recv;
+ allow $1 gopher_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipp_server packets.
+## Do not audit attempts to receive gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29216,17 +29659,17 @@ interface(`corenet_receive_ipp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipp_server_packets',`
+interface(`corenet_dontaudit_receive_gopher_server_packets',`
gen_require(`
- type ipp_server_packet_t;
+ type gopher_server_packet_t;
')
- dontaudit $1 ipp_server_packet_t:packet recv;
+ dontaudit $1 gopher_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipp_server packets.
+## Send and receive gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29235,14 +29678,14 @@ interface(`corenet_dontaudit_receive_ipp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipp_server_packets',`
- corenet_send_ipp_server_packets($1)
- corenet_receive_ipp_server_packets($1)
+interface(`corenet_sendrecv_gopher_server_packets',`
+ corenet_send_gopher_server_packets($1)
+ corenet_receive_gopher_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipp_server packets.
+## Do not audit attempts to send and receive gopher_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29251,14 +29694,14 @@ interface(`corenet_sendrecv_ipp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipp_server_packets',`
- corenet_dontaudit_send_ipp_server_packets($1)
- corenet_dontaudit_receive_ipp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_gopher_server_packets',`
+ corenet_dontaudit_send_gopher_server_packets($1)
+ corenet_dontaudit_receive_gopher_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipp_server the packet type.
+## Relabel packets to gopher_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -29266,12 +29709,12 @@ interface(`corenet_dontaudit_sendrecv_ipp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipp_server_packets',`
+interface(`corenet_relabelto_gopher_server_packets',`
gen_require(`
- type ipp_server_packet_t;
+ type gopher_server_packet_t;
')
- allow $1 ipp_server_packet_t:packet relabelto;
+ allow $1 gopher_server_packet_t:packet relabelto;
')
@@ -29279,7 +29722,7 @@ interface(`corenet_relabelto_ipp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ipsecnat port.
+## Send and receive TCP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29288,17 +29731,17 @@ interface(`corenet_relabelto_ipp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ipsecnat_port',`
+interface(`corenet_tcp_sendrecv_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 gpsd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ipsecnat port.
+## Send UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29307,17 +29750,17 @@ interface(`corenet_tcp_sendrecv_ipsecnat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ipsecnat_port',`
+interface(`corenet_udp_send_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:udp_socket send_msg;
+ allow $1 gpsd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ipsecnat port.
+## Do not audit attempts to send UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29326,17 +29769,17 @@ interface(`corenet_udp_send_ipsecnat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ipsecnat_port',`
+interface(`corenet_dontaudit_udp_send_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- dontaudit $1 ipsecnat_port_t:udp_socket send_msg;
+ dontaudit $1 gpsd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ipsecnat port.
+## Receive UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29345,17 +29788,17 @@ interface(`corenet_dontaudit_udp_send_ipsecnat_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ipsecnat_port',`
+interface(`corenet_udp_receive_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:udp_socket recv_msg;
+ allow $1 gpsd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ipsecnat port.
+## Do not audit attempts to receive UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29364,17 +29807,17 @@ interface(`corenet_udp_receive_ipsecnat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ipsecnat_port',`
+interface(`corenet_dontaudit_udp_receive_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- dontaudit $1 ipsecnat_port_t:udp_socket recv_msg;
+ dontaudit $1 gpsd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ipsecnat port.
+## Send and receive UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29383,15 +29826,15 @@ interface(`corenet_dontaudit_udp_receive_ipsecnat_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ipsecnat_port',`
- corenet_udp_send_ipsecnat_port($1)
- corenet_udp_receive_ipsecnat_port($1)
+interface(`corenet_udp_sendrecv_gpsd_port',`
+ corenet_udp_send_gpsd_port($1)
+ corenet_udp_receive_gpsd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ipsecnat port.
+## UDP traffic on the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29400,14 +29843,14 @@ interface(`corenet_udp_sendrecv_ipsecnat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ipsecnat_port',`
- corenet_dontaudit_udp_send_ipsecnat_port($1)
- corenet_dontaudit_udp_receive_ipsecnat_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_gpsd_port',`
+ corenet_dontaudit_udp_send_gpsd_port($1)
+ corenet_dontaudit_udp_receive_gpsd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ipsecnat port.
+## Bind TCP sockets to the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29416,18 +29859,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ipsecnat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ipsecnat_port',`
+interface(`corenet_tcp_bind_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:tcp_socket name_bind;
+ allow $1 gpsd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ipsecnat port.
+## Bind UDP sockets to the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29436,18 +29879,18 @@ interface(`corenet_tcp_bind_ipsecnat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ipsecnat_port',`
+interface(`corenet_udp_bind_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:udp_socket name_bind;
+ allow $1 gpsd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ipsecnat port.
+## Make a TCP connection to the gpsd port.
## </summary>
## <param name="domain">
## <summary>
@@ -29455,18 +29898,18 @@ interface(`corenet_udp_bind_ipsecnat_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ipsecnat_port',`
+interface(`corenet_tcp_connect_gpsd_port',`
gen_require(`
- type ipsecnat_port_t;
+ type gpsd_port_t;
')
- allow $1 ipsecnat_port_t:tcp_socket name_connect;
+ allow $1 gpsd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ipsecnat_client packets.
+## Send gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29475,17 +29918,17 @@ interface(`corenet_tcp_connect_ipsecnat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipsecnat_client_packets',`
+interface(`corenet_send_gpsd_client_packets',`
gen_require(`
- type ipsecnat_client_packet_t;
+ type gpsd_client_packet_t;
')
- allow $1 ipsecnat_client_packet_t:packet send;
+ allow $1 gpsd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipsecnat_client packets.
+## Do not audit attempts to send gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29494,17 +29937,17 @@ interface(`corenet_send_ipsecnat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipsecnat_client_packets',`
+interface(`corenet_dontaudit_send_gpsd_client_packets',`
gen_require(`
- type ipsecnat_client_packet_t;
+ type gpsd_client_packet_t;
')
- dontaudit $1 ipsecnat_client_packet_t:packet send;
+ dontaudit $1 gpsd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipsecnat_client packets.
+## Receive gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29513,17 +29956,17 @@ interface(`corenet_dontaudit_send_ipsecnat_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipsecnat_client_packets',`
+interface(`corenet_receive_gpsd_client_packets',`
gen_require(`
- type ipsecnat_client_packet_t;
+ type gpsd_client_packet_t;
')
- allow $1 ipsecnat_client_packet_t:packet recv;
+ allow $1 gpsd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipsecnat_client packets.
+## Do not audit attempts to receive gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29532,17 +29975,17 @@ interface(`corenet_receive_ipsecnat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipsecnat_client_packets',`
+interface(`corenet_dontaudit_receive_gpsd_client_packets',`
gen_require(`
- type ipsecnat_client_packet_t;
+ type gpsd_client_packet_t;
')
- dontaudit $1 ipsecnat_client_packet_t:packet recv;
+ dontaudit $1 gpsd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipsecnat_client packets.
+## Send and receive gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29551,14 +29994,14 @@ interface(`corenet_dontaudit_receive_ipsecnat_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipsecnat_client_packets',`
- corenet_send_ipsecnat_client_packets($1)
- corenet_receive_ipsecnat_client_packets($1)
+interface(`corenet_sendrecv_gpsd_client_packets',`
+ corenet_send_gpsd_client_packets($1)
+ corenet_receive_gpsd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipsecnat_client packets.
+## Do not audit attempts to send and receive gpsd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29567,14 +30010,14 @@ interface(`corenet_sendrecv_ipsecnat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipsecnat_client_packets',`
- corenet_dontaudit_send_ipsecnat_client_packets($1)
- corenet_dontaudit_receive_ipsecnat_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_gpsd_client_packets',`
+ corenet_dontaudit_send_gpsd_client_packets($1)
+ corenet_dontaudit_receive_gpsd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipsecnat_client the packet type.
+## Relabel packets to gpsd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -29582,18 +30025,18 @@ interface(`corenet_dontaudit_sendrecv_ipsecnat_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipsecnat_client_packets',`
+interface(`corenet_relabelto_gpsd_client_packets',`
gen_require(`
- type ipsecnat_client_packet_t;
+ type gpsd_client_packet_t;
')
- allow $1 ipsecnat_client_packet_t:packet relabelto;
+ allow $1 gpsd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ipsecnat_server packets.
+## Send gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29602,17 +30045,17 @@ interface(`corenet_relabelto_ipsecnat_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ipsecnat_server_packets',`
+interface(`corenet_send_gpsd_server_packets',`
gen_require(`
- type ipsecnat_server_packet_t;
+ type gpsd_server_packet_t;
')
- allow $1 ipsecnat_server_packet_t:packet send;
+ allow $1 gpsd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ipsecnat_server packets.
+## Do not audit attempts to send gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29621,17 +30064,17 @@ interface(`corenet_send_ipsecnat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ipsecnat_server_packets',`
+interface(`corenet_dontaudit_send_gpsd_server_packets',`
gen_require(`
- type ipsecnat_server_packet_t;
+ type gpsd_server_packet_t;
')
- dontaudit $1 ipsecnat_server_packet_t:packet send;
+ dontaudit $1 gpsd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ipsecnat_server packets.
+## Receive gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29640,17 +30083,17 @@ interface(`corenet_dontaudit_send_ipsecnat_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ipsecnat_server_packets',`
+interface(`corenet_receive_gpsd_server_packets',`
gen_require(`
- type ipsecnat_server_packet_t;
+ type gpsd_server_packet_t;
')
- allow $1 ipsecnat_server_packet_t:packet recv;
+ allow $1 gpsd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ipsecnat_server packets.
+## Do not audit attempts to receive gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29659,17 +30102,17 @@ interface(`corenet_receive_ipsecnat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ipsecnat_server_packets',`
+interface(`corenet_dontaudit_receive_gpsd_server_packets',`
gen_require(`
- type ipsecnat_server_packet_t;
+ type gpsd_server_packet_t;
')
- dontaudit $1 ipsecnat_server_packet_t:packet recv;
+ dontaudit $1 gpsd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ipsecnat_server packets.
+## Send and receive gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29678,14 +30121,14 @@ interface(`corenet_dontaudit_receive_ipsecnat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ipsecnat_server_packets',`
- corenet_send_ipsecnat_server_packets($1)
- corenet_receive_ipsecnat_server_packets($1)
+interface(`corenet_sendrecv_gpsd_server_packets',`
+ corenet_send_gpsd_server_packets($1)
+ corenet_receive_gpsd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ipsecnat_server packets.
+## Do not audit attempts to send and receive gpsd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29694,14 +30137,14 @@ interface(`corenet_sendrecv_ipsecnat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ipsecnat_server_packets',`
- corenet_dontaudit_send_ipsecnat_server_packets($1)
- corenet_dontaudit_receive_ipsecnat_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_gpsd_server_packets',`
+ corenet_dontaudit_send_gpsd_server_packets($1)
+ corenet_dontaudit_receive_gpsd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ipsecnat_server the packet type.
+## Relabel packets to gpsd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -29709,12 +30152,12 @@ interface(`corenet_dontaudit_sendrecv_ipsecnat_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ipsecnat_server_packets',`
+interface(`corenet_relabelto_gpsd_server_packets',`
gen_require(`
- type ipsecnat_server_packet_t;
+ type gpsd_server_packet_t;
')
- allow $1 ipsecnat_server_packet_t:packet relabelto;
+ allow $1 gpsd_server_packet_t:packet relabelto;
')
@@ -29722,7 +30165,7 @@ interface(`corenet_relabelto_ipsecnat_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ircd port.
+## Send and receive TCP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29731,17 +30174,17 @@ interface(`corenet_relabelto_ipsecnat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ircd_port',`
+interface(`corenet_tcp_sendrecv_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 hadoop_datanode_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ircd port.
+## Send UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29750,17 +30193,17 @@ interface(`corenet_tcp_sendrecv_ircd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ircd_port',`
+interface(`corenet_udp_send_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:udp_socket send_msg;
+ allow $1 hadoop_datanode_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ircd port.
+## Do not audit attempts to send UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29769,17 +30212,17 @@ interface(`corenet_udp_send_ircd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ircd_port',`
+interface(`corenet_dontaudit_udp_send_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- dontaudit $1 ircd_port_t:udp_socket send_msg;
+ dontaudit $1 hadoop_datanode_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ircd port.
+## Receive UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29788,17 +30231,17 @@ interface(`corenet_dontaudit_udp_send_ircd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ircd_port',`
+interface(`corenet_udp_receive_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:udp_socket recv_msg;
+ allow $1 hadoop_datanode_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ircd port.
+## Do not audit attempts to receive UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29807,17 +30250,17 @@ interface(`corenet_udp_receive_ircd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ircd_port',`
+interface(`corenet_dontaudit_udp_receive_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- dontaudit $1 ircd_port_t:udp_socket recv_msg;
+ dontaudit $1 hadoop_datanode_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ircd port.
+## Send and receive UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29826,15 +30269,15 @@ interface(`corenet_dontaudit_udp_receive_ircd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ircd_port',`
- corenet_udp_send_ircd_port($1)
- corenet_udp_receive_ircd_port($1)
+interface(`corenet_udp_sendrecv_hadoop_datanode_port',`
+ corenet_udp_send_hadoop_datanode_port($1)
+ corenet_udp_receive_hadoop_datanode_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ircd port.
+## UDP traffic on the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29843,14 +30286,14 @@ interface(`corenet_udp_sendrecv_ircd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ircd_port',`
- corenet_dontaudit_udp_send_ircd_port($1)
- corenet_dontaudit_udp_receive_ircd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_hadoop_datanode_port',`
+ corenet_dontaudit_udp_send_hadoop_datanode_port($1)
+ corenet_dontaudit_udp_receive_hadoop_datanode_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ircd port.
+## Bind TCP sockets to the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29859,18 +30302,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ircd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ircd_port',`
+interface(`corenet_tcp_bind_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:tcp_socket name_bind;
+ allow $1 hadoop_datanode_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ircd port.
+## Bind UDP sockets to the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29879,18 +30322,18 @@ interface(`corenet_tcp_bind_ircd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ircd_port',`
+interface(`corenet_udp_bind_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:udp_socket name_bind;
+ allow $1 hadoop_datanode_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ircd port.
+## Make a TCP connection to the hadoop_datanode port.
## </summary>
## <param name="domain">
## <summary>
@@ -29898,18 +30341,18 @@ interface(`corenet_udp_bind_ircd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ircd_port',`
+interface(`corenet_tcp_connect_hadoop_datanode_port',`
gen_require(`
- type ircd_port_t;
+ type hadoop_datanode_port_t;
')
- allow $1 ircd_port_t:tcp_socket name_connect;
+ allow $1 hadoop_datanode_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ircd_client packets.
+## Send hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29918,17 +30361,17 @@ interface(`corenet_tcp_connect_ircd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ircd_client_packets',`
+interface(`corenet_send_hadoop_datanode_client_packets',`
gen_require(`
- type ircd_client_packet_t;
+ type hadoop_datanode_client_packet_t;
')
- allow $1 ircd_client_packet_t:packet send;
+ allow $1 hadoop_datanode_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ircd_client packets.
+## Do not audit attempts to send hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29937,17 +30380,17 @@ interface(`corenet_send_ircd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ircd_client_packets',`
+interface(`corenet_dontaudit_send_hadoop_datanode_client_packets',`
gen_require(`
- type ircd_client_packet_t;
+ type hadoop_datanode_client_packet_t;
')
- dontaudit $1 ircd_client_packet_t:packet send;
+ dontaudit $1 hadoop_datanode_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ircd_client packets.
+## Receive hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29956,17 +30399,17 @@ interface(`corenet_dontaudit_send_ircd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ircd_client_packets',`
+interface(`corenet_receive_hadoop_datanode_client_packets',`
gen_require(`
- type ircd_client_packet_t;
+ type hadoop_datanode_client_packet_t;
')
- allow $1 ircd_client_packet_t:packet recv;
+ allow $1 hadoop_datanode_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ircd_client packets.
+## Do not audit attempts to receive hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29975,17 +30418,17 @@ interface(`corenet_receive_ircd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ircd_client_packets',`
+interface(`corenet_dontaudit_receive_hadoop_datanode_client_packets',`
gen_require(`
- type ircd_client_packet_t;
+ type hadoop_datanode_client_packet_t;
')
- dontaudit $1 ircd_client_packet_t:packet recv;
+ dontaudit $1 hadoop_datanode_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ircd_client packets.
+## Send and receive hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -29994,14 +30437,14 @@ interface(`corenet_dontaudit_receive_ircd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ircd_client_packets',`
- corenet_send_ircd_client_packets($1)
- corenet_receive_ircd_client_packets($1)
+interface(`corenet_sendrecv_hadoop_datanode_client_packets',`
+ corenet_send_hadoop_datanode_client_packets($1)
+ corenet_receive_hadoop_datanode_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ircd_client packets.
+## Do not audit attempts to send and receive hadoop_datanode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30010,14 +30453,14 @@ interface(`corenet_sendrecv_ircd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ircd_client_packets',`
- corenet_dontaudit_send_ircd_client_packets($1)
- corenet_dontaudit_receive_ircd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_hadoop_datanode_client_packets',`
+ corenet_dontaudit_send_hadoop_datanode_client_packets($1)
+ corenet_dontaudit_receive_hadoop_datanode_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ircd_client the packet type.
+## Relabel packets to hadoop_datanode_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -30025,18 +30468,18 @@ interface(`corenet_dontaudit_sendrecv_ircd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ircd_client_packets',`
+interface(`corenet_relabelto_hadoop_datanode_client_packets',`
gen_require(`
- type ircd_client_packet_t;
+ type hadoop_datanode_client_packet_t;
')
- allow $1 ircd_client_packet_t:packet relabelto;
+ allow $1 hadoop_datanode_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ircd_server packets.
+## Send hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30045,17 +30488,17 @@ interface(`corenet_relabelto_ircd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ircd_server_packets',`
+interface(`corenet_send_hadoop_datanode_server_packets',`
gen_require(`
- type ircd_server_packet_t;
+ type hadoop_datanode_server_packet_t;
')
- allow $1 ircd_server_packet_t:packet send;
+ allow $1 hadoop_datanode_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ircd_server packets.
+## Do not audit attempts to send hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30064,17 +30507,17 @@ interface(`corenet_send_ircd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ircd_server_packets',`
+interface(`corenet_dontaudit_send_hadoop_datanode_server_packets',`
gen_require(`
- type ircd_server_packet_t;
+ type hadoop_datanode_server_packet_t;
')
- dontaudit $1 ircd_server_packet_t:packet send;
+ dontaudit $1 hadoop_datanode_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ircd_server packets.
+## Receive hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30083,17 +30526,17 @@ interface(`corenet_dontaudit_send_ircd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ircd_server_packets',`
+interface(`corenet_receive_hadoop_datanode_server_packets',`
gen_require(`
- type ircd_server_packet_t;
+ type hadoop_datanode_server_packet_t;
')
- allow $1 ircd_server_packet_t:packet recv;
+ allow $1 hadoop_datanode_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ircd_server packets.
+## Do not audit attempts to receive hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30102,17 +30545,17 @@ interface(`corenet_receive_ircd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ircd_server_packets',`
+interface(`corenet_dontaudit_receive_hadoop_datanode_server_packets',`
gen_require(`
- type ircd_server_packet_t;
+ type hadoop_datanode_server_packet_t;
')
- dontaudit $1 ircd_server_packet_t:packet recv;
+ dontaudit $1 hadoop_datanode_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ircd_server packets.
+## Send and receive hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30121,14 +30564,14 @@ interface(`corenet_dontaudit_receive_ircd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ircd_server_packets',`
- corenet_send_ircd_server_packets($1)
- corenet_receive_ircd_server_packets($1)
+interface(`corenet_sendrecv_hadoop_datanode_server_packets',`
+ corenet_send_hadoop_datanode_server_packets($1)
+ corenet_receive_hadoop_datanode_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ircd_server packets.
+## Do not audit attempts to send and receive hadoop_datanode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30137,14 +30580,14 @@ interface(`corenet_sendrecv_ircd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ircd_server_packets',`
- corenet_dontaudit_send_ircd_server_packets($1)
- corenet_dontaudit_receive_ircd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_hadoop_datanode_server_packets',`
+ corenet_dontaudit_send_hadoop_datanode_server_packets($1)
+ corenet_dontaudit_receive_hadoop_datanode_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ircd_server the packet type.
+## Relabel packets to hadoop_datanode_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -30152,12 +30595,12 @@ interface(`corenet_dontaudit_sendrecv_ircd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ircd_server_packets',`
+interface(`corenet_relabelto_hadoop_datanode_server_packets',`
gen_require(`
- type ircd_server_packet_t;
+ type hadoop_datanode_server_packet_t;
')
- allow $1 ircd_server_packet_t:packet relabelto;
+ allow $1 hadoop_datanode_server_packet_t:packet relabelto;
')
@@ -30165,7 +30608,7 @@ interface(`corenet_relabelto_ircd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the isakmp port.
+## Send and receive TCP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30174,17 +30617,17 @@ interface(`corenet_relabelto_ircd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_isakmp_port',`
+interface(`corenet_tcp_sendrecv_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 hadoop_namenode_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the isakmp port.
+## Send UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30193,17 +30636,17 @@ interface(`corenet_tcp_sendrecv_isakmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_isakmp_port',`
+interface(`corenet_udp_send_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:udp_socket send_msg;
+ allow $1 hadoop_namenode_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the isakmp port.
+## Do not audit attempts to send UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30212,17 +30655,17 @@ interface(`corenet_udp_send_isakmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_isakmp_port',`
+interface(`corenet_dontaudit_udp_send_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- dontaudit $1 isakmp_port_t:udp_socket send_msg;
+ dontaudit $1 hadoop_namenode_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the isakmp port.
+## Receive UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30231,17 +30674,17 @@ interface(`corenet_dontaudit_udp_send_isakmp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_isakmp_port',`
+interface(`corenet_udp_receive_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:udp_socket recv_msg;
+ allow $1 hadoop_namenode_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the isakmp port.
+## Do not audit attempts to receive UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30250,17 +30693,17 @@ interface(`corenet_udp_receive_isakmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_isakmp_port',`
+interface(`corenet_dontaudit_udp_receive_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- dontaudit $1 isakmp_port_t:udp_socket recv_msg;
+ dontaudit $1 hadoop_namenode_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the isakmp port.
+## Send and receive UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30269,15 +30712,15 @@ interface(`corenet_dontaudit_udp_receive_isakmp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_isakmp_port',`
- corenet_udp_send_isakmp_port($1)
- corenet_udp_receive_isakmp_port($1)
+interface(`corenet_udp_sendrecv_hadoop_namenode_port',`
+ corenet_udp_send_hadoop_namenode_port($1)
+ corenet_udp_receive_hadoop_namenode_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the isakmp port.
+## UDP traffic on the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30286,14 +30729,14 @@ interface(`corenet_udp_sendrecv_isakmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_isakmp_port',`
- corenet_dontaudit_udp_send_isakmp_port($1)
- corenet_dontaudit_udp_receive_isakmp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_hadoop_namenode_port',`
+ corenet_dontaudit_udp_send_hadoop_namenode_port($1)
+ corenet_dontaudit_udp_receive_hadoop_namenode_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the isakmp port.
+## Bind TCP sockets to the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30302,18 +30745,18 @@ interface(`corenet_dontaudit_udp_sendrecv_isakmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_isakmp_port',`
+interface(`corenet_tcp_bind_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 hadoop_namenode_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the isakmp port.
+## Bind UDP sockets to the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30322,18 +30765,18 @@ interface(`corenet_tcp_bind_isakmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_isakmp_port',`
+interface(`corenet_udp_bind_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 hadoop_namenode_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the isakmp port.
+## Make a TCP connection to the hadoop_namenode port.
## </summary>
## <param name="domain">
## <summary>
@@ -30341,18 +30784,18 @@ interface(`corenet_udp_bind_isakmp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_isakmp_port',`
+interface(`corenet_tcp_connect_hadoop_namenode_port',`
gen_require(`
- type isakmp_port_t;
+ type hadoop_namenode_port_t;
')
- allow $1 isakmp_port_t:tcp_socket name_connect;
+ allow $1 hadoop_namenode_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send isakmp_client packets.
+## Send hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30361,17 +30804,17 @@ interface(`corenet_tcp_connect_isakmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_isakmp_client_packets',`
+interface(`corenet_send_hadoop_namenode_client_packets',`
gen_require(`
- type isakmp_client_packet_t;
+ type hadoop_namenode_client_packet_t;
')
- allow $1 isakmp_client_packet_t:packet send;
+ allow $1 hadoop_namenode_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send isakmp_client packets.
+## Do not audit attempts to send hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30380,17 +30823,17 @@ interface(`corenet_send_isakmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_isakmp_client_packets',`
+interface(`corenet_dontaudit_send_hadoop_namenode_client_packets',`
gen_require(`
- type isakmp_client_packet_t;
+ type hadoop_namenode_client_packet_t;
')
- dontaudit $1 isakmp_client_packet_t:packet send;
+ dontaudit $1 hadoop_namenode_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive isakmp_client packets.
+## Receive hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30399,17 +30842,17 @@ interface(`corenet_dontaudit_send_isakmp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_isakmp_client_packets',`
+interface(`corenet_receive_hadoop_namenode_client_packets',`
gen_require(`
- type isakmp_client_packet_t;
+ type hadoop_namenode_client_packet_t;
')
- allow $1 isakmp_client_packet_t:packet recv;
+ allow $1 hadoop_namenode_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive isakmp_client packets.
+## Do not audit attempts to receive hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30418,17 +30861,17 @@ interface(`corenet_receive_isakmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_isakmp_client_packets',`
+interface(`corenet_dontaudit_receive_hadoop_namenode_client_packets',`
gen_require(`
- type isakmp_client_packet_t;
+ type hadoop_namenode_client_packet_t;
')
- dontaudit $1 isakmp_client_packet_t:packet recv;
+ dontaudit $1 hadoop_namenode_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive isakmp_client packets.
+## Send and receive hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30437,14 +30880,14 @@ interface(`corenet_dontaudit_receive_isakmp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_isakmp_client_packets',`
- corenet_send_isakmp_client_packets($1)
- corenet_receive_isakmp_client_packets($1)
+interface(`corenet_sendrecv_hadoop_namenode_client_packets',`
+ corenet_send_hadoop_namenode_client_packets($1)
+ corenet_receive_hadoop_namenode_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive isakmp_client packets.
+## Do not audit attempts to send and receive hadoop_namenode_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30453,14 +30896,14 @@ interface(`corenet_sendrecv_isakmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_isakmp_client_packets',`
- corenet_dontaudit_send_isakmp_client_packets($1)
- corenet_dontaudit_receive_isakmp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_hadoop_namenode_client_packets',`
+ corenet_dontaudit_send_hadoop_namenode_client_packets($1)
+ corenet_dontaudit_receive_hadoop_namenode_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to isakmp_client the packet type.
+## Relabel packets to hadoop_namenode_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -30468,18 +30911,18 @@ interface(`corenet_dontaudit_sendrecv_isakmp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_isakmp_client_packets',`
+interface(`corenet_relabelto_hadoop_namenode_client_packets',`
gen_require(`
- type isakmp_client_packet_t;
+ type hadoop_namenode_client_packet_t;
')
- allow $1 isakmp_client_packet_t:packet relabelto;
+ allow $1 hadoop_namenode_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send isakmp_server packets.
+## Send hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30488,17 +30931,17 @@ interface(`corenet_relabelto_isakmp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_isakmp_server_packets',`
+interface(`corenet_send_hadoop_namenode_server_packets',`
gen_require(`
- type isakmp_server_packet_t;
+ type hadoop_namenode_server_packet_t;
')
- allow $1 isakmp_server_packet_t:packet send;
+ allow $1 hadoop_namenode_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send isakmp_server packets.
+## Do not audit attempts to send hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30507,17 +30950,17 @@ interface(`corenet_send_isakmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_isakmp_server_packets',`
+interface(`corenet_dontaudit_send_hadoop_namenode_server_packets',`
gen_require(`
- type isakmp_server_packet_t;
+ type hadoop_namenode_server_packet_t;
')
- dontaudit $1 isakmp_server_packet_t:packet send;
+ dontaudit $1 hadoop_namenode_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive isakmp_server packets.
+## Receive hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30526,17 +30969,17 @@ interface(`corenet_dontaudit_send_isakmp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_isakmp_server_packets',`
+interface(`corenet_receive_hadoop_namenode_server_packets',`
gen_require(`
- type isakmp_server_packet_t;
+ type hadoop_namenode_server_packet_t;
')
- allow $1 isakmp_server_packet_t:packet recv;
+ allow $1 hadoop_namenode_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive isakmp_server packets.
+## Do not audit attempts to receive hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30545,17 +30988,17 @@ interface(`corenet_receive_isakmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_isakmp_server_packets',`
+interface(`corenet_dontaudit_receive_hadoop_namenode_server_packets',`
gen_require(`
- type isakmp_server_packet_t;
+ type hadoop_namenode_server_packet_t;
')
- dontaudit $1 isakmp_server_packet_t:packet recv;
+ dontaudit $1 hadoop_namenode_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive isakmp_server packets.
+## Send and receive hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30564,14 +31007,14 @@ interface(`corenet_dontaudit_receive_isakmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_isakmp_server_packets',`
- corenet_send_isakmp_server_packets($1)
- corenet_receive_isakmp_server_packets($1)
+interface(`corenet_sendrecv_hadoop_namenode_server_packets',`
+ corenet_send_hadoop_namenode_server_packets($1)
+ corenet_receive_hadoop_namenode_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive isakmp_server packets.
+## Do not audit attempts to send and receive hadoop_namenode_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30580,14 +31023,14 @@ interface(`corenet_sendrecv_isakmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_isakmp_server_packets',`
- corenet_dontaudit_send_isakmp_server_packets($1)
- corenet_dontaudit_receive_isakmp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_hadoop_namenode_server_packets',`
+ corenet_dontaudit_send_hadoop_namenode_server_packets($1)
+ corenet_dontaudit_receive_hadoop_namenode_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to isakmp_server the packet type.
+## Relabel packets to hadoop_namenode_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -30595,12 +31038,12 @@ interface(`corenet_dontaudit_sendrecv_isakmp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_isakmp_server_packets',`
+interface(`corenet_relabelto_hadoop_namenode_server_packets',`
gen_require(`
- type isakmp_server_packet_t;
+ type hadoop_namenode_server_packet_t;
')
- allow $1 isakmp_server_packet_t:packet relabelto;
+ allow $1 hadoop_namenode_server_packet_t:packet relabelto;
')
@@ -30608,7 +31051,7 @@ interface(`corenet_relabelto_isakmp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the iscsi port.
+## Send and receive TCP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30617,17 +31060,17 @@ interface(`corenet_relabelto_isakmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_iscsi_port',`
+interface(`corenet_tcp_sendrecv_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 hddtemp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the iscsi port.
+## Send UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30636,17 +31079,17 @@ interface(`corenet_tcp_sendrecv_iscsi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_iscsi_port',`
+interface(`corenet_udp_send_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:udp_socket send_msg;
+ allow $1 hddtemp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the iscsi port.
+## Do not audit attempts to send UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30655,17 +31098,17 @@ interface(`corenet_udp_send_iscsi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_iscsi_port',`
+interface(`corenet_dontaudit_udp_send_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- dontaudit $1 iscsi_port_t:udp_socket send_msg;
+ dontaudit $1 hddtemp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the iscsi port.
+## Receive UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30674,17 +31117,17 @@ interface(`corenet_dontaudit_udp_send_iscsi_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_iscsi_port',`
+interface(`corenet_udp_receive_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:udp_socket recv_msg;
+ allow $1 hddtemp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the iscsi port.
+## Do not audit attempts to receive UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30693,17 +31136,17 @@ interface(`corenet_udp_receive_iscsi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_iscsi_port',`
+interface(`corenet_dontaudit_udp_receive_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- dontaudit $1 iscsi_port_t:udp_socket recv_msg;
+ dontaudit $1 hddtemp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the iscsi port.
+## Send and receive UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30712,15 +31155,15 @@ interface(`corenet_dontaudit_udp_receive_iscsi_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_iscsi_port',`
- corenet_udp_send_iscsi_port($1)
- corenet_udp_receive_iscsi_port($1)
+interface(`corenet_udp_sendrecv_hddtemp_port',`
+ corenet_udp_send_hddtemp_port($1)
+ corenet_udp_receive_hddtemp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the iscsi port.
+## UDP traffic on the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30729,14 +31172,14 @@ interface(`corenet_udp_sendrecv_iscsi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_iscsi_port',`
- corenet_dontaudit_udp_send_iscsi_port($1)
- corenet_dontaudit_udp_receive_iscsi_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_hddtemp_port',`
+ corenet_dontaudit_udp_send_hddtemp_port($1)
+ corenet_dontaudit_udp_receive_hddtemp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the iscsi port.
+## Bind TCP sockets to the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30745,18 +31188,18 @@ interface(`corenet_dontaudit_udp_sendrecv_iscsi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_iscsi_port',`
+interface(`corenet_tcp_bind_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:tcp_socket name_bind;
+ allow $1 hddtemp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the iscsi port.
+## Bind UDP sockets to the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30765,18 +31208,18 @@ interface(`corenet_tcp_bind_iscsi_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_iscsi_port',`
+interface(`corenet_udp_bind_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:udp_socket name_bind;
+ allow $1 hddtemp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the iscsi port.
+## Make a TCP connection to the hddtemp port.
## </summary>
## <param name="domain">
## <summary>
@@ -30784,18 +31227,18 @@ interface(`corenet_udp_bind_iscsi_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_iscsi_port',`
+interface(`corenet_tcp_connect_hddtemp_port',`
gen_require(`
- type iscsi_port_t;
+ type hddtemp_port_t;
')
- allow $1 iscsi_port_t:tcp_socket name_connect;
+ allow $1 hddtemp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send iscsi_client packets.
+## Send hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30804,17 +31247,17 @@ interface(`corenet_tcp_connect_iscsi_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_iscsi_client_packets',`
+interface(`corenet_send_hddtemp_client_packets',`
gen_require(`
- type iscsi_client_packet_t;
+ type hddtemp_client_packet_t;
')
- allow $1 iscsi_client_packet_t:packet send;
+ allow $1 hddtemp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send iscsi_client packets.
+## Do not audit attempts to send hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30823,17 +31266,17 @@ interface(`corenet_send_iscsi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_iscsi_client_packets',`
+interface(`corenet_dontaudit_send_hddtemp_client_packets',`
gen_require(`
- type iscsi_client_packet_t;
+ type hddtemp_client_packet_t;
')
- dontaudit $1 iscsi_client_packet_t:packet send;
+ dontaudit $1 hddtemp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive iscsi_client packets.
+## Receive hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30842,17 +31285,17 @@ interface(`corenet_dontaudit_send_iscsi_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_iscsi_client_packets',`
+interface(`corenet_receive_hddtemp_client_packets',`
gen_require(`
- type iscsi_client_packet_t;
+ type hddtemp_client_packet_t;
')
- allow $1 iscsi_client_packet_t:packet recv;
+ allow $1 hddtemp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive iscsi_client packets.
+## Do not audit attempts to receive hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30861,17 +31304,17 @@ interface(`corenet_receive_iscsi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_iscsi_client_packets',`
+interface(`corenet_dontaudit_receive_hddtemp_client_packets',`
gen_require(`
- type iscsi_client_packet_t;
+ type hddtemp_client_packet_t;
')
- dontaudit $1 iscsi_client_packet_t:packet recv;
+ dontaudit $1 hddtemp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive iscsi_client packets.
+## Send and receive hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30880,14 +31323,14 @@ interface(`corenet_dontaudit_receive_iscsi_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_iscsi_client_packets',`
- corenet_send_iscsi_client_packets($1)
- corenet_receive_iscsi_client_packets($1)
+interface(`corenet_sendrecv_hddtemp_client_packets',`
+ corenet_send_hddtemp_client_packets($1)
+ corenet_receive_hddtemp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive iscsi_client packets.
+## Do not audit attempts to send and receive hddtemp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30896,14 +31339,14 @@ interface(`corenet_sendrecv_iscsi_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_iscsi_client_packets',`
- corenet_dontaudit_send_iscsi_client_packets($1)
- corenet_dontaudit_receive_iscsi_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_hddtemp_client_packets',`
+ corenet_dontaudit_send_hddtemp_client_packets($1)
+ corenet_dontaudit_receive_hddtemp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to iscsi_client the packet type.
+## Relabel packets to hddtemp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -30911,18 +31354,18 @@ interface(`corenet_dontaudit_sendrecv_iscsi_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_iscsi_client_packets',`
+interface(`corenet_relabelto_hddtemp_client_packets',`
gen_require(`
- type iscsi_client_packet_t;
+ type hddtemp_client_packet_t;
')
- allow $1 iscsi_client_packet_t:packet relabelto;
+ allow $1 hddtemp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send iscsi_server packets.
+## Send hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30931,17 +31374,17 @@ interface(`corenet_relabelto_iscsi_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_iscsi_server_packets',`
+interface(`corenet_send_hddtemp_server_packets',`
gen_require(`
- type iscsi_server_packet_t;
+ type hddtemp_server_packet_t;
')
- allow $1 iscsi_server_packet_t:packet send;
+ allow $1 hddtemp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send iscsi_server packets.
+## Do not audit attempts to send hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30950,17 +31393,17 @@ interface(`corenet_send_iscsi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_iscsi_server_packets',`
+interface(`corenet_dontaudit_send_hddtemp_server_packets',`
gen_require(`
- type iscsi_server_packet_t;
+ type hddtemp_server_packet_t;
')
- dontaudit $1 iscsi_server_packet_t:packet send;
+ dontaudit $1 hddtemp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive iscsi_server packets.
+## Receive hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30969,17 +31412,17 @@ interface(`corenet_dontaudit_send_iscsi_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_iscsi_server_packets',`
+interface(`corenet_receive_hddtemp_server_packets',`
gen_require(`
- type iscsi_server_packet_t;
+ type hddtemp_server_packet_t;
')
- allow $1 iscsi_server_packet_t:packet recv;
+ allow $1 hddtemp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive iscsi_server packets.
+## Do not audit attempts to receive hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -30988,17 +31431,17 @@ interface(`corenet_receive_iscsi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_iscsi_server_packets',`
+interface(`corenet_dontaudit_receive_hddtemp_server_packets',`
gen_require(`
- type iscsi_server_packet_t;
+ type hddtemp_server_packet_t;
')
- dontaudit $1 iscsi_server_packet_t:packet recv;
+ dontaudit $1 hddtemp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive iscsi_server packets.
+## Send and receive hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31007,14 +31450,14 @@ interface(`corenet_dontaudit_receive_iscsi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_iscsi_server_packets',`
- corenet_send_iscsi_server_packets($1)
- corenet_receive_iscsi_server_packets($1)
+interface(`corenet_sendrecv_hddtemp_server_packets',`
+ corenet_send_hddtemp_server_packets($1)
+ corenet_receive_hddtemp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive iscsi_server packets.
+## Do not audit attempts to send and receive hddtemp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31023,14 +31466,14 @@ interface(`corenet_sendrecv_iscsi_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_iscsi_server_packets',`
- corenet_dontaudit_send_iscsi_server_packets($1)
- corenet_dontaudit_receive_iscsi_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_hddtemp_server_packets',`
+ corenet_dontaudit_send_hddtemp_server_packets($1)
+ corenet_dontaudit_receive_hddtemp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to iscsi_server the packet type.
+## Relabel packets to hddtemp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -31038,12 +31481,12 @@ interface(`corenet_dontaudit_sendrecv_iscsi_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_iscsi_server_packets',`
+interface(`corenet_relabelto_hddtemp_server_packets',`
gen_require(`
- type iscsi_server_packet_t;
+ type hddtemp_server_packet_t;
')
- allow $1 iscsi_server_packet_t:packet relabelto;
+ allow $1 hddtemp_server_packet_t:packet relabelto;
')
@@ -31051,7 +31494,7 @@ interface(`corenet_relabelto_iscsi_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the isns port.
+## Send and receive TCP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31060,17 +31503,17 @@ interface(`corenet_relabelto_iscsi_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_isns_port',`
+interface(`corenet_tcp_sendrecv_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 howl_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the isns port.
+## Send UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31079,17 +31522,17 @@ interface(`corenet_tcp_sendrecv_isns_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_isns_port',`
+interface(`corenet_udp_send_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:udp_socket send_msg;
+ allow $1 howl_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the isns port.
+## Do not audit attempts to send UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31098,17 +31541,17 @@ interface(`corenet_udp_send_isns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_isns_port',`
+interface(`corenet_dontaudit_udp_send_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- dontaudit $1 isns_port_t:udp_socket send_msg;
+ dontaudit $1 howl_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the isns port.
+## Receive UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31117,17 +31560,17 @@ interface(`corenet_dontaudit_udp_send_isns_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_isns_port',`
+interface(`corenet_udp_receive_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:udp_socket recv_msg;
+ allow $1 howl_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the isns port.
+## Do not audit attempts to receive UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31136,17 +31579,17 @@ interface(`corenet_udp_receive_isns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_isns_port',`
+interface(`corenet_dontaudit_udp_receive_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- dontaudit $1 isns_port_t:udp_socket recv_msg;
+ dontaudit $1 howl_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the isns port.
+## Send and receive UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31155,15 +31598,15 @@ interface(`corenet_dontaudit_udp_receive_isns_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_isns_port',`
- corenet_udp_send_isns_port($1)
- corenet_udp_receive_isns_port($1)
+interface(`corenet_udp_sendrecv_howl_port',`
+ corenet_udp_send_howl_port($1)
+ corenet_udp_receive_howl_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the isns port.
+## UDP traffic on the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31172,14 +31615,14 @@ interface(`corenet_udp_sendrecv_isns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_isns_port',`
- corenet_dontaudit_udp_send_isns_port($1)
- corenet_dontaudit_udp_receive_isns_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_howl_port',`
+ corenet_dontaudit_udp_send_howl_port($1)
+ corenet_dontaudit_udp_receive_howl_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the isns port.
+## Bind TCP sockets to the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31188,18 +31631,18 @@ interface(`corenet_dontaudit_udp_sendrecv_isns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_isns_port',`
+interface(`corenet_tcp_bind_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:tcp_socket name_bind;
+ allow $1 howl_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the isns port.
+## Bind UDP sockets to the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31208,18 +31651,18 @@ interface(`corenet_tcp_bind_isns_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_isns_port',`
+interface(`corenet_udp_bind_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:udp_socket name_bind;
+ allow $1 howl_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the isns port.
+## Make a TCP connection to the howl port.
## </summary>
## <param name="domain">
## <summary>
@@ -31227,18 +31670,18 @@ interface(`corenet_udp_bind_isns_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_isns_port',`
+interface(`corenet_tcp_connect_howl_port',`
gen_require(`
- type isns_port_t;
+ type howl_port_t;
')
- allow $1 isns_port_t:tcp_socket name_connect;
+ allow $1 howl_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send isns_client packets.
+## Send howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31247,17 +31690,17 @@ interface(`corenet_tcp_connect_isns_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_isns_client_packets',`
+interface(`corenet_send_howl_client_packets',`
gen_require(`
- type isns_client_packet_t;
+ type howl_client_packet_t;
')
- allow $1 isns_client_packet_t:packet send;
+ allow $1 howl_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send isns_client packets.
+## Do not audit attempts to send howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31266,17 +31709,17 @@ interface(`corenet_send_isns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_isns_client_packets',`
+interface(`corenet_dontaudit_send_howl_client_packets',`
gen_require(`
- type isns_client_packet_t;
+ type howl_client_packet_t;
')
- dontaudit $1 isns_client_packet_t:packet send;
+ dontaudit $1 howl_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive isns_client packets.
+## Receive howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31285,17 +31728,17 @@ interface(`corenet_dontaudit_send_isns_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_isns_client_packets',`
+interface(`corenet_receive_howl_client_packets',`
gen_require(`
- type isns_client_packet_t;
+ type howl_client_packet_t;
')
- allow $1 isns_client_packet_t:packet recv;
+ allow $1 howl_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive isns_client packets.
+## Do not audit attempts to receive howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31304,17 +31747,17 @@ interface(`corenet_receive_isns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_isns_client_packets',`
+interface(`corenet_dontaudit_receive_howl_client_packets',`
gen_require(`
- type isns_client_packet_t;
+ type howl_client_packet_t;
')
- dontaudit $1 isns_client_packet_t:packet recv;
+ dontaudit $1 howl_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive isns_client packets.
+## Send and receive howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31323,14 +31766,14 @@ interface(`corenet_dontaudit_receive_isns_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_isns_client_packets',`
- corenet_send_isns_client_packets($1)
- corenet_receive_isns_client_packets($1)
+interface(`corenet_sendrecv_howl_client_packets',`
+ corenet_send_howl_client_packets($1)
+ corenet_receive_howl_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive isns_client packets.
+## Do not audit attempts to send and receive howl_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31339,14 +31782,14 @@ interface(`corenet_sendrecv_isns_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_isns_client_packets',`
- corenet_dontaudit_send_isns_client_packets($1)
- corenet_dontaudit_receive_isns_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_howl_client_packets',`
+ corenet_dontaudit_send_howl_client_packets($1)
+ corenet_dontaudit_receive_howl_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to isns_client the packet type.
+## Relabel packets to howl_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -31354,18 +31797,18 @@ interface(`corenet_dontaudit_sendrecv_isns_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_isns_client_packets',`
+interface(`corenet_relabelto_howl_client_packets',`
gen_require(`
- type isns_client_packet_t;
+ type howl_client_packet_t;
')
- allow $1 isns_client_packet_t:packet relabelto;
+ allow $1 howl_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send isns_server packets.
+## Send howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31374,17 +31817,17 @@ interface(`corenet_relabelto_isns_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_isns_server_packets',`
+interface(`corenet_send_howl_server_packets',`
gen_require(`
- type isns_server_packet_t;
+ type howl_server_packet_t;
')
- allow $1 isns_server_packet_t:packet send;
+ allow $1 howl_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send isns_server packets.
+## Do not audit attempts to send howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31393,17 +31836,17 @@ interface(`corenet_send_isns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_isns_server_packets',`
+interface(`corenet_dontaudit_send_howl_server_packets',`
gen_require(`
- type isns_server_packet_t;
+ type howl_server_packet_t;
')
- dontaudit $1 isns_server_packet_t:packet send;
+ dontaudit $1 howl_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive isns_server packets.
+## Receive howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31412,17 +31855,17 @@ interface(`corenet_dontaudit_send_isns_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_isns_server_packets',`
+interface(`corenet_receive_howl_server_packets',`
gen_require(`
- type isns_server_packet_t;
+ type howl_server_packet_t;
')
- allow $1 isns_server_packet_t:packet recv;
+ allow $1 howl_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive isns_server packets.
+## Do not audit attempts to receive howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31431,17 +31874,17 @@ interface(`corenet_receive_isns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_isns_server_packets',`
+interface(`corenet_dontaudit_receive_howl_server_packets',`
gen_require(`
- type isns_server_packet_t;
+ type howl_server_packet_t;
')
- dontaudit $1 isns_server_packet_t:packet recv;
+ dontaudit $1 howl_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive isns_server packets.
+## Send and receive howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31450,14 +31893,14 @@ interface(`corenet_dontaudit_receive_isns_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_isns_server_packets',`
- corenet_send_isns_server_packets($1)
- corenet_receive_isns_server_packets($1)
+interface(`corenet_sendrecv_howl_server_packets',`
+ corenet_send_howl_server_packets($1)
+ corenet_receive_howl_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive isns_server packets.
+## Do not audit attempts to send and receive howl_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31466,14 +31909,14 @@ interface(`corenet_sendrecv_isns_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_isns_server_packets',`
- corenet_dontaudit_send_isns_server_packets($1)
- corenet_dontaudit_receive_isns_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_howl_server_packets',`
+ corenet_dontaudit_send_howl_server_packets($1)
+ corenet_dontaudit_receive_howl_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to isns_server the packet type.
+## Relabel packets to howl_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -31481,12 +31924,12 @@ interface(`corenet_dontaudit_sendrecv_isns_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_isns_server_packets',`
+interface(`corenet_relabelto_howl_server_packets',`
gen_require(`
- type isns_server_packet_t;
+ type howl_server_packet_t;
')
- allow $1 isns_server_packet_t:packet relabelto;
+ allow $1 howl_server_packet_t:packet relabelto;
')
@@ -31494,7 +31937,7 @@ interface(`corenet_relabelto_isns_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the jabber_client port.
+## Send and receive TCP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31503,17 +31946,17 @@ interface(`corenet_relabelto_isns_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_jabber_client_port',`
+interface(`corenet_tcp_sendrecv_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 hplip_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the jabber_client port.
+## Send UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31522,17 +31965,17 @@ interface(`corenet_tcp_sendrecv_jabber_client_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_jabber_client_port',`
+interface(`corenet_udp_send_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:udp_socket send_msg;
+ allow $1 hplip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the jabber_client port.
+## Do not audit attempts to send UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31541,17 +31984,17 @@ interface(`corenet_udp_send_jabber_client_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_jabber_client_port',`
+interface(`corenet_dontaudit_udp_send_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- dontaudit $1 jabber_client_port_t:udp_socket send_msg;
+ dontaudit $1 hplip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the jabber_client port.
+## Receive UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31560,17 +32003,17 @@ interface(`corenet_dontaudit_udp_send_jabber_client_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_jabber_client_port',`
+interface(`corenet_udp_receive_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:udp_socket recv_msg;
+ allow $1 hplip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the jabber_client port.
+## Do not audit attempts to receive UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31579,17 +32022,17 @@ interface(`corenet_udp_receive_jabber_client_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_jabber_client_port',`
+interface(`corenet_dontaudit_udp_receive_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- dontaudit $1 jabber_client_port_t:udp_socket recv_msg;
+ dontaudit $1 hplip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the jabber_client port.
+## Send and receive UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31598,15 +32041,15 @@ interface(`corenet_dontaudit_udp_receive_jabber_client_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_jabber_client_port',`
- corenet_udp_send_jabber_client_port($1)
- corenet_udp_receive_jabber_client_port($1)
+interface(`corenet_udp_sendrecv_hplip_port',`
+ corenet_udp_send_hplip_port($1)
+ corenet_udp_receive_hplip_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the jabber_client port.
+## UDP traffic on the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31615,14 +32058,14 @@ interface(`corenet_udp_sendrecv_jabber_client_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_jabber_client_port',`
- corenet_dontaudit_udp_send_jabber_client_port($1)
- corenet_dontaudit_udp_receive_jabber_client_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_hplip_port',`
+ corenet_dontaudit_udp_send_hplip_port($1)
+ corenet_dontaudit_udp_receive_hplip_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the jabber_client port.
+## Bind TCP sockets to the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31631,18 +32074,18 @@ interface(`corenet_dontaudit_udp_sendrecv_jabber_client_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_jabber_client_port',`
+interface(`corenet_tcp_bind_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:tcp_socket name_bind;
+ allow $1 hplip_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the jabber_client port.
+## Bind UDP sockets to the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31651,18 +32094,18 @@ interface(`corenet_tcp_bind_jabber_client_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_jabber_client_port',`
+interface(`corenet_udp_bind_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:udp_socket name_bind;
+ allow $1 hplip_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the jabber_client port.
+## Make a TCP connection to the hplip port.
## </summary>
## <param name="domain">
## <summary>
@@ -31670,18 +32113,18 @@ interface(`corenet_udp_bind_jabber_client_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_jabber_client_port',`
+interface(`corenet_tcp_connect_hplip_port',`
gen_require(`
- type jabber_client_port_t;
+ type hplip_port_t;
')
- allow $1 jabber_client_port_t:tcp_socket name_connect;
+ allow $1 hplip_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send jabber_client_client packets.
+## Send hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31690,17 +32133,17 @@ interface(`corenet_tcp_connect_jabber_client_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_jabber_client_client_packets',`
+interface(`corenet_send_hplip_client_packets',`
gen_require(`
- type jabber_client_client_packet_t;
+ type hplip_client_packet_t;
')
- allow $1 jabber_client_client_packet_t:packet send;
+ allow $1 hplip_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send jabber_client_client packets.
+## Do not audit attempts to send hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31709,17 +32152,17 @@ interface(`corenet_send_jabber_client_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_jabber_client_client_packets',`
+interface(`corenet_dontaudit_send_hplip_client_packets',`
gen_require(`
- type jabber_client_client_packet_t;
+ type hplip_client_packet_t;
')
- dontaudit $1 jabber_client_client_packet_t:packet send;
+ dontaudit $1 hplip_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive jabber_client_client packets.
+## Receive hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31728,17 +32171,17 @@ interface(`corenet_dontaudit_send_jabber_client_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_jabber_client_client_packets',`
+interface(`corenet_receive_hplip_client_packets',`
gen_require(`
- type jabber_client_client_packet_t;
+ type hplip_client_packet_t;
')
- allow $1 jabber_client_client_packet_t:packet recv;
+ allow $1 hplip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive jabber_client_client packets.
+## Do not audit attempts to receive hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31747,17 +32190,17 @@ interface(`corenet_receive_jabber_client_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_jabber_client_client_packets',`
+interface(`corenet_dontaudit_receive_hplip_client_packets',`
gen_require(`
- type jabber_client_client_packet_t;
+ type hplip_client_packet_t;
')
- dontaudit $1 jabber_client_client_packet_t:packet recv;
+ dontaudit $1 hplip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive jabber_client_client packets.
+## Send and receive hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31766,14 +32209,14 @@ interface(`corenet_dontaudit_receive_jabber_client_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_jabber_client_client_packets',`
- corenet_send_jabber_client_client_packets($1)
- corenet_receive_jabber_client_client_packets($1)
+interface(`corenet_sendrecv_hplip_client_packets',`
+ corenet_send_hplip_client_packets($1)
+ corenet_receive_hplip_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive jabber_client_client packets.
+## Do not audit attempts to send and receive hplip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31782,14 +32225,14 @@ interface(`corenet_sendrecv_jabber_client_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_jabber_client_client_packets',`
- corenet_dontaudit_send_jabber_client_client_packets($1)
- corenet_dontaudit_receive_jabber_client_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_hplip_client_packets',`
+ corenet_dontaudit_send_hplip_client_packets($1)
+ corenet_dontaudit_receive_hplip_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to jabber_client_client the packet type.
+## Relabel packets to hplip_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -31797,18 +32240,18 @@ interface(`corenet_dontaudit_sendrecv_jabber_client_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_jabber_client_client_packets',`
+interface(`corenet_relabelto_hplip_client_packets',`
gen_require(`
- type jabber_client_client_packet_t;
+ type hplip_client_packet_t;
')
- allow $1 jabber_client_client_packet_t:packet relabelto;
+ allow $1 hplip_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send jabber_client_server packets.
+## Send hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31817,17 +32260,17 @@ interface(`corenet_relabelto_jabber_client_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_jabber_client_server_packets',`
+interface(`corenet_send_hplip_server_packets',`
gen_require(`
- type jabber_client_server_packet_t;
+ type hplip_server_packet_t;
')
- allow $1 jabber_client_server_packet_t:packet send;
+ allow $1 hplip_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send jabber_client_server packets.
+## Do not audit attempts to send hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31836,17 +32279,17 @@ interface(`corenet_send_jabber_client_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_jabber_client_server_packets',`
+interface(`corenet_dontaudit_send_hplip_server_packets',`
gen_require(`
- type jabber_client_server_packet_t;
+ type hplip_server_packet_t;
')
- dontaudit $1 jabber_client_server_packet_t:packet send;
+ dontaudit $1 hplip_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive jabber_client_server packets.
+## Receive hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31855,17 +32298,17 @@ interface(`corenet_dontaudit_send_jabber_client_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_jabber_client_server_packets',`
+interface(`corenet_receive_hplip_server_packets',`
gen_require(`
- type jabber_client_server_packet_t;
+ type hplip_server_packet_t;
')
- allow $1 jabber_client_server_packet_t:packet recv;
+ allow $1 hplip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive jabber_client_server packets.
+## Do not audit attempts to receive hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31874,17 +32317,17 @@ interface(`corenet_receive_jabber_client_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_jabber_client_server_packets',`
+interface(`corenet_dontaudit_receive_hplip_server_packets',`
gen_require(`
- type jabber_client_server_packet_t;
+ type hplip_server_packet_t;
')
- dontaudit $1 jabber_client_server_packet_t:packet recv;
+ dontaudit $1 hplip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive jabber_client_server packets.
+## Send and receive hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31893,14 +32336,14 @@ interface(`corenet_dontaudit_receive_jabber_client_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_jabber_client_server_packets',`
- corenet_send_jabber_client_server_packets($1)
- corenet_receive_jabber_client_server_packets($1)
+interface(`corenet_sendrecv_hplip_server_packets',`
+ corenet_send_hplip_server_packets($1)
+ corenet_receive_hplip_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive jabber_client_server packets.
+## Do not audit attempts to send and receive hplip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -31909,14 +32352,14 @@ interface(`corenet_sendrecv_jabber_client_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_jabber_client_server_packets',`
- corenet_dontaudit_send_jabber_client_server_packets($1)
- corenet_dontaudit_receive_jabber_client_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_hplip_server_packets',`
+ corenet_dontaudit_send_hplip_server_packets($1)
+ corenet_dontaudit_receive_hplip_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to jabber_client_server the packet type.
+## Relabel packets to hplip_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -31924,12 +32367,12 @@ interface(`corenet_dontaudit_sendrecv_jabber_client_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_jabber_client_server_packets',`
+interface(`corenet_relabelto_hplip_server_packets',`
gen_require(`
- type jabber_client_server_packet_t;
+ type hplip_server_packet_t;
')
- allow $1 jabber_client_server_packet_t:packet relabelto;
+ allow $1 hplip_server_packet_t:packet relabelto;
')
@@ -31937,7 +32380,7 @@ interface(`corenet_relabelto_jabber_client_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the jabber_interserver port.
+## Send and receive TCP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -31946,17 +32389,17 @@ interface(`corenet_relabelto_jabber_client_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_jabber_interserver_port',`
+interface(`corenet_tcp_sendrecv_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 http_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the jabber_interserver port.
+## Send UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -31965,17 +32408,17 @@ interface(`corenet_tcp_sendrecv_jabber_interserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_jabber_interserver_port',`
+interface(`corenet_udp_send_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:udp_socket send_msg;
+ allow $1 http_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the jabber_interserver port.
+## Do not audit attempts to send UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -31984,17 +32427,17 @@ interface(`corenet_udp_send_jabber_interserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_jabber_interserver_port',`
+interface(`corenet_dontaudit_udp_send_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- dontaudit $1 jabber_interserver_port_t:udp_socket send_msg;
+ dontaudit $1 http_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the jabber_interserver port.
+## Receive UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32003,17 +32446,17 @@ interface(`corenet_dontaudit_udp_send_jabber_interserver_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_jabber_interserver_port',`
+interface(`corenet_udp_receive_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:udp_socket recv_msg;
+ allow $1 http_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the jabber_interserver port.
+## Do not audit attempts to receive UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32022,17 +32465,17 @@ interface(`corenet_udp_receive_jabber_interserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_jabber_interserver_port',`
+interface(`corenet_dontaudit_udp_receive_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- dontaudit $1 jabber_interserver_port_t:udp_socket recv_msg;
+ dontaudit $1 http_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the jabber_interserver port.
+## Send and receive UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32041,15 +32484,15 @@ interface(`corenet_dontaudit_udp_receive_jabber_interserver_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_jabber_interserver_port',`
- corenet_udp_send_jabber_interserver_port($1)
- corenet_udp_receive_jabber_interserver_port($1)
+interface(`corenet_udp_sendrecv_http_port',`
+ corenet_udp_send_http_port($1)
+ corenet_udp_receive_http_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the jabber_interserver port.
+## UDP traffic on the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32058,14 +32501,14 @@ interface(`corenet_udp_sendrecv_jabber_interserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_jabber_interserver_port',`
- corenet_dontaudit_udp_send_jabber_interserver_port($1)
- corenet_dontaudit_udp_receive_jabber_interserver_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_http_port',`
+ corenet_dontaudit_udp_send_http_port($1)
+ corenet_dontaudit_udp_receive_http_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the jabber_interserver port.
+## Bind TCP sockets to the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32074,18 +32517,18 @@ interface(`corenet_dontaudit_udp_sendrecv_jabber_interserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_jabber_interserver_port',`
+interface(`corenet_tcp_bind_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:tcp_socket name_bind;
-
+ allow $1 http_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the jabber_interserver port.
+## Bind UDP sockets to the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32094,18 +32537,18 @@ interface(`corenet_tcp_bind_jabber_interserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_jabber_interserver_port',`
+interface(`corenet_udp_bind_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:udp_socket name_bind;
-
+ allow $1 http_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the jabber_interserver port.
+## Make a TCP connection to the http port.
## </summary>
## <param name="domain">
## <summary>
@@ -32113,18 +32556,18 @@ interface(`corenet_udp_bind_jabber_interserver_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_jabber_interserver_port',`
+interface(`corenet_tcp_connect_http_port',`
gen_require(`
- type jabber_interserver_port_t;
+ type http_port_t;
')
- allow $1 jabber_interserver_port_t:tcp_socket name_connect;
+ allow $1 http_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send jabber_interserver_client packets.
+## Send http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32133,17 +32576,17 @@ interface(`corenet_tcp_connect_jabber_interserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_jabber_interserver_client_packets',`
+interface(`corenet_send_http_client_packets',`
gen_require(`
- type jabber_interserver_client_packet_t;
+ type http_client_packet_t;
')
- allow $1 jabber_interserver_client_packet_t:packet send;
+ allow $1 http_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send jabber_interserver_client packets.
+## Do not audit attempts to send http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32152,17 +32595,17 @@ interface(`corenet_send_jabber_interserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_jabber_interserver_client_packets',`
+interface(`corenet_dontaudit_send_http_client_packets',`
gen_require(`
- type jabber_interserver_client_packet_t;
+ type http_client_packet_t;
')
- dontaudit $1 jabber_interserver_client_packet_t:packet send;
+ dontaudit $1 http_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive jabber_interserver_client packets.
+## Receive http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32171,17 +32614,17 @@ interface(`corenet_dontaudit_send_jabber_interserver_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_jabber_interserver_client_packets',`
+interface(`corenet_receive_http_client_packets',`
gen_require(`
- type jabber_interserver_client_packet_t;
+ type http_client_packet_t;
')
- allow $1 jabber_interserver_client_packet_t:packet recv;
+ allow $1 http_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive jabber_interserver_client packets.
+## Do not audit attempts to receive http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32190,17 +32633,17 @@ interface(`corenet_receive_jabber_interserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_jabber_interserver_client_packets',`
+interface(`corenet_dontaudit_receive_http_client_packets',`
gen_require(`
- type jabber_interserver_client_packet_t;
+ type http_client_packet_t;
')
- dontaudit $1 jabber_interserver_client_packet_t:packet recv;
+ dontaudit $1 http_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive jabber_interserver_client packets.
+## Send and receive http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32209,14 +32652,14 @@ interface(`corenet_dontaudit_receive_jabber_interserver_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_jabber_interserver_client_packets',`
- corenet_send_jabber_interserver_client_packets($1)
- corenet_receive_jabber_interserver_client_packets($1)
+interface(`corenet_sendrecv_http_client_packets',`
+ corenet_send_http_client_packets($1)
+ corenet_receive_http_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive jabber_interserver_client packets.
+## Do not audit attempts to send and receive http_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32225,14 +32668,14 @@ interface(`corenet_sendrecv_jabber_interserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_jabber_interserver_client_packets',`
- corenet_dontaudit_send_jabber_interserver_client_packets($1)
- corenet_dontaudit_receive_jabber_interserver_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_http_client_packets',`
+ corenet_dontaudit_send_http_client_packets($1)
+ corenet_dontaudit_receive_http_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to jabber_interserver_client the packet type.
+## Relabel packets to http_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -32240,18 +32683,18 @@ interface(`corenet_dontaudit_sendrecv_jabber_interserver_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_jabber_interserver_client_packets',`
+interface(`corenet_relabelto_http_client_packets',`
gen_require(`
- type jabber_interserver_client_packet_t;
+ type http_client_packet_t;
')
- allow $1 jabber_interserver_client_packet_t:packet relabelto;
+ allow $1 http_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send jabber_interserver_server packets.
+## Send http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32260,17 +32703,17 @@ interface(`corenet_relabelto_jabber_interserver_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_jabber_interserver_server_packets',`
+interface(`corenet_send_http_server_packets',`
gen_require(`
- type jabber_interserver_server_packet_t;
+ type http_server_packet_t;
')
- allow $1 jabber_interserver_server_packet_t:packet send;
+ allow $1 http_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send jabber_interserver_server packets.
+## Do not audit attempts to send http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32279,17 +32722,17 @@ interface(`corenet_send_jabber_interserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_jabber_interserver_server_packets',`
+interface(`corenet_dontaudit_send_http_server_packets',`
gen_require(`
- type jabber_interserver_server_packet_t;
+ type http_server_packet_t;
')
- dontaudit $1 jabber_interserver_server_packet_t:packet send;
+ dontaudit $1 http_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive jabber_interserver_server packets.
+## Receive http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32298,17 +32741,17 @@ interface(`corenet_dontaudit_send_jabber_interserver_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_jabber_interserver_server_packets',`
+interface(`corenet_receive_http_server_packets',`
gen_require(`
- type jabber_interserver_server_packet_t;
+ type http_server_packet_t;
')
- allow $1 jabber_interserver_server_packet_t:packet recv;
+ allow $1 http_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive jabber_interserver_server packets.
+## Do not audit attempts to receive http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32317,17 +32760,17 @@ interface(`corenet_receive_jabber_interserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_jabber_interserver_server_packets',`
+interface(`corenet_dontaudit_receive_http_server_packets',`
gen_require(`
- type jabber_interserver_server_packet_t;
+ type http_server_packet_t;
')
- dontaudit $1 jabber_interserver_server_packet_t:packet recv;
+ dontaudit $1 http_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive jabber_interserver_server packets.
+## Send and receive http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32336,14 +32779,14 @@ interface(`corenet_dontaudit_receive_jabber_interserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_jabber_interserver_server_packets',`
- corenet_send_jabber_interserver_server_packets($1)
- corenet_receive_jabber_interserver_server_packets($1)
+interface(`corenet_sendrecv_http_server_packets',`
+ corenet_send_http_server_packets($1)
+ corenet_receive_http_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive jabber_interserver_server packets.
+## Do not audit attempts to send and receive http_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32352,14 +32795,14 @@ interface(`corenet_sendrecv_jabber_interserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_jabber_interserver_server_packets',`
- corenet_dontaudit_send_jabber_interserver_server_packets($1)
- corenet_dontaudit_receive_jabber_interserver_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_http_server_packets',`
+ corenet_dontaudit_send_http_server_packets($1)
+ corenet_dontaudit_receive_http_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to jabber_interserver_server the packet type.
+## Relabel packets to http_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -32367,20 +32810,20 @@ interface(`corenet_dontaudit_sendrecv_jabber_interserver_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_jabber_interserver_server_packets',`
+interface(`corenet_relabelto_http_server_packets',`
gen_require(`
- type jabber_interserver_server_packet_t;
+ type http_server_packet_t;
')
- allow $1 jabber_interserver_server_packet_t:packet relabelto;
+ allow $1 http_server_packet_t:packet relabelto;
')
-
+ #8443 is mod_nss default port
########################################
## <summary>
-## Send and receive TCP traffic on the kerberos port.
+## Send and receive TCP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32389,17 +32832,17 @@ interface(`corenet_relabelto_jabber_interserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_kerberos_port',`
+interface(`corenet_tcp_sendrecv_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 http_cache_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the kerberos port.
+## Send UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32408,17 +32851,17 @@ interface(`corenet_tcp_sendrecv_kerberos_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_kerberos_port',`
+interface(`corenet_udp_send_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:udp_socket send_msg;
+ allow $1 http_cache_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the kerberos port.
+## Do not audit attempts to send UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32427,17 +32870,17 @@ interface(`corenet_udp_send_kerberos_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_kerberos_port',`
+interface(`corenet_dontaudit_udp_send_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- dontaudit $1 kerberos_port_t:udp_socket send_msg;
+ dontaudit $1 http_cache_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the kerberos port.
+## Receive UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32446,17 +32889,17 @@ interface(`corenet_dontaudit_udp_send_kerberos_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_kerberos_port',`
+interface(`corenet_udp_receive_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:udp_socket recv_msg;
+ allow $1 http_cache_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the kerberos port.
+## Do not audit attempts to receive UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32465,17 +32908,17 @@ interface(`corenet_udp_receive_kerberos_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_kerberos_port',`
+interface(`corenet_dontaudit_udp_receive_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- dontaudit $1 kerberos_port_t:udp_socket recv_msg;
+ dontaudit $1 http_cache_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the kerberos port.
+## Send and receive UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32484,15 +32927,15 @@ interface(`corenet_dontaudit_udp_receive_kerberos_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_kerberos_port',`
- corenet_udp_send_kerberos_port($1)
- corenet_udp_receive_kerberos_port($1)
+interface(`corenet_udp_sendrecv_http_cache_port',`
+ corenet_udp_send_http_cache_port($1)
+ corenet_udp_receive_http_cache_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the kerberos port.
+## UDP traffic on the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32501,14 +32944,14 @@ interface(`corenet_udp_sendrecv_kerberos_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_kerberos_port',`
- corenet_dontaudit_udp_send_kerberos_port($1)
- corenet_dontaudit_udp_receive_kerberos_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_http_cache_port',`
+ corenet_dontaudit_udp_send_http_cache_port($1)
+ corenet_dontaudit_udp_receive_http_cache_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the kerberos port.
+## Bind TCP sockets to the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32517,18 +32960,18 @@ interface(`corenet_dontaudit_udp_sendrecv_kerberos_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_kerberos_port',`
+interface(`corenet_tcp_bind_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:tcp_socket name_bind;
+ allow $1 http_cache_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the kerberos port.
+## Bind UDP sockets to the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32537,18 +32980,18 @@ interface(`corenet_tcp_bind_kerberos_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_kerberos_port',`
+interface(`corenet_udp_bind_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:udp_socket name_bind;
+ allow $1 http_cache_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the kerberos port.
+## Make a TCP connection to the http_cache port.
## </summary>
## <param name="domain">
## <summary>
@@ -32556,18 +32999,18 @@ interface(`corenet_udp_bind_kerberos_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_kerberos_port',`
+interface(`corenet_tcp_connect_http_cache_port',`
gen_require(`
- type kerberos_port_t;
+ type http_cache_port_t;
')
- allow $1 kerberos_port_t:tcp_socket name_connect;
+ allow $1 http_cache_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send kerberos_client packets.
+## Send http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32576,17 +33019,17 @@ interface(`corenet_tcp_connect_kerberos_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_client_packets',`
+interface(`corenet_send_http_cache_client_packets',`
gen_require(`
- type kerberos_client_packet_t;
+ type http_cache_client_packet_t;
')
- allow $1 kerberos_client_packet_t:packet send;
+ allow $1 http_cache_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_client packets.
+## Do not audit attempts to send http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32595,17 +33038,17 @@ interface(`corenet_send_kerberos_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_client_packets',`
+interface(`corenet_dontaudit_send_http_cache_client_packets',`
gen_require(`
- type kerberos_client_packet_t;
+ type http_cache_client_packet_t;
')
- dontaudit $1 kerberos_client_packet_t:packet send;
+ dontaudit $1 http_cache_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_client packets.
+## Receive http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32614,17 +33057,17 @@ interface(`corenet_dontaudit_send_kerberos_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_client_packets',`
+interface(`corenet_receive_http_cache_client_packets',`
gen_require(`
- type kerberos_client_packet_t;
+ type http_cache_client_packet_t;
')
- allow $1 kerberos_client_packet_t:packet recv;
+ allow $1 http_cache_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_client packets.
+## Do not audit attempts to receive http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32633,17 +33076,17 @@ interface(`corenet_receive_kerberos_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_client_packets',`
+interface(`corenet_dontaudit_receive_http_cache_client_packets',`
gen_require(`
- type kerberos_client_packet_t;
+ type http_cache_client_packet_t;
')
- dontaudit $1 kerberos_client_packet_t:packet recv;
+ dontaudit $1 http_cache_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_client packets.
+## Send and receive http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32652,14 +33095,14 @@ interface(`corenet_dontaudit_receive_kerberos_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_client_packets',`
- corenet_send_kerberos_client_packets($1)
- corenet_receive_kerberos_client_packets($1)
+interface(`corenet_sendrecv_http_cache_client_packets',`
+ corenet_send_http_cache_client_packets($1)
+ corenet_receive_http_cache_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_client packets.
+## Do not audit attempts to send and receive http_cache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32668,14 +33111,14 @@ interface(`corenet_sendrecv_kerberos_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_client_packets',`
- corenet_dontaudit_send_kerberos_client_packets($1)
- corenet_dontaudit_receive_kerberos_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_http_cache_client_packets',`
+ corenet_dontaudit_send_http_cache_client_packets($1)
+ corenet_dontaudit_receive_http_cache_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_client the packet type.
+## Relabel packets to http_cache_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -32683,18 +33126,18 @@ interface(`corenet_dontaudit_sendrecv_kerberos_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_client_packets',`
+interface(`corenet_relabelto_http_cache_client_packets',`
gen_require(`
- type kerberos_client_packet_t;
+ type http_cache_client_packet_t;
')
- allow $1 kerberos_client_packet_t:packet relabelto;
+ allow $1 http_cache_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send kerberos_server packets.
+## Send http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32703,17 +33146,17 @@ interface(`corenet_relabelto_kerberos_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_server_packets',`
+interface(`corenet_send_http_cache_server_packets',`
gen_require(`
- type kerberos_server_packet_t;
+ type http_cache_server_packet_t;
')
- allow $1 kerberos_server_packet_t:packet send;
+ allow $1 http_cache_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_server packets.
+## Do not audit attempts to send http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32722,17 +33165,17 @@ interface(`corenet_send_kerberos_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_server_packets',`
+interface(`corenet_dontaudit_send_http_cache_server_packets',`
gen_require(`
- type kerberos_server_packet_t;
+ type http_cache_server_packet_t;
')
- dontaudit $1 kerberos_server_packet_t:packet send;
+ dontaudit $1 http_cache_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_server packets.
+## Receive http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32741,17 +33184,17 @@ interface(`corenet_dontaudit_send_kerberos_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_server_packets',`
+interface(`corenet_receive_http_cache_server_packets',`
gen_require(`
- type kerberos_server_packet_t;
+ type http_cache_server_packet_t;
')
- allow $1 kerberos_server_packet_t:packet recv;
+ allow $1 http_cache_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_server packets.
+## Do not audit attempts to receive http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32760,17 +33203,17 @@ interface(`corenet_receive_kerberos_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_server_packets',`
+interface(`corenet_dontaudit_receive_http_cache_server_packets',`
gen_require(`
- type kerberos_server_packet_t;
+ type http_cache_server_packet_t;
')
- dontaudit $1 kerberos_server_packet_t:packet recv;
+ dontaudit $1 http_cache_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_server packets.
+## Send and receive http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32779,14 +33222,14 @@ interface(`corenet_dontaudit_receive_kerberos_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_server_packets',`
- corenet_send_kerberos_server_packets($1)
- corenet_receive_kerberos_server_packets($1)
+interface(`corenet_sendrecv_http_cache_server_packets',`
+ corenet_send_http_cache_server_packets($1)
+ corenet_receive_http_cache_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_server packets.
+## Do not audit attempts to send and receive http_cache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -32795,14 +33238,14 @@ interface(`corenet_sendrecv_kerberos_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_server_packets',`
- corenet_dontaudit_send_kerberos_server_packets($1)
- corenet_dontaudit_receive_kerberos_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_http_cache_server_packets',`
+ corenet_dontaudit_send_http_cache_server_packets($1)
+ corenet_dontaudit_receive_http_cache_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_server the packet type.
+## Relabel packets to http_cache_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -32810,20 +33253,20 @@ interface(`corenet_dontaudit_sendrecv_kerberos_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_server_packets',`
+interface(`corenet_relabelto_http_cache_server_packets',`
gen_require(`
- type kerberos_server_packet_t;
+ type http_cache_server_packet_t;
')
- allow $1 kerberos_server_packet_t:packet relabelto;
+ allow $1 http_cache_server_packet_t:packet relabelto;
')
-
+ # 8118 is for privoxy
########################################
## <summary>
-## Send and receive TCP traffic on the kerberos_admin port.
+## Send and receive TCP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32832,17 +33275,17 @@ interface(`corenet_relabelto_kerberos_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_kerberos_admin_port',`
+interface(`corenet_tcp_sendrecv_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 i18n_input_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the kerberos_admin port.
+## Send UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32851,17 +33294,17 @@ interface(`corenet_tcp_sendrecv_kerberos_admin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_kerberos_admin_port',`
+interface(`corenet_udp_send_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:udp_socket send_msg;
+ allow $1 i18n_input_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the kerberos_admin port.
+## Do not audit attempts to send UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32870,17 +33313,17 @@ interface(`corenet_udp_send_kerberos_admin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_kerberos_admin_port',`
+interface(`corenet_dontaudit_udp_send_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- dontaudit $1 kerberos_admin_port_t:udp_socket send_msg;
+ dontaudit $1 i18n_input_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the kerberos_admin port.
+## Receive UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32889,17 +33332,17 @@ interface(`corenet_dontaudit_udp_send_kerberos_admin_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_kerberos_admin_port',`
+interface(`corenet_udp_receive_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:udp_socket recv_msg;
+ allow $1 i18n_input_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the kerberos_admin port.
+## Do not audit attempts to receive UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32908,17 +33351,17 @@ interface(`corenet_udp_receive_kerberos_admin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_kerberos_admin_port',`
+interface(`corenet_dontaudit_udp_receive_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- dontaudit $1 kerberos_admin_port_t:udp_socket recv_msg;
+ dontaudit $1 i18n_input_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the kerberos_admin port.
+## Send and receive UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32927,15 +33370,15 @@ interface(`corenet_dontaudit_udp_receive_kerberos_admin_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_kerberos_admin_port',`
- corenet_udp_send_kerberos_admin_port($1)
- corenet_udp_receive_kerberos_admin_port($1)
+interface(`corenet_udp_sendrecv_i18n_input_port',`
+ corenet_udp_send_i18n_input_port($1)
+ corenet_udp_receive_i18n_input_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the kerberos_admin port.
+## UDP traffic on the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32944,14 +33387,14 @@ interface(`corenet_udp_sendrecv_kerberos_admin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_kerberos_admin_port',`
- corenet_dontaudit_udp_send_kerberos_admin_port($1)
- corenet_dontaudit_udp_receive_kerberos_admin_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_i18n_input_port',`
+ corenet_dontaudit_udp_send_i18n_input_port($1)
+ corenet_dontaudit_udp_receive_i18n_input_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the kerberos_admin port.
+## Bind TCP sockets to the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32960,18 +33403,18 @@ interface(`corenet_dontaudit_udp_sendrecv_kerberos_admin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_kerberos_admin_port',`
+interface(`corenet_tcp_bind_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 i18n_input_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the kerberos_admin port.
+## Bind UDP sockets to the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32980,18 +33423,18 @@ interface(`corenet_tcp_bind_kerberos_admin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_kerberos_admin_port',`
+interface(`corenet_udp_bind_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 i18n_input_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the kerberos_admin port.
+## Make a TCP connection to the i18n_input port.
## </summary>
## <param name="domain">
## <summary>
@@ -32999,18 +33442,18 @@ interface(`corenet_udp_bind_kerberos_admin_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_kerberos_admin_port',`
+interface(`corenet_tcp_connect_i18n_input_port',`
gen_require(`
- type kerberos_admin_port_t;
+ type i18n_input_port_t;
')
- allow $1 kerberos_admin_port_t:tcp_socket name_connect;
+ allow $1 i18n_input_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send kerberos_admin_client packets.
+## Send i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33019,17 +33462,17 @@ interface(`corenet_tcp_connect_kerberos_admin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_admin_client_packets',`
+interface(`corenet_send_i18n_input_client_packets',`
gen_require(`
- type kerberos_admin_client_packet_t;
+ type i18n_input_client_packet_t;
')
- allow $1 kerberos_admin_client_packet_t:packet send;
+ allow $1 i18n_input_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_admin_client packets.
+## Do not audit attempts to send i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33038,17 +33481,17 @@ interface(`corenet_send_kerberos_admin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_admin_client_packets',`
+interface(`corenet_dontaudit_send_i18n_input_client_packets',`
gen_require(`
- type kerberos_admin_client_packet_t;
+ type i18n_input_client_packet_t;
')
- dontaudit $1 kerberos_admin_client_packet_t:packet send;
+ dontaudit $1 i18n_input_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_admin_client packets.
+## Receive i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33057,17 +33500,17 @@ interface(`corenet_dontaudit_send_kerberos_admin_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_admin_client_packets',`
+interface(`corenet_receive_i18n_input_client_packets',`
gen_require(`
- type kerberos_admin_client_packet_t;
+ type i18n_input_client_packet_t;
')
- allow $1 kerberos_admin_client_packet_t:packet recv;
+ allow $1 i18n_input_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_admin_client packets.
+## Do not audit attempts to receive i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33076,17 +33519,17 @@ interface(`corenet_receive_kerberos_admin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_admin_client_packets',`
+interface(`corenet_dontaudit_receive_i18n_input_client_packets',`
gen_require(`
- type kerberos_admin_client_packet_t;
+ type i18n_input_client_packet_t;
')
- dontaudit $1 kerberos_admin_client_packet_t:packet recv;
+ dontaudit $1 i18n_input_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_admin_client packets.
+## Send and receive i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33095,14 +33538,14 @@ interface(`corenet_dontaudit_receive_kerberos_admin_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_admin_client_packets',`
- corenet_send_kerberos_admin_client_packets($1)
- corenet_receive_kerberos_admin_client_packets($1)
+interface(`corenet_sendrecv_i18n_input_client_packets',`
+ corenet_send_i18n_input_client_packets($1)
+ corenet_receive_i18n_input_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_admin_client packets.
+## Do not audit attempts to send and receive i18n_input_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33111,14 +33554,14 @@ interface(`corenet_sendrecv_kerberos_admin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_admin_client_packets',`
- corenet_dontaudit_send_kerberos_admin_client_packets($1)
- corenet_dontaudit_receive_kerberos_admin_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_i18n_input_client_packets',`
+ corenet_dontaudit_send_i18n_input_client_packets($1)
+ corenet_dontaudit_receive_i18n_input_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_admin_client the packet type.
+## Relabel packets to i18n_input_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -33126,18 +33569,18 @@ interface(`corenet_dontaudit_sendrecv_kerberos_admin_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_admin_client_packets',`
+interface(`corenet_relabelto_i18n_input_client_packets',`
gen_require(`
- type kerberos_admin_client_packet_t;
+ type i18n_input_client_packet_t;
')
- allow $1 kerberos_admin_client_packet_t:packet relabelto;
+ allow $1 i18n_input_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send kerberos_admin_server packets.
+## Send i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33146,17 +33589,17 @@ interface(`corenet_relabelto_kerberos_admin_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_admin_server_packets',`
+interface(`corenet_send_i18n_input_server_packets',`
gen_require(`
- type kerberos_admin_server_packet_t;
+ type i18n_input_server_packet_t;
')
- allow $1 kerberos_admin_server_packet_t:packet send;
+ allow $1 i18n_input_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_admin_server packets.
+## Do not audit attempts to send i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33165,17 +33608,17 @@ interface(`corenet_send_kerberos_admin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_admin_server_packets',`
+interface(`corenet_dontaudit_send_i18n_input_server_packets',`
gen_require(`
- type kerberos_admin_server_packet_t;
+ type i18n_input_server_packet_t;
')
- dontaudit $1 kerberos_admin_server_packet_t:packet send;
+ dontaudit $1 i18n_input_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_admin_server packets.
+## Receive i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33184,17 +33627,17 @@ interface(`corenet_dontaudit_send_kerberos_admin_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_admin_server_packets',`
+interface(`corenet_receive_i18n_input_server_packets',`
gen_require(`
- type kerberos_admin_server_packet_t;
+ type i18n_input_server_packet_t;
')
- allow $1 kerberos_admin_server_packet_t:packet recv;
+ allow $1 i18n_input_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_admin_server packets.
+## Do not audit attempts to receive i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33203,17 +33646,17 @@ interface(`corenet_receive_kerberos_admin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_admin_server_packets',`
+interface(`corenet_dontaudit_receive_i18n_input_server_packets',`
gen_require(`
- type kerberos_admin_server_packet_t;
+ type i18n_input_server_packet_t;
')
- dontaudit $1 kerberos_admin_server_packet_t:packet recv;
+ dontaudit $1 i18n_input_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_admin_server packets.
+## Send and receive i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33222,14 +33665,14 @@ interface(`corenet_dontaudit_receive_kerberos_admin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_admin_server_packets',`
- corenet_send_kerberos_admin_server_packets($1)
- corenet_receive_kerberos_admin_server_packets($1)
+interface(`corenet_sendrecv_i18n_input_server_packets',`
+ corenet_send_i18n_input_server_packets($1)
+ corenet_receive_i18n_input_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_admin_server packets.
+## Do not audit attempts to send and receive i18n_input_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33238,14 +33681,14 @@ interface(`corenet_sendrecv_kerberos_admin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_admin_server_packets',`
- corenet_dontaudit_send_kerberos_admin_server_packets($1)
- corenet_dontaudit_receive_kerberos_admin_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_i18n_input_server_packets',`
+ corenet_dontaudit_send_i18n_input_server_packets($1)
+ corenet_dontaudit_receive_i18n_input_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_admin_server the packet type.
+## Relabel packets to i18n_input_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -33253,12 +33696,12 @@ interface(`corenet_dontaudit_sendrecv_kerberos_admin_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_admin_server_packets',`
+interface(`corenet_relabelto_i18n_input_server_packets',`
gen_require(`
- type kerberos_admin_server_packet_t;
+ type i18n_input_server_packet_t;
')
- allow $1 kerberos_admin_server_packet_t:packet relabelto;
+ allow $1 i18n_input_server_packet_t:packet relabelto;
')
@@ -33266,7 +33709,7 @@ interface(`corenet_relabelto_kerberos_admin_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the kerberos_master port.
+## Send and receive TCP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33275,17 +33718,17 @@ interface(`corenet_relabelto_kerberos_admin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_kerberos_master_port',`
+interface(`corenet_tcp_sendrecv_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 imaze_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the kerberos_master port.
+## Send UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33294,17 +33737,17 @@ interface(`corenet_tcp_sendrecv_kerberos_master_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_kerberos_master_port',`
+interface(`corenet_udp_send_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:udp_socket send_msg;
+ allow $1 imaze_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the kerberos_master port.
+## Do not audit attempts to send UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33313,17 +33756,17 @@ interface(`corenet_udp_send_kerberos_master_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_kerberos_master_port',`
+interface(`corenet_dontaudit_udp_send_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- dontaudit $1 kerberos_master_port_t:udp_socket send_msg;
+ dontaudit $1 imaze_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the kerberos_master port.
+## Receive UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33332,17 +33775,17 @@ interface(`corenet_dontaudit_udp_send_kerberos_master_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_kerberos_master_port',`
+interface(`corenet_udp_receive_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:udp_socket recv_msg;
+ allow $1 imaze_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the kerberos_master port.
+## Do not audit attempts to receive UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33351,17 +33794,17 @@ interface(`corenet_udp_receive_kerberos_master_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_kerberos_master_port',`
+interface(`corenet_dontaudit_udp_receive_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- dontaudit $1 kerberos_master_port_t:udp_socket recv_msg;
+ dontaudit $1 imaze_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the kerberos_master port.
+## Send and receive UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33370,15 +33813,15 @@ interface(`corenet_dontaudit_udp_receive_kerberos_master_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_kerberos_master_port',`
- corenet_udp_send_kerberos_master_port($1)
- corenet_udp_receive_kerberos_master_port($1)
+interface(`corenet_udp_sendrecv_imaze_port',`
+ corenet_udp_send_imaze_port($1)
+ corenet_udp_receive_imaze_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the kerberos_master port.
+## UDP traffic on the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33387,14 +33830,14 @@ interface(`corenet_udp_sendrecv_kerberos_master_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_kerberos_master_port',`
- corenet_dontaudit_udp_send_kerberos_master_port($1)
- corenet_dontaudit_udp_receive_kerberos_master_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_imaze_port',`
+ corenet_dontaudit_udp_send_imaze_port($1)
+ corenet_dontaudit_udp_receive_imaze_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the kerberos_master port.
+## Bind TCP sockets to the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33403,18 +33846,18 @@ interface(`corenet_dontaudit_udp_sendrecv_kerberos_master_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_kerberos_master_port',`
+interface(`corenet_tcp_bind_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:tcp_socket name_bind;
+ allow $1 imaze_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the kerberos_master port.
+## Bind UDP sockets to the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33423,18 +33866,18 @@ interface(`corenet_tcp_bind_kerberos_master_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_kerberos_master_port',`
+interface(`corenet_udp_bind_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:udp_socket name_bind;
+ allow $1 imaze_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the kerberos_master port.
+## Make a TCP connection to the imaze port.
## </summary>
## <param name="domain">
## <summary>
@@ -33442,18 +33885,18 @@ interface(`corenet_udp_bind_kerberos_master_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_kerberos_master_port',`
+interface(`corenet_tcp_connect_imaze_port',`
gen_require(`
- type kerberos_master_port_t;
+ type imaze_port_t;
')
- allow $1 kerberos_master_port_t:tcp_socket name_connect;
+ allow $1 imaze_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send kerberos_master_client packets.
+## Send imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33462,17 +33905,17 @@ interface(`corenet_tcp_connect_kerberos_master_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_master_client_packets',`
+interface(`corenet_send_imaze_client_packets',`
gen_require(`
- type kerberos_master_client_packet_t;
+ type imaze_client_packet_t;
')
- allow $1 kerberos_master_client_packet_t:packet send;
+ allow $1 imaze_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_master_client packets.
+## Do not audit attempts to send imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33481,17 +33924,17 @@ interface(`corenet_send_kerberos_master_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_master_client_packets',`
+interface(`corenet_dontaudit_send_imaze_client_packets',`
gen_require(`
- type kerberos_master_client_packet_t;
+ type imaze_client_packet_t;
')
- dontaudit $1 kerberos_master_client_packet_t:packet send;
+ dontaudit $1 imaze_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_master_client packets.
+## Receive imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33500,17 +33943,17 @@ interface(`corenet_dontaudit_send_kerberos_master_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_master_client_packets',`
+interface(`corenet_receive_imaze_client_packets',`
gen_require(`
- type kerberos_master_client_packet_t;
+ type imaze_client_packet_t;
')
- allow $1 kerberos_master_client_packet_t:packet recv;
+ allow $1 imaze_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_master_client packets.
+## Do not audit attempts to receive imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33519,17 +33962,17 @@ interface(`corenet_receive_kerberos_master_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_master_client_packets',`
+interface(`corenet_dontaudit_receive_imaze_client_packets',`
gen_require(`
- type kerberos_master_client_packet_t;
+ type imaze_client_packet_t;
')
- dontaudit $1 kerberos_master_client_packet_t:packet recv;
+ dontaudit $1 imaze_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_master_client packets.
+## Send and receive imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33538,14 +33981,14 @@ interface(`corenet_dontaudit_receive_kerberos_master_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_master_client_packets',`
- corenet_send_kerberos_master_client_packets($1)
- corenet_receive_kerberos_master_client_packets($1)
+interface(`corenet_sendrecv_imaze_client_packets',`
+ corenet_send_imaze_client_packets($1)
+ corenet_receive_imaze_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_master_client packets.
+## Do not audit attempts to send and receive imaze_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33554,14 +33997,14 @@ interface(`corenet_sendrecv_kerberos_master_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_master_client_packets',`
- corenet_dontaudit_send_kerberos_master_client_packets($1)
- corenet_dontaudit_receive_kerberos_master_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_imaze_client_packets',`
+ corenet_dontaudit_send_imaze_client_packets($1)
+ corenet_dontaudit_receive_imaze_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_master_client the packet type.
+## Relabel packets to imaze_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -33569,18 +34012,18 @@ interface(`corenet_dontaudit_sendrecv_kerberos_master_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_master_client_packets',`
+interface(`corenet_relabelto_imaze_client_packets',`
gen_require(`
- type kerberos_master_client_packet_t;
+ type imaze_client_packet_t;
')
- allow $1 kerberos_master_client_packet_t:packet relabelto;
+ allow $1 imaze_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send kerberos_master_server packets.
+## Send imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33589,17 +34032,17 @@ interface(`corenet_relabelto_kerberos_master_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kerberos_master_server_packets',`
+interface(`corenet_send_imaze_server_packets',`
gen_require(`
- type kerberos_master_server_packet_t;
+ type imaze_server_packet_t;
')
- allow $1 kerberos_master_server_packet_t:packet send;
+ allow $1 imaze_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kerberos_master_server packets.
+## Do not audit attempts to send imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33608,17 +34051,17 @@ interface(`corenet_send_kerberos_master_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kerberos_master_server_packets',`
+interface(`corenet_dontaudit_send_imaze_server_packets',`
gen_require(`
- type kerberos_master_server_packet_t;
+ type imaze_server_packet_t;
')
- dontaudit $1 kerberos_master_server_packet_t:packet send;
+ dontaudit $1 imaze_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive kerberos_master_server packets.
+## Receive imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33627,17 +34070,17 @@ interface(`corenet_dontaudit_send_kerberos_master_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kerberos_master_server_packets',`
+interface(`corenet_receive_imaze_server_packets',`
gen_require(`
- type kerberos_master_server_packet_t;
+ type imaze_server_packet_t;
')
- allow $1 kerberos_master_server_packet_t:packet recv;
+ allow $1 imaze_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kerberos_master_server packets.
+## Do not audit attempts to receive imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33646,17 +34089,17 @@ interface(`corenet_receive_kerberos_master_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kerberos_master_server_packets',`
+interface(`corenet_dontaudit_receive_imaze_server_packets',`
gen_require(`
- type kerberos_master_server_packet_t;
+ type imaze_server_packet_t;
')
- dontaudit $1 kerberos_master_server_packet_t:packet recv;
+ dontaudit $1 imaze_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kerberos_master_server packets.
+## Send and receive imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33665,14 +34108,14 @@ interface(`corenet_dontaudit_receive_kerberos_master_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kerberos_master_server_packets',`
- corenet_send_kerberos_master_server_packets($1)
- corenet_receive_kerberos_master_server_packets($1)
+interface(`corenet_sendrecv_imaze_server_packets',`
+ corenet_send_imaze_server_packets($1)
+ corenet_receive_imaze_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kerberos_master_server packets.
+## Do not audit attempts to send and receive imaze_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33681,14 +34124,14 @@ interface(`corenet_sendrecv_kerberos_master_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kerberos_master_server_packets',`
- corenet_dontaudit_send_kerberos_master_server_packets($1)
- corenet_dontaudit_receive_kerberos_master_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_imaze_server_packets',`
+ corenet_dontaudit_send_imaze_server_packets($1)
+ corenet_dontaudit_receive_imaze_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to kerberos_master_server the packet type.
+## Relabel packets to imaze_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -33696,12 +34139,12 @@ interface(`corenet_dontaudit_sendrecv_kerberos_master_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kerberos_master_server_packets',`
+interface(`corenet_relabelto_imaze_server_packets',`
gen_require(`
- type kerberos_master_server_packet_t;
+ type imaze_server_packet_t;
')
- allow $1 kerberos_master_server_packet_t:packet relabelto;
+ allow $1 imaze_server_packet_t:packet relabelto;
')
@@ -33709,7 +34152,7 @@ interface(`corenet_relabelto_kerberos_master_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the kismet port.
+## Send and receive TCP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33718,17 +34161,17 @@ interface(`corenet_relabelto_kerberos_master_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_kismet_port',`
+interface(`corenet_tcp_sendrecv_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 inetd_child_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the kismet port.
+## Send UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33737,17 +34180,17 @@ interface(`corenet_tcp_sendrecv_kismet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_kismet_port',`
+interface(`corenet_udp_send_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:udp_socket send_msg;
+ allow $1 inetd_child_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the kismet port.
+## Do not audit attempts to send UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33756,17 +34199,17 @@ interface(`corenet_udp_send_kismet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_kismet_port',`
+interface(`corenet_dontaudit_udp_send_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- dontaudit $1 kismet_port_t:udp_socket send_msg;
+ dontaudit $1 inetd_child_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the kismet port.
+## Receive UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33775,17 +34218,17 @@ interface(`corenet_dontaudit_udp_send_kismet_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_kismet_port',`
+interface(`corenet_udp_receive_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:udp_socket recv_msg;
+ allow $1 inetd_child_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the kismet port.
+## Do not audit attempts to receive UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33794,17 +34237,17 @@ interface(`corenet_udp_receive_kismet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_kismet_port',`
+interface(`corenet_dontaudit_udp_receive_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- dontaudit $1 kismet_port_t:udp_socket recv_msg;
+ dontaudit $1 inetd_child_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the kismet port.
+## Send and receive UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33813,15 +34256,15 @@ interface(`corenet_dontaudit_udp_receive_kismet_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_kismet_port',`
- corenet_udp_send_kismet_port($1)
- corenet_udp_receive_kismet_port($1)
+interface(`corenet_udp_sendrecv_inetd_child_port',`
+ corenet_udp_send_inetd_child_port($1)
+ corenet_udp_receive_inetd_child_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the kismet port.
+## UDP traffic on the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33830,14 +34273,14 @@ interface(`corenet_udp_sendrecv_kismet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_kismet_port',`
- corenet_dontaudit_udp_send_kismet_port($1)
- corenet_dontaudit_udp_receive_kismet_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_inetd_child_port',`
+ corenet_dontaudit_udp_send_inetd_child_port($1)
+ corenet_dontaudit_udp_receive_inetd_child_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the kismet port.
+## Bind TCP sockets to the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33846,18 +34289,18 @@ interface(`corenet_dontaudit_udp_sendrecv_kismet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_kismet_port',`
+interface(`corenet_tcp_bind_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:tcp_socket name_bind;
-
+ allow $1 inetd_child_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the kismet port.
+## Bind UDP sockets to the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33866,18 +34309,18 @@ interface(`corenet_tcp_bind_kismet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_kismet_port',`
+interface(`corenet_udp_bind_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:udp_socket name_bind;
-
+ allow $1 inetd_child_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the kismet port.
+## Make a TCP connection to the inetd_child port.
## </summary>
## <param name="domain">
## <summary>
@@ -33885,18 +34328,18 @@ interface(`corenet_udp_bind_kismet_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_kismet_port',`
+interface(`corenet_tcp_connect_inetd_child_port',`
gen_require(`
- type kismet_port_t;
+ type inetd_child_port_t;
')
- allow $1 kismet_port_t:tcp_socket name_connect;
+ allow $1 inetd_child_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send kismet_client packets.
+## Send inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33905,17 +34348,17 @@ interface(`corenet_tcp_connect_kismet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kismet_client_packets',`
+interface(`corenet_send_inetd_child_client_packets',`
gen_require(`
- type kismet_client_packet_t;
+ type inetd_child_client_packet_t;
')
- allow $1 kismet_client_packet_t:packet send;
+ allow $1 inetd_child_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kismet_client packets.
+## Do not audit attempts to send inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33924,17 +34367,17 @@ interface(`corenet_send_kismet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kismet_client_packets',`
+interface(`corenet_dontaudit_send_inetd_child_client_packets',`
gen_require(`
- type kismet_client_packet_t;
+ type inetd_child_client_packet_t;
')
- dontaudit $1 kismet_client_packet_t:packet send;
+ dontaudit $1 inetd_child_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive kismet_client packets.
+## Receive inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33943,17 +34386,17 @@ interface(`corenet_dontaudit_send_kismet_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kismet_client_packets',`
+interface(`corenet_receive_inetd_child_client_packets',`
gen_require(`
- type kismet_client_packet_t;
+ type inetd_child_client_packet_t;
')
- allow $1 kismet_client_packet_t:packet recv;
+ allow $1 inetd_child_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kismet_client packets.
+## Do not audit attempts to receive inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33962,17 +34405,17 @@ interface(`corenet_receive_kismet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kismet_client_packets',`
+interface(`corenet_dontaudit_receive_inetd_child_client_packets',`
gen_require(`
- type kismet_client_packet_t;
+ type inetd_child_client_packet_t;
')
- dontaudit $1 kismet_client_packet_t:packet recv;
+ dontaudit $1 inetd_child_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kismet_client packets.
+## Send and receive inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33981,14 +34424,14 @@ interface(`corenet_dontaudit_receive_kismet_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kismet_client_packets',`
- corenet_send_kismet_client_packets($1)
- corenet_receive_kismet_client_packets($1)
+interface(`corenet_sendrecv_inetd_child_client_packets',`
+ corenet_send_inetd_child_client_packets($1)
+ corenet_receive_inetd_child_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kismet_client packets.
+## Do not audit attempts to send and receive inetd_child_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -33997,14 +34440,14 @@ interface(`corenet_sendrecv_kismet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kismet_client_packets',`
- corenet_dontaudit_send_kismet_client_packets($1)
- corenet_dontaudit_receive_kismet_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_inetd_child_client_packets',`
+ corenet_dontaudit_send_inetd_child_client_packets($1)
+ corenet_dontaudit_receive_inetd_child_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to kismet_client the packet type.
+## Relabel packets to inetd_child_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -34012,18 +34455,18 @@ interface(`corenet_dontaudit_sendrecv_kismet_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kismet_client_packets',`
+interface(`corenet_relabelto_inetd_child_client_packets',`
gen_require(`
- type kismet_client_packet_t;
+ type inetd_child_client_packet_t;
')
- allow $1 kismet_client_packet_t:packet relabelto;
+ allow $1 inetd_child_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send kismet_server packets.
+## Send inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34032,17 +34475,17 @@ interface(`corenet_relabelto_kismet_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kismet_server_packets',`
+interface(`corenet_send_inetd_child_server_packets',`
gen_require(`
- type kismet_server_packet_t;
+ type inetd_child_server_packet_t;
')
- allow $1 kismet_server_packet_t:packet send;
+ allow $1 inetd_child_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kismet_server packets.
+## Do not audit attempts to send inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34051,17 +34494,17 @@ interface(`corenet_send_kismet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kismet_server_packets',`
+interface(`corenet_dontaudit_send_inetd_child_server_packets',`
gen_require(`
- type kismet_server_packet_t;
+ type inetd_child_server_packet_t;
')
- dontaudit $1 kismet_server_packet_t:packet send;
+ dontaudit $1 inetd_child_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive kismet_server packets.
+## Receive inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34070,17 +34513,17 @@ interface(`corenet_dontaudit_send_kismet_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kismet_server_packets',`
+interface(`corenet_receive_inetd_child_server_packets',`
gen_require(`
- type kismet_server_packet_t;
+ type inetd_child_server_packet_t;
')
- allow $1 kismet_server_packet_t:packet recv;
+ allow $1 inetd_child_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kismet_server packets.
+## Do not audit attempts to receive inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34089,17 +34532,17 @@ interface(`corenet_receive_kismet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kismet_server_packets',`
+interface(`corenet_dontaudit_receive_inetd_child_server_packets',`
gen_require(`
- type kismet_server_packet_t;
+ type inetd_child_server_packet_t;
')
- dontaudit $1 kismet_server_packet_t:packet recv;
+ dontaudit $1 inetd_child_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kismet_server packets.
+## Send and receive inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34108,14 +34551,14 @@ interface(`corenet_dontaudit_receive_kismet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kismet_server_packets',`
- corenet_send_kismet_server_packets($1)
- corenet_receive_kismet_server_packets($1)
+interface(`corenet_sendrecv_inetd_child_server_packets',`
+ corenet_send_inetd_child_server_packets($1)
+ corenet_receive_inetd_child_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kismet_server packets.
+## Do not audit attempts to send and receive inetd_child_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34124,14 +34567,14 @@ interface(`corenet_sendrecv_kismet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kismet_server_packets',`
- corenet_dontaudit_send_kismet_server_packets($1)
- corenet_dontaudit_receive_kismet_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_inetd_child_server_packets',`
+ corenet_dontaudit_send_inetd_child_server_packets($1)
+ corenet_dontaudit_receive_inetd_child_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to kismet_server the packet type.
+## Relabel packets to inetd_child_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -34139,12 +34582,12 @@ interface(`corenet_dontaudit_sendrecv_kismet_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kismet_server_packets',`
+interface(`corenet_relabelto_inetd_child_server_packets',`
gen_require(`
- type kismet_server_packet_t;
+ type inetd_child_server_packet_t;
')
- allow $1 kismet_server_packet_t:packet relabelto;
+ allow $1 inetd_child_server_packet_t:packet relabelto;
')
@@ -34152,7 +34595,7 @@ interface(`corenet_relabelto_kismet_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the kprop port.
+## Send and receive TCP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34161,17 +34604,17 @@ interface(`corenet_relabelto_kismet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_kprop_port',`
+interface(`corenet_tcp_sendrecv_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 innd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the kprop port.
+## Send UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34180,17 +34623,17 @@ interface(`corenet_tcp_sendrecv_kprop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_kprop_port',`
+interface(`corenet_udp_send_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:udp_socket send_msg;
+ allow $1 innd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the kprop port.
+## Do not audit attempts to send UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34199,17 +34642,17 @@ interface(`corenet_udp_send_kprop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_kprop_port',`
+interface(`corenet_dontaudit_udp_send_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- dontaudit $1 kprop_port_t:udp_socket send_msg;
+ dontaudit $1 innd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the kprop port.
+## Receive UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34218,17 +34661,17 @@ interface(`corenet_dontaudit_udp_send_kprop_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_kprop_port',`
+interface(`corenet_udp_receive_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:udp_socket recv_msg;
+ allow $1 innd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the kprop port.
+## Do not audit attempts to receive UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34237,17 +34680,17 @@ interface(`corenet_udp_receive_kprop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_kprop_port',`
+interface(`corenet_dontaudit_udp_receive_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- dontaudit $1 kprop_port_t:udp_socket recv_msg;
+ dontaudit $1 innd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the kprop port.
+## Send and receive UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34256,15 +34699,15 @@ interface(`corenet_dontaudit_udp_receive_kprop_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_kprop_port',`
- corenet_udp_send_kprop_port($1)
- corenet_udp_receive_kprop_port($1)
+interface(`corenet_udp_sendrecv_innd_port',`
+ corenet_udp_send_innd_port($1)
+ corenet_udp_receive_innd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the kprop port.
+## UDP traffic on the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34273,14 +34716,14 @@ interface(`corenet_udp_sendrecv_kprop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_kprop_port',`
- corenet_dontaudit_udp_send_kprop_port($1)
- corenet_dontaudit_udp_receive_kprop_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_innd_port',`
+ corenet_dontaudit_udp_send_innd_port($1)
+ corenet_dontaudit_udp_receive_innd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the kprop port.
+## Bind TCP sockets to the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34289,18 +34732,18 @@ interface(`corenet_dontaudit_udp_sendrecv_kprop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_kprop_port',`
+interface(`corenet_tcp_bind_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:tcp_socket name_bind;
+ allow $1 innd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the kprop port.
+## Bind UDP sockets to the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34309,18 +34752,18 @@ interface(`corenet_tcp_bind_kprop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_kprop_port',`
+interface(`corenet_udp_bind_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:udp_socket name_bind;
+ allow $1 innd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the kprop port.
+## Make a TCP connection to the innd port.
## </summary>
## <param name="domain">
## <summary>
@@ -34328,18 +34771,18 @@ interface(`corenet_udp_bind_kprop_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_kprop_port',`
+interface(`corenet_tcp_connect_innd_port',`
gen_require(`
- type kprop_port_t;
+ type innd_port_t;
')
- allow $1 kprop_port_t:tcp_socket name_connect;
+ allow $1 innd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send kprop_client packets.
+## Send innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34348,17 +34791,17 @@ interface(`corenet_tcp_connect_kprop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kprop_client_packets',`
+interface(`corenet_send_innd_client_packets',`
gen_require(`
- type kprop_client_packet_t;
+ type innd_client_packet_t;
')
- allow $1 kprop_client_packet_t:packet send;
+ allow $1 innd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kprop_client packets.
+## Do not audit attempts to send innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34367,17 +34810,17 @@ interface(`corenet_send_kprop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kprop_client_packets',`
+interface(`corenet_dontaudit_send_innd_client_packets',`
gen_require(`
- type kprop_client_packet_t;
+ type innd_client_packet_t;
')
- dontaudit $1 kprop_client_packet_t:packet send;
+ dontaudit $1 innd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive kprop_client packets.
+## Receive innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34386,17 +34829,17 @@ interface(`corenet_dontaudit_send_kprop_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kprop_client_packets',`
+interface(`corenet_receive_innd_client_packets',`
gen_require(`
- type kprop_client_packet_t;
+ type innd_client_packet_t;
')
- allow $1 kprop_client_packet_t:packet recv;
+ allow $1 innd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kprop_client packets.
+## Do not audit attempts to receive innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34405,17 +34848,17 @@ interface(`corenet_receive_kprop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kprop_client_packets',`
+interface(`corenet_dontaudit_receive_innd_client_packets',`
gen_require(`
- type kprop_client_packet_t;
+ type innd_client_packet_t;
')
- dontaudit $1 kprop_client_packet_t:packet recv;
+ dontaudit $1 innd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kprop_client packets.
+## Send and receive innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34424,14 +34867,14 @@ interface(`corenet_dontaudit_receive_kprop_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kprop_client_packets',`
- corenet_send_kprop_client_packets($1)
- corenet_receive_kprop_client_packets($1)
+interface(`corenet_sendrecv_innd_client_packets',`
+ corenet_send_innd_client_packets($1)
+ corenet_receive_innd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kprop_client packets.
+## Do not audit attempts to send and receive innd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34440,14 +34883,14 @@ interface(`corenet_sendrecv_kprop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kprop_client_packets',`
- corenet_dontaudit_send_kprop_client_packets($1)
- corenet_dontaudit_receive_kprop_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_innd_client_packets',`
+ corenet_dontaudit_send_innd_client_packets($1)
+ corenet_dontaudit_receive_innd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to kprop_client the packet type.
+## Relabel packets to innd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -34455,18 +34898,18 @@ interface(`corenet_dontaudit_sendrecv_kprop_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kprop_client_packets',`
+interface(`corenet_relabelto_innd_client_packets',`
gen_require(`
- type kprop_client_packet_t;
+ type innd_client_packet_t;
')
- allow $1 kprop_client_packet_t:packet relabelto;
+ allow $1 innd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send kprop_server packets.
+## Send innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34475,17 +34918,17 @@ interface(`corenet_relabelto_kprop_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_kprop_server_packets',`
+interface(`corenet_send_innd_server_packets',`
gen_require(`
- type kprop_server_packet_t;
+ type innd_server_packet_t;
')
- allow $1 kprop_server_packet_t:packet send;
+ allow $1 innd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send kprop_server packets.
+## Do not audit attempts to send innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34494,17 +34937,17 @@ interface(`corenet_send_kprop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_kprop_server_packets',`
+interface(`corenet_dontaudit_send_innd_server_packets',`
gen_require(`
- type kprop_server_packet_t;
+ type innd_server_packet_t;
')
- dontaudit $1 kprop_server_packet_t:packet send;
+ dontaudit $1 innd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive kprop_server packets.
+## Receive innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34513,17 +34956,17 @@ interface(`corenet_dontaudit_send_kprop_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_kprop_server_packets',`
+interface(`corenet_receive_innd_server_packets',`
gen_require(`
- type kprop_server_packet_t;
+ type innd_server_packet_t;
')
- allow $1 kprop_server_packet_t:packet recv;
+ allow $1 innd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive kprop_server packets.
+## Do not audit attempts to receive innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34532,17 +34975,17 @@ interface(`corenet_receive_kprop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_kprop_server_packets',`
+interface(`corenet_dontaudit_receive_innd_server_packets',`
gen_require(`
- type kprop_server_packet_t;
+ type innd_server_packet_t;
')
- dontaudit $1 kprop_server_packet_t:packet recv;
+ dontaudit $1 innd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive kprop_server packets.
+## Send and receive innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34551,14 +34994,14 @@ interface(`corenet_dontaudit_receive_kprop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_kprop_server_packets',`
- corenet_send_kprop_server_packets($1)
- corenet_receive_kprop_server_packets($1)
+interface(`corenet_sendrecv_innd_server_packets',`
+ corenet_send_innd_server_packets($1)
+ corenet_receive_innd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive kprop_server packets.
+## Do not audit attempts to send and receive innd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34567,14 +35010,14 @@ interface(`corenet_sendrecv_kprop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_kprop_server_packets',`
- corenet_dontaudit_send_kprop_server_packets($1)
- corenet_dontaudit_receive_kprop_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_innd_server_packets',`
+ corenet_dontaudit_send_innd_server_packets($1)
+ corenet_dontaudit_receive_innd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to kprop_server the packet type.
+## Relabel packets to innd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -34582,12 +35025,12 @@ interface(`corenet_dontaudit_sendrecv_kprop_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_kprop_server_packets',`
+interface(`corenet_relabelto_innd_server_packets',`
gen_require(`
- type kprop_server_packet_t;
+ type innd_server_packet_t;
')
- allow $1 kprop_server_packet_t:packet relabelto;
+ allow $1 innd_server_packet_t:packet relabelto;
')
@@ -34595,7 +35038,7 @@ interface(`corenet_relabelto_kprop_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ktalkd port.
+## Send and receive TCP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34604,17 +35047,17 @@ interface(`corenet_relabelto_kprop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ktalkd_port',`
+interface(`corenet_tcp_sendrecv_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 interwise_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ktalkd port.
+## Send UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34623,17 +35066,17 @@ interface(`corenet_tcp_sendrecv_ktalkd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ktalkd_port',`
+interface(`corenet_udp_send_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:udp_socket send_msg;
+ allow $1 interwise_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ktalkd port.
+## Do not audit attempts to send UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34642,17 +35085,17 @@ interface(`corenet_udp_send_ktalkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ktalkd_port',`
+interface(`corenet_dontaudit_udp_send_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- dontaudit $1 ktalkd_port_t:udp_socket send_msg;
+ dontaudit $1 interwise_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ktalkd port.
+## Receive UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34661,17 +35104,17 @@ interface(`corenet_dontaudit_udp_send_ktalkd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ktalkd_port',`
+interface(`corenet_udp_receive_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:udp_socket recv_msg;
+ allow $1 interwise_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ktalkd port.
+## Do not audit attempts to receive UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34680,17 +35123,17 @@ interface(`corenet_udp_receive_ktalkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ktalkd_port',`
+interface(`corenet_dontaudit_udp_receive_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- dontaudit $1 ktalkd_port_t:udp_socket recv_msg;
+ dontaudit $1 interwise_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ktalkd port.
+## Send and receive UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34699,15 +35142,15 @@ interface(`corenet_dontaudit_udp_receive_ktalkd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ktalkd_port',`
- corenet_udp_send_ktalkd_port($1)
- corenet_udp_receive_ktalkd_port($1)
+interface(`corenet_udp_sendrecv_interwise_port',`
+ corenet_udp_send_interwise_port($1)
+ corenet_udp_receive_interwise_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ktalkd port.
+## UDP traffic on the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34716,14 +35159,14 @@ interface(`corenet_udp_sendrecv_ktalkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ktalkd_port',`
- corenet_dontaudit_udp_send_ktalkd_port($1)
- corenet_dontaudit_udp_receive_ktalkd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_interwise_port',`
+ corenet_dontaudit_udp_send_interwise_port($1)
+ corenet_dontaudit_udp_receive_interwise_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ktalkd port.
+## Bind TCP sockets to the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34732,18 +35175,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ktalkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ktalkd_port',`
+interface(`corenet_tcp_bind_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 interwise_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ktalkd port.
+## Bind UDP sockets to the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34752,18 +35195,18 @@ interface(`corenet_tcp_bind_ktalkd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ktalkd_port',`
+interface(`corenet_udp_bind_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 interwise_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ktalkd port.
+## Make a TCP connection to the interwise port.
## </summary>
## <param name="domain">
## <summary>
@@ -34771,18 +35214,18 @@ interface(`corenet_udp_bind_ktalkd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ktalkd_port',`
+interface(`corenet_tcp_connect_interwise_port',`
gen_require(`
- type ktalkd_port_t;
+ type interwise_port_t;
')
- allow $1 ktalkd_port_t:tcp_socket name_connect;
+ allow $1 interwise_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ktalkd_client packets.
+## Send interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34791,17 +35234,17 @@ interface(`corenet_tcp_connect_ktalkd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ktalkd_client_packets',`
+interface(`corenet_send_interwise_client_packets',`
gen_require(`
- type ktalkd_client_packet_t;
+ type interwise_client_packet_t;
')
- allow $1 ktalkd_client_packet_t:packet send;
+ allow $1 interwise_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ktalkd_client packets.
+## Do not audit attempts to send interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34810,17 +35253,17 @@ interface(`corenet_send_ktalkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ktalkd_client_packets',`
+interface(`corenet_dontaudit_send_interwise_client_packets',`
gen_require(`
- type ktalkd_client_packet_t;
+ type interwise_client_packet_t;
')
- dontaudit $1 ktalkd_client_packet_t:packet send;
+ dontaudit $1 interwise_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ktalkd_client packets.
+## Receive interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34829,17 +35272,17 @@ interface(`corenet_dontaudit_send_ktalkd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ktalkd_client_packets',`
+interface(`corenet_receive_interwise_client_packets',`
gen_require(`
- type ktalkd_client_packet_t;
+ type interwise_client_packet_t;
')
- allow $1 ktalkd_client_packet_t:packet recv;
+ allow $1 interwise_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ktalkd_client packets.
+## Do not audit attempts to receive interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34848,17 +35291,17 @@ interface(`corenet_receive_ktalkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ktalkd_client_packets',`
+interface(`corenet_dontaudit_receive_interwise_client_packets',`
gen_require(`
- type ktalkd_client_packet_t;
+ type interwise_client_packet_t;
')
- dontaudit $1 ktalkd_client_packet_t:packet recv;
+ dontaudit $1 interwise_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ktalkd_client packets.
+## Send and receive interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34867,14 +35310,14 @@ interface(`corenet_dontaudit_receive_ktalkd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ktalkd_client_packets',`
- corenet_send_ktalkd_client_packets($1)
- corenet_receive_ktalkd_client_packets($1)
+interface(`corenet_sendrecv_interwise_client_packets',`
+ corenet_send_interwise_client_packets($1)
+ corenet_receive_interwise_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ktalkd_client packets.
+## Do not audit attempts to send and receive interwise_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34883,14 +35326,14 @@ interface(`corenet_sendrecv_ktalkd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ktalkd_client_packets',`
- corenet_dontaudit_send_ktalkd_client_packets($1)
- corenet_dontaudit_receive_ktalkd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_interwise_client_packets',`
+ corenet_dontaudit_send_interwise_client_packets($1)
+ corenet_dontaudit_receive_interwise_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ktalkd_client the packet type.
+## Relabel packets to interwise_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -34898,18 +35341,18 @@ interface(`corenet_dontaudit_sendrecv_ktalkd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ktalkd_client_packets',`
+interface(`corenet_relabelto_interwise_client_packets',`
gen_require(`
- type ktalkd_client_packet_t;
+ type interwise_client_packet_t;
')
- allow $1 ktalkd_client_packet_t:packet relabelto;
+ allow $1 interwise_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ktalkd_server packets.
+## Send interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34918,17 +35361,17 @@ interface(`corenet_relabelto_ktalkd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ktalkd_server_packets',`
+interface(`corenet_send_interwise_server_packets',`
gen_require(`
- type ktalkd_server_packet_t;
+ type interwise_server_packet_t;
')
- allow $1 ktalkd_server_packet_t:packet send;
+ allow $1 interwise_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ktalkd_server packets.
+## Do not audit attempts to send interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34937,17 +35380,17 @@ interface(`corenet_send_ktalkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ktalkd_server_packets',`
+interface(`corenet_dontaudit_send_interwise_server_packets',`
gen_require(`
- type ktalkd_server_packet_t;
+ type interwise_server_packet_t;
')
- dontaudit $1 ktalkd_server_packet_t:packet send;
+ dontaudit $1 interwise_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ktalkd_server packets.
+## Receive interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34956,17 +35399,17 @@ interface(`corenet_dontaudit_send_ktalkd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ktalkd_server_packets',`
+interface(`corenet_receive_interwise_server_packets',`
gen_require(`
- type ktalkd_server_packet_t;
+ type interwise_server_packet_t;
')
- allow $1 ktalkd_server_packet_t:packet recv;
+ allow $1 interwise_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ktalkd_server packets.
+## Do not audit attempts to receive interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34975,17 +35418,17 @@ interface(`corenet_receive_ktalkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ktalkd_server_packets',`
+interface(`corenet_dontaudit_receive_interwise_server_packets',`
gen_require(`
- type ktalkd_server_packet_t;
+ type interwise_server_packet_t;
')
- dontaudit $1 ktalkd_server_packet_t:packet recv;
+ dontaudit $1 interwise_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ktalkd_server packets.
+## Send and receive interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -34994,14 +35437,14 @@ interface(`corenet_dontaudit_receive_ktalkd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ktalkd_server_packets',`
- corenet_send_ktalkd_server_packets($1)
- corenet_receive_ktalkd_server_packets($1)
+interface(`corenet_sendrecv_interwise_server_packets',`
+ corenet_send_interwise_server_packets($1)
+ corenet_receive_interwise_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ktalkd_server packets.
+## Do not audit attempts to send and receive interwise_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35010,14 +35453,14 @@ interface(`corenet_sendrecv_ktalkd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ktalkd_server_packets',`
- corenet_dontaudit_send_ktalkd_server_packets($1)
- corenet_dontaudit_receive_ktalkd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_interwise_server_packets',`
+ corenet_dontaudit_send_interwise_server_packets($1)
+ corenet_dontaudit_receive_interwise_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ktalkd_server the packet type.
+## Relabel packets to interwise_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -35025,12 +35468,12 @@ interface(`corenet_dontaudit_sendrecv_ktalkd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ktalkd_server_packets',`
+interface(`corenet_relabelto_interwise_server_packets',`
gen_require(`
- type ktalkd_server_packet_t;
+ type interwise_server_packet_t;
')
- allow $1 ktalkd_server_packet_t:packet relabelto;
+ allow $1 interwise_server_packet_t:packet relabelto;
')
@@ -35038,7 +35481,7 @@ interface(`corenet_relabelto_ktalkd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ldap port.
+## Send and receive TCP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35047,17 +35490,17 @@ interface(`corenet_relabelto_ktalkd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ldap_port',`
+interface(`corenet_tcp_sendrecv_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ionixnetmon_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ldap port.
+## Send UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35066,17 +35509,17 @@ interface(`corenet_tcp_sendrecv_ldap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ldap_port',`
+interface(`corenet_udp_send_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:udp_socket send_msg;
+ allow $1 ionixnetmon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ldap port.
+## Do not audit attempts to send UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35085,17 +35528,17 @@ interface(`corenet_udp_send_ldap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ldap_port',`
+interface(`corenet_dontaudit_udp_send_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- dontaudit $1 ldap_port_t:udp_socket send_msg;
+ dontaudit $1 ionixnetmon_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ldap port.
+## Receive UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35104,17 +35547,17 @@ interface(`corenet_dontaudit_udp_send_ldap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ldap_port',`
+interface(`corenet_udp_receive_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:udp_socket recv_msg;
+ allow $1 ionixnetmon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ldap port.
+## Do not audit attempts to receive UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35123,17 +35566,17 @@ interface(`corenet_udp_receive_ldap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ldap_port',`
+interface(`corenet_dontaudit_udp_receive_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- dontaudit $1 ldap_port_t:udp_socket recv_msg;
+ dontaudit $1 ionixnetmon_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ldap port.
+## Send and receive UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35142,15 +35585,15 @@ interface(`corenet_dontaudit_udp_receive_ldap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ldap_port',`
- corenet_udp_send_ldap_port($1)
- corenet_udp_receive_ldap_port($1)
+interface(`corenet_udp_sendrecv_ionixnetmon_port',`
+ corenet_udp_send_ionixnetmon_port($1)
+ corenet_udp_receive_ionixnetmon_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ldap port.
+## UDP traffic on the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35159,14 +35602,14 @@ interface(`corenet_udp_sendrecv_ldap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ldap_port',`
- corenet_dontaudit_udp_send_ldap_port($1)
- corenet_dontaudit_udp_receive_ldap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ionixnetmon_port',`
+ corenet_dontaudit_udp_send_ionixnetmon_port($1)
+ corenet_dontaudit_udp_receive_ionixnetmon_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ldap port.
+## Bind TCP sockets to the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35175,18 +35618,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ldap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ldap_port',`
+interface(`corenet_tcp_bind_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ionixnetmon_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ldap port.
+## Bind UDP sockets to the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35195,18 +35638,18 @@ interface(`corenet_tcp_bind_ldap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ldap_port',`
+interface(`corenet_udp_bind_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ionixnetmon_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ldap port.
+## Make a TCP connection to the ionixnetmon port.
## </summary>
## <param name="domain">
## <summary>
@@ -35214,18 +35657,18 @@ interface(`corenet_udp_bind_ldap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ldap_port',`
+interface(`corenet_tcp_connect_ionixnetmon_port',`
gen_require(`
- type ldap_port_t;
+ type ionixnetmon_port_t;
')
- allow $1 ldap_port_t:tcp_socket name_connect;
+ allow $1 ionixnetmon_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ldap_client packets.
+## Send ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35234,17 +35677,17 @@ interface(`corenet_tcp_connect_ldap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ldap_client_packets',`
+interface(`corenet_send_ionixnetmon_client_packets',`
gen_require(`
- type ldap_client_packet_t;
+ type ionixnetmon_client_packet_t;
')
- allow $1 ldap_client_packet_t:packet send;
+ allow $1 ionixnetmon_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ldap_client packets.
+## Do not audit attempts to send ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35253,17 +35696,17 @@ interface(`corenet_send_ldap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ldap_client_packets',`
+interface(`corenet_dontaudit_send_ionixnetmon_client_packets',`
gen_require(`
- type ldap_client_packet_t;
+ type ionixnetmon_client_packet_t;
')
- dontaudit $1 ldap_client_packet_t:packet send;
+ dontaudit $1 ionixnetmon_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ldap_client packets.
+## Receive ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35272,17 +35715,17 @@ interface(`corenet_dontaudit_send_ldap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ldap_client_packets',`
+interface(`corenet_receive_ionixnetmon_client_packets',`
gen_require(`
- type ldap_client_packet_t;
+ type ionixnetmon_client_packet_t;
')
- allow $1 ldap_client_packet_t:packet recv;
+ allow $1 ionixnetmon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ldap_client packets.
+## Do not audit attempts to receive ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35291,17 +35734,17 @@ interface(`corenet_receive_ldap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ldap_client_packets',`
+interface(`corenet_dontaudit_receive_ionixnetmon_client_packets',`
gen_require(`
- type ldap_client_packet_t;
+ type ionixnetmon_client_packet_t;
')
- dontaudit $1 ldap_client_packet_t:packet recv;
+ dontaudit $1 ionixnetmon_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ldap_client packets.
+## Send and receive ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35310,14 +35753,14 @@ interface(`corenet_dontaudit_receive_ldap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ldap_client_packets',`
- corenet_send_ldap_client_packets($1)
- corenet_receive_ldap_client_packets($1)
+interface(`corenet_sendrecv_ionixnetmon_client_packets',`
+ corenet_send_ionixnetmon_client_packets($1)
+ corenet_receive_ionixnetmon_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ldap_client packets.
+## Do not audit attempts to send and receive ionixnetmon_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35326,14 +35769,14 @@ interface(`corenet_sendrecv_ldap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ldap_client_packets',`
- corenet_dontaudit_send_ldap_client_packets($1)
- corenet_dontaudit_receive_ldap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ionixnetmon_client_packets',`
+ corenet_dontaudit_send_ionixnetmon_client_packets($1)
+ corenet_dontaudit_receive_ionixnetmon_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ldap_client the packet type.
+## Relabel packets to ionixnetmon_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -35341,18 +35784,18 @@ interface(`corenet_dontaudit_sendrecv_ldap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ldap_client_packets',`
+interface(`corenet_relabelto_ionixnetmon_client_packets',`
gen_require(`
- type ldap_client_packet_t;
+ type ionixnetmon_client_packet_t;
')
- allow $1 ldap_client_packet_t:packet relabelto;
+ allow $1 ionixnetmon_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ldap_server packets.
+## Send ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35361,17 +35804,17 @@ interface(`corenet_relabelto_ldap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ldap_server_packets',`
+interface(`corenet_send_ionixnetmon_server_packets',`
gen_require(`
- type ldap_server_packet_t;
+ type ionixnetmon_server_packet_t;
')
- allow $1 ldap_server_packet_t:packet send;
+ allow $1 ionixnetmon_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ldap_server packets.
+## Do not audit attempts to send ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35380,17 +35823,17 @@ interface(`corenet_send_ldap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ldap_server_packets',`
+interface(`corenet_dontaudit_send_ionixnetmon_server_packets',`
gen_require(`
- type ldap_server_packet_t;
+ type ionixnetmon_server_packet_t;
')
- dontaudit $1 ldap_server_packet_t:packet send;
+ dontaudit $1 ionixnetmon_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ldap_server packets.
+## Receive ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35399,17 +35842,17 @@ interface(`corenet_dontaudit_send_ldap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ldap_server_packets',`
+interface(`corenet_receive_ionixnetmon_server_packets',`
gen_require(`
- type ldap_server_packet_t;
+ type ionixnetmon_server_packet_t;
')
- allow $1 ldap_server_packet_t:packet recv;
+ allow $1 ionixnetmon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ldap_server packets.
+## Do not audit attempts to receive ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35418,17 +35861,17 @@ interface(`corenet_receive_ldap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ldap_server_packets',`
+interface(`corenet_dontaudit_receive_ionixnetmon_server_packets',`
gen_require(`
- type ldap_server_packet_t;
+ type ionixnetmon_server_packet_t;
')
- dontaudit $1 ldap_server_packet_t:packet recv;
+ dontaudit $1 ionixnetmon_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ldap_server packets.
+## Send and receive ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35437,14 +35880,14 @@ interface(`corenet_dontaudit_receive_ldap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ldap_server_packets',`
- corenet_send_ldap_server_packets($1)
- corenet_receive_ldap_server_packets($1)
+interface(`corenet_sendrecv_ionixnetmon_server_packets',`
+ corenet_send_ionixnetmon_server_packets($1)
+ corenet_receive_ionixnetmon_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ldap_server packets.
+## Do not audit attempts to send and receive ionixnetmon_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35453,14 +35896,14 @@ interface(`corenet_sendrecv_ldap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ldap_server_packets',`
- corenet_dontaudit_send_ldap_server_packets($1)
- corenet_dontaudit_receive_ldap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ionixnetmon_server_packets',`
+ corenet_dontaudit_send_ionixnetmon_server_packets($1)
+ corenet_dontaudit_receive_ionixnetmon_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ldap_server the packet type.
+## Relabel packets to ionixnetmon_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -35468,12 +35911,12 @@ interface(`corenet_dontaudit_sendrecv_ldap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ldap_server_packets',`
+interface(`corenet_relabelto_ionixnetmon_server_packets',`
gen_require(`
- type ldap_server_packet_t;
+ type ionixnetmon_server_packet_t;
')
- allow $1 ldap_server_packet_t:packet relabelto;
+ allow $1 ionixnetmon_server_packet_t:packet relabelto;
')
@@ -35481,7 +35924,7 @@ interface(`corenet_relabelto_ldap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the lirc port.
+## Send and receive TCP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35490,17 +35933,17 @@ interface(`corenet_relabelto_ldap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_lirc_port',`
+interface(`corenet_tcp_sendrecv_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ipmi_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the lirc port.
+## Send UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35509,17 +35952,17 @@ interface(`corenet_tcp_sendrecv_lirc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_lirc_port',`
+interface(`corenet_udp_send_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:udp_socket send_msg;
+ allow $1 ipmi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the lirc port.
+## Do not audit attempts to send UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35528,17 +35971,17 @@ interface(`corenet_udp_send_lirc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_lirc_port',`
+interface(`corenet_dontaudit_udp_send_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- dontaudit $1 lirc_port_t:udp_socket send_msg;
+ dontaudit $1 ipmi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the lirc port.
+## Receive UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35547,17 +35990,17 @@ interface(`corenet_dontaudit_udp_send_lirc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_lirc_port',`
+interface(`corenet_udp_receive_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:udp_socket recv_msg;
+ allow $1 ipmi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the lirc port.
+## Do not audit attempts to receive UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35566,17 +36009,17 @@ interface(`corenet_udp_receive_lirc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_lirc_port',`
+interface(`corenet_dontaudit_udp_receive_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- dontaudit $1 lirc_port_t:udp_socket recv_msg;
+ dontaudit $1 ipmi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the lirc port.
+## Send and receive UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35585,15 +36028,15 @@ interface(`corenet_dontaudit_udp_receive_lirc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_lirc_port',`
- corenet_udp_send_lirc_port($1)
- corenet_udp_receive_lirc_port($1)
+interface(`corenet_udp_sendrecv_ipmi_port',`
+ corenet_udp_send_ipmi_port($1)
+ corenet_udp_receive_ipmi_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the lirc port.
+## UDP traffic on the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35602,14 +36045,14 @@ interface(`corenet_udp_sendrecv_lirc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_lirc_port',`
- corenet_dontaudit_udp_send_lirc_port($1)
- corenet_dontaudit_udp_receive_lirc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ipmi_port',`
+ corenet_dontaudit_udp_send_ipmi_port($1)
+ corenet_dontaudit_udp_receive_ipmi_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the lirc port.
+## Bind TCP sockets to the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35618,18 +36061,18 @@ interface(`corenet_dontaudit_udp_sendrecv_lirc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_lirc_port',`
+interface(`corenet_tcp_bind_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:tcp_socket name_bind;
-
+ allow $1 ipmi_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the lirc port.
+## Bind UDP sockets to the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35638,18 +36081,18 @@ interface(`corenet_tcp_bind_lirc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_lirc_port',`
+interface(`corenet_udp_bind_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:udp_socket name_bind;
-
+ allow $1 ipmi_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the lirc port.
+## Make a TCP connection to the ipmi port.
## </summary>
## <param name="domain">
## <summary>
@@ -35657,18 +36100,18 @@ interface(`corenet_udp_bind_lirc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_lirc_port',`
+interface(`corenet_tcp_connect_ipmi_port',`
gen_require(`
- type lirc_port_t;
+ type ipmi_port_t;
')
- allow $1 lirc_port_t:tcp_socket name_connect;
+ allow $1 ipmi_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send lirc_client packets.
+## Send ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35677,17 +36120,17 @@ interface(`corenet_tcp_connect_lirc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lirc_client_packets',`
+interface(`corenet_send_ipmi_client_packets',`
gen_require(`
- type lirc_client_packet_t;
+ type ipmi_client_packet_t;
')
- allow $1 lirc_client_packet_t:packet send;
+ allow $1 ipmi_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lirc_client packets.
+## Do not audit attempts to send ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35696,17 +36139,17 @@ interface(`corenet_send_lirc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lirc_client_packets',`
+interface(`corenet_dontaudit_send_ipmi_client_packets',`
gen_require(`
- type lirc_client_packet_t;
+ type ipmi_client_packet_t;
')
- dontaudit $1 lirc_client_packet_t:packet send;
+ dontaudit $1 ipmi_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive lirc_client packets.
+## Receive ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35715,17 +36158,17 @@ interface(`corenet_dontaudit_send_lirc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lirc_client_packets',`
+interface(`corenet_receive_ipmi_client_packets',`
gen_require(`
- type lirc_client_packet_t;
+ type ipmi_client_packet_t;
')
- allow $1 lirc_client_packet_t:packet recv;
+ allow $1 ipmi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lirc_client packets.
+## Do not audit attempts to receive ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35734,17 +36177,17 @@ interface(`corenet_receive_lirc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lirc_client_packets',`
+interface(`corenet_dontaudit_receive_ipmi_client_packets',`
gen_require(`
- type lirc_client_packet_t;
+ type ipmi_client_packet_t;
')
- dontaudit $1 lirc_client_packet_t:packet recv;
+ dontaudit $1 ipmi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lirc_client packets.
+## Send and receive ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35753,14 +36196,14 @@ interface(`corenet_dontaudit_receive_lirc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lirc_client_packets',`
- corenet_send_lirc_client_packets($1)
- corenet_receive_lirc_client_packets($1)
+interface(`corenet_sendrecv_ipmi_client_packets',`
+ corenet_send_ipmi_client_packets($1)
+ corenet_receive_ipmi_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lirc_client packets.
+## Do not audit attempts to send and receive ipmi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35769,14 +36212,14 @@ interface(`corenet_sendrecv_lirc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lirc_client_packets',`
- corenet_dontaudit_send_lirc_client_packets($1)
- corenet_dontaudit_receive_lirc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipmi_client_packets',`
+ corenet_dontaudit_send_ipmi_client_packets($1)
+ corenet_dontaudit_receive_ipmi_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to lirc_client the packet type.
+## Relabel packets to ipmi_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -35784,18 +36227,18 @@ interface(`corenet_dontaudit_sendrecv_lirc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lirc_client_packets',`
+interface(`corenet_relabelto_ipmi_client_packets',`
gen_require(`
- type lirc_client_packet_t;
+ type ipmi_client_packet_t;
')
- allow $1 lirc_client_packet_t:packet relabelto;
+ allow $1 ipmi_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send lirc_server packets.
+## Send ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35804,17 +36247,17 @@ interface(`corenet_relabelto_lirc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lirc_server_packets',`
+interface(`corenet_send_ipmi_server_packets',`
gen_require(`
- type lirc_server_packet_t;
+ type ipmi_server_packet_t;
')
- allow $1 lirc_server_packet_t:packet send;
+ allow $1 ipmi_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lirc_server packets.
+## Do not audit attempts to send ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35823,17 +36266,17 @@ interface(`corenet_send_lirc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lirc_server_packets',`
+interface(`corenet_dontaudit_send_ipmi_server_packets',`
gen_require(`
- type lirc_server_packet_t;
+ type ipmi_server_packet_t;
')
- dontaudit $1 lirc_server_packet_t:packet send;
+ dontaudit $1 ipmi_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive lirc_server packets.
+## Receive ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35842,17 +36285,17 @@ interface(`corenet_dontaudit_send_lirc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lirc_server_packets',`
+interface(`corenet_receive_ipmi_server_packets',`
gen_require(`
- type lirc_server_packet_t;
+ type ipmi_server_packet_t;
')
- allow $1 lirc_server_packet_t:packet recv;
+ allow $1 ipmi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lirc_server packets.
+## Do not audit attempts to receive ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35861,17 +36304,17 @@ interface(`corenet_receive_lirc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lirc_server_packets',`
+interface(`corenet_dontaudit_receive_ipmi_server_packets',`
gen_require(`
- type lirc_server_packet_t;
+ type ipmi_server_packet_t;
')
- dontaudit $1 lirc_server_packet_t:packet recv;
+ dontaudit $1 ipmi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lirc_server packets.
+## Send and receive ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35880,14 +36323,14 @@ interface(`corenet_dontaudit_receive_lirc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lirc_server_packets',`
- corenet_send_lirc_server_packets($1)
- corenet_receive_lirc_server_packets($1)
+interface(`corenet_sendrecv_ipmi_server_packets',`
+ corenet_send_ipmi_server_packets($1)
+ corenet_receive_ipmi_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lirc_server packets.
+## Do not audit attempts to send and receive ipmi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -35896,14 +36339,14 @@ interface(`corenet_sendrecv_lirc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lirc_server_packets',`
- corenet_dontaudit_send_lirc_server_packets($1)
- corenet_dontaudit_receive_lirc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipmi_server_packets',`
+ corenet_dontaudit_send_ipmi_server_packets($1)
+ corenet_dontaudit_receive_ipmi_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to lirc_server the packet type.
+## Relabel packets to ipmi_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -35911,12 +36354,12 @@ interface(`corenet_dontaudit_sendrecv_lirc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lirc_server_packets',`
+interface(`corenet_relabelto_ipmi_server_packets',`
gen_require(`
- type lirc_server_packet_t;
+ type ipmi_server_packet_t;
')
- allow $1 lirc_server_packet_t:packet relabelto;
+ allow $1 ipmi_server_packet_t:packet relabelto;
')
@@ -35924,7 +36367,7 @@ interface(`corenet_relabelto_lirc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the lmtp port.
+## Send and receive TCP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -35933,17 +36376,17 @@ interface(`corenet_relabelto_lirc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_lmtp_port',`
+interface(`corenet_tcp_sendrecv_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ipp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the lmtp port.
+## Send UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -35952,17 +36395,17 @@ interface(`corenet_tcp_sendrecv_lmtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_lmtp_port',`
+interface(`corenet_udp_send_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:udp_socket send_msg;
+ allow $1 ipp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the lmtp port.
+## Do not audit attempts to send UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -35971,17 +36414,17 @@ interface(`corenet_udp_send_lmtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_lmtp_port',`
+interface(`corenet_dontaudit_udp_send_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- dontaudit $1 lmtp_port_t:udp_socket send_msg;
+ dontaudit $1 ipp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the lmtp port.
+## Receive UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -35990,17 +36433,17 @@ interface(`corenet_dontaudit_udp_send_lmtp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_lmtp_port',`
+interface(`corenet_udp_receive_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:udp_socket recv_msg;
+ allow $1 ipp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the lmtp port.
+## Do not audit attempts to receive UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36009,17 +36452,17 @@ interface(`corenet_udp_receive_lmtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_lmtp_port',`
+interface(`corenet_dontaudit_udp_receive_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- dontaudit $1 lmtp_port_t:udp_socket recv_msg;
+ dontaudit $1 ipp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the lmtp port.
+## Send and receive UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36028,15 +36471,15 @@ interface(`corenet_dontaudit_udp_receive_lmtp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_lmtp_port',`
- corenet_udp_send_lmtp_port($1)
- corenet_udp_receive_lmtp_port($1)
+interface(`corenet_udp_sendrecv_ipp_port',`
+ corenet_udp_send_ipp_port($1)
+ corenet_udp_receive_ipp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the lmtp port.
+## UDP traffic on the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36045,14 +36488,14 @@ interface(`corenet_udp_sendrecv_lmtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_lmtp_port',`
- corenet_dontaudit_udp_send_lmtp_port($1)
- corenet_dontaudit_udp_receive_lmtp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ipp_port',`
+ corenet_dontaudit_udp_send_ipp_port($1)
+ corenet_dontaudit_udp_receive_ipp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the lmtp port.
+## Bind TCP sockets to the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36061,18 +36504,18 @@ interface(`corenet_dontaudit_udp_sendrecv_lmtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_lmtp_port',`
+interface(`corenet_tcp_bind_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:tcp_socket name_bind;
+ allow $1 ipp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the lmtp port.
+## Bind UDP sockets to the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36081,18 +36524,18 @@ interface(`corenet_tcp_bind_lmtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_lmtp_port',`
+interface(`corenet_udp_bind_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:udp_socket name_bind;
+ allow $1 ipp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the lmtp port.
+## Make a TCP connection to the ipp port.
## </summary>
## <param name="domain">
## <summary>
@@ -36100,18 +36543,18 @@ interface(`corenet_udp_bind_lmtp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_lmtp_port',`
+interface(`corenet_tcp_connect_ipp_port',`
gen_require(`
- type lmtp_port_t;
+ type ipp_port_t;
')
- allow $1 lmtp_port_t:tcp_socket name_connect;
+ allow $1 ipp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send lmtp_client packets.
+## Send ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36120,17 +36563,17 @@ interface(`corenet_tcp_connect_lmtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lmtp_client_packets',`
+interface(`corenet_send_ipp_client_packets',`
gen_require(`
- type lmtp_client_packet_t;
+ type ipp_client_packet_t;
')
- allow $1 lmtp_client_packet_t:packet send;
+ allow $1 ipp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lmtp_client packets.
+## Do not audit attempts to send ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36139,17 +36582,17 @@ interface(`corenet_send_lmtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lmtp_client_packets',`
+interface(`corenet_dontaudit_send_ipp_client_packets',`
gen_require(`
- type lmtp_client_packet_t;
+ type ipp_client_packet_t;
')
- dontaudit $1 lmtp_client_packet_t:packet send;
+ dontaudit $1 ipp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive lmtp_client packets.
+## Receive ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36158,17 +36601,17 @@ interface(`corenet_dontaudit_send_lmtp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lmtp_client_packets',`
+interface(`corenet_receive_ipp_client_packets',`
gen_require(`
- type lmtp_client_packet_t;
+ type ipp_client_packet_t;
')
- allow $1 lmtp_client_packet_t:packet recv;
+ allow $1 ipp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lmtp_client packets.
+## Do not audit attempts to receive ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36177,17 +36620,17 @@ interface(`corenet_receive_lmtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lmtp_client_packets',`
+interface(`corenet_dontaudit_receive_ipp_client_packets',`
gen_require(`
- type lmtp_client_packet_t;
+ type ipp_client_packet_t;
')
- dontaudit $1 lmtp_client_packet_t:packet recv;
+ dontaudit $1 ipp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lmtp_client packets.
+## Send and receive ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36196,14 +36639,14 @@ interface(`corenet_dontaudit_receive_lmtp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lmtp_client_packets',`
- corenet_send_lmtp_client_packets($1)
- corenet_receive_lmtp_client_packets($1)
+interface(`corenet_sendrecv_ipp_client_packets',`
+ corenet_send_ipp_client_packets($1)
+ corenet_receive_ipp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lmtp_client packets.
+## Do not audit attempts to send and receive ipp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36212,14 +36655,14 @@ interface(`corenet_sendrecv_lmtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lmtp_client_packets',`
- corenet_dontaudit_send_lmtp_client_packets($1)
- corenet_dontaudit_receive_lmtp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipp_client_packets',`
+ corenet_dontaudit_send_ipp_client_packets($1)
+ corenet_dontaudit_receive_ipp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to lmtp_client the packet type.
+## Relabel packets to ipp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -36227,18 +36670,18 @@ interface(`corenet_dontaudit_sendrecv_lmtp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lmtp_client_packets',`
+interface(`corenet_relabelto_ipp_client_packets',`
gen_require(`
- type lmtp_client_packet_t;
+ type ipp_client_packet_t;
')
- allow $1 lmtp_client_packet_t:packet relabelto;
+ allow $1 ipp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send lmtp_server packets.
+## Send ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36247,17 +36690,17 @@ interface(`corenet_relabelto_lmtp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lmtp_server_packets',`
+interface(`corenet_send_ipp_server_packets',`
gen_require(`
- type lmtp_server_packet_t;
+ type ipp_server_packet_t;
')
- allow $1 lmtp_server_packet_t:packet send;
+ allow $1 ipp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lmtp_server packets.
+## Do not audit attempts to send ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36266,17 +36709,17 @@ interface(`corenet_send_lmtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lmtp_server_packets',`
+interface(`corenet_dontaudit_send_ipp_server_packets',`
gen_require(`
- type lmtp_server_packet_t;
+ type ipp_server_packet_t;
')
- dontaudit $1 lmtp_server_packet_t:packet send;
+ dontaudit $1 ipp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive lmtp_server packets.
+## Receive ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36285,17 +36728,17 @@ interface(`corenet_dontaudit_send_lmtp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lmtp_server_packets',`
+interface(`corenet_receive_ipp_server_packets',`
gen_require(`
- type lmtp_server_packet_t;
+ type ipp_server_packet_t;
')
- allow $1 lmtp_server_packet_t:packet recv;
+ allow $1 ipp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lmtp_server packets.
+## Do not audit attempts to receive ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36304,17 +36747,17 @@ interface(`corenet_receive_lmtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lmtp_server_packets',`
+interface(`corenet_dontaudit_receive_ipp_server_packets',`
gen_require(`
- type lmtp_server_packet_t;
+ type ipp_server_packet_t;
')
- dontaudit $1 lmtp_server_packet_t:packet recv;
+ dontaudit $1 ipp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lmtp_server packets.
+## Send and receive ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36323,14 +36766,14 @@ interface(`corenet_dontaudit_receive_lmtp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lmtp_server_packets',`
- corenet_send_lmtp_server_packets($1)
- corenet_receive_lmtp_server_packets($1)
+interface(`corenet_sendrecv_ipp_server_packets',`
+ corenet_send_ipp_server_packets($1)
+ corenet_receive_ipp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lmtp_server packets.
+## Do not audit attempts to send and receive ipp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36339,14 +36782,14 @@ interface(`corenet_sendrecv_lmtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lmtp_server_packets',`
- corenet_dontaudit_send_lmtp_server_packets($1)
- corenet_dontaudit_receive_lmtp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipp_server_packets',`
+ corenet_dontaudit_send_ipp_server_packets($1)
+ corenet_dontaudit_receive_ipp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to lmtp_server the packet type.
+## Relabel packets to ipp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -36354,12 +36797,12 @@ interface(`corenet_dontaudit_sendrecv_lmtp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lmtp_server_packets',`
+interface(`corenet_relabelto_ipp_server_packets',`
gen_require(`
- type lmtp_server_packet_t;
+ type ipp_server_packet_t;
')
- allow $1 lmtp_server_packet_t:packet relabelto;
+ allow $1 ipp_server_packet_t:packet relabelto;
')
@@ -36367,7 +36810,7 @@ interface(`corenet_relabelto_lmtp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the lrrd port.
+## Send and receive TCP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36376,17 +36819,17 @@ interface(`corenet_relabelto_lmtp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_lrrd_port',`
+interface(`corenet_tcp_sendrecv_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ipsecnat_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the lrrd port.
+## Send UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36395,17 +36838,17 @@ interface(`corenet_tcp_sendrecv_lrrd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_lrrd_port',`
+interface(`corenet_udp_send_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:udp_socket send_msg;
+ allow $1 ipsecnat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the lrrd port.
+## Do not audit attempts to send UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36414,17 +36857,17 @@ interface(`corenet_udp_send_lrrd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_lrrd_port',`
+interface(`corenet_dontaudit_udp_send_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- dontaudit $1 lrrd_port_t:udp_socket send_msg;
+ dontaudit $1 ipsecnat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the lrrd port.
+## Receive UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36433,17 +36876,17 @@ interface(`corenet_dontaudit_udp_send_lrrd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_lrrd_port',`
+interface(`corenet_udp_receive_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:udp_socket recv_msg;
+ allow $1 ipsecnat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the lrrd port.
+## Do not audit attempts to receive UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36452,17 +36895,17 @@ interface(`corenet_udp_receive_lrrd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_lrrd_port',`
+interface(`corenet_dontaudit_udp_receive_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- dontaudit $1 lrrd_port_t:udp_socket recv_msg;
+ dontaudit $1 ipsecnat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the lrrd port.
+## Send and receive UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36471,15 +36914,15 @@ interface(`corenet_dontaudit_udp_receive_lrrd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_lrrd_port',`
- corenet_udp_send_lrrd_port($1)
- corenet_udp_receive_lrrd_port($1)
-')
+interface(`corenet_udp_sendrecv_ipsecnat_port',`
+ corenet_udp_send_ipsecnat_port($1)
+ corenet_udp_receive_ipsecnat_port($1)
+')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the lrrd port.
+## UDP traffic on the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36488,14 +36931,14 @@ interface(`corenet_udp_sendrecv_lrrd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_lrrd_port',`
- corenet_dontaudit_udp_send_lrrd_port($1)
- corenet_dontaudit_udp_receive_lrrd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ipsecnat_port',`
+ corenet_dontaudit_udp_send_ipsecnat_port($1)
+ corenet_dontaudit_udp_receive_ipsecnat_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the lrrd port.
+## Bind TCP sockets to the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36504,18 +36947,18 @@ interface(`corenet_dontaudit_udp_sendrecv_lrrd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_lrrd_port',`
+interface(`corenet_tcp_bind_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:tcp_socket name_bind;
+ allow $1 ipsecnat_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the lrrd port.
+## Bind UDP sockets to the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36524,18 +36967,18 @@ interface(`corenet_tcp_bind_lrrd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_lrrd_port',`
+interface(`corenet_udp_bind_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:udp_socket name_bind;
+ allow $1 ipsecnat_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the lrrd port.
+## Make a TCP connection to the ipsecnat port.
## </summary>
## <param name="domain">
## <summary>
@@ -36543,18 +36986,18 @@ interface(`corenet_udp_bind_lrrd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_lrrd_port',`
+interface(`corenet_tcp_connect_ipsecnat_port',`
gen_require(`
- type lrrd_port_t;
+ type ipsecnat_port_t;
')
- allow $1 lrrd_port_t:tcp_socket name_connect;
+ allow $1 ipsecnat_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send lrrd_client packets.
+## Send ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36563,17 +37006,17 @@ interface(`corenet_tcp_connect_lrrd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lrrd_client_packets',`
+interface(`corenet_send_ipsecnat_client_packets',`
gen_require(`
- type lrrd_client_packet_t;
+ type ipsecnat_client_packet_t;
')
- allow $1 lrrd_client_packet_t:packet send;
+ allow $1 ipsecnat_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lrrd_client packets.
+## Do not audit attempts to send ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36582,17 +37025,17 @@ interface(`corenet_send_lrrd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lrrd_client_packets',`
+interface(`corenet_dontaudit_send_ipsecnat_client_packets',`
gen_require(`
- type lrrd_client_packet_t;
+ type ipsecnat_client_packet_t;
')
- dontaudit $1 lrrd_client_packet_t:packet send;
+ dontaudit $1 ipsecnat_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive lrrd_client packets.
+## Receive ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36601,17 +37044,17 @@ interface(`corenet_dontaudit_send_lrrd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lrrd_client_packets',`
+interface(`corenet_receive_ipsecnat_client_packets',`
gen_require(`
- type lrrd_client_packet_t;
+ type ipsecnat_client_packet_t;
')
- allow $1 lrrd_client_packet_t:packet recv;
+ allow $1 ipsecnat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lrrd_client packets.
+## Do not audit attempts to receive ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36620,17 +37063,17 @@ interface(`corenet_receive_lrrd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lrrd_client_packets',`
+interface(`corenet_dontaudit_receive_ipsecnat_client_packets',`
gen_require(`
- type lrrd_client_packet_t;
+ type ipsecnat_client_packet_t;
')
- dontaudit $1 lrrd_client_packet_t:packet recv;
+ dontaudit $1 ipsecnat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lrrd_client packets.
+## Send and receive ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36639,14 +37082,14 @@ interface(`corenet_dontaudit_receive_lrrd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lrrd_client_packets',`
- corenet_send_lrrd_client_packets($1)
- corenet_receive_lrrd_client_packets($1)
+interface(`corenet_sendrecv_ipsecnat_client_packets',`
+ corenet_send_ipsecnat_client_packets($1)
+ corenet_receive_ipsecnat_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lrrd_client packets.
+## Do not audit attempts to send and receive ipsecnat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36655,14 +37098,14 @@ interface(`corenet_sendrecv_lrrd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lrrd_client_packets',`
- corenet_dontaudit_send_lrrd_client_packets($1)
- corenet_dontaudit_receive_lrrd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipsecnat_client_packets',`
+ corenet_dontaudit_send_ipsecnat_client_packets($1)
+ corenet_dontaudit_receive_ipsecnat_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to lrrd_client the packet type.
+## Relabel packets to ipsecnat_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -36670,18 +37113,18 @@ interface(`corenet_dontaudit_sendrecv_lrrd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lrrd_client_packets',`
+interface(`corenet_relabelto_ipsecnat_client_packets',`
gen_require(`
- type lrrd_client_packet_t;
+ type ipsecnat_client_packet_t;
')
- allow $1 lrrd_client_packet_t:packet relabelto;
+ allow $1 ipsecnat_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send lrrd_server packets.
+## Send ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36690,17 +37133,17 @@ interface(`corenet_relabelto_lrrd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_lrrd_server_packets',`
+interface(`corenet_send_ipsecnat_server_packets',`
gen_require(`
- type lrrd_server_packet_t;
+ type ipsecnat_server_packet_t;
')
- allow $1 lrrd_server_packet_t:packet send;
+ allow $1 ipsecnat_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send lrrd_server packets.
+## Do not audit attempts to send ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36709,17 +37152,17 @@ interface(`corenet_send_lrrd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_lrrd_server_packets',`
+interface(`corenet_dontaudit_send_ipsecnat_server_packets',`
gen_require(`
- type lrrd_server_packet_t;
+ type ipsecnat_server_packet_t;
')
- dontaudit $1 lrrd_server_packet_t:packet send;
+ dontaudit $1 ipsecnat_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive lrrd_server packets.
+## Receive ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36728,17 +37171,17 @@ interface(`corenet_dontaudit_send_lrrd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_lrrd_server_packets',`
+interface(`corenet_receive_ipsecnat_server_packets',`
gen_require(`
- type lrrd_server_packet_t;
+ type ipsecnat_server_packet_t;
')
- allow $1 lrrd_server_packet_t:packet recv;
+ allow $1 ipsecnat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive lrrd_server packets.
+## Do not audit attempts to receive ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36747,17 +37190,17 @@ interface(`corenet_receive_lrrd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_lrrd_server_packets',`
+interface(`corenet_dontaudit_receive_ipsecnat_server_packets',`
gen_require(`
- type lrrd_server_packet_t;
+ type ipsecnat_server_packet_t;
')
- dontaudit $1 lrrd_server_packet_t:packet recv;
+ dontaudit $1 ipsecnat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive lrrd_server packets.
+## Send and receive ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36766,14 +37209,14 @@ interface(`corenet_dontaudit_receive_lrrd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_lrrd_server_packets',`
- corenet_send_lrrd_server_packets($1)
- corenet_receive_lrrd_server_packets($1)
+interface(`corenet_sendrecv_ipsecnat_server_packets',`
+ corenet_send_ipsecnat_server_packets($1)
+ corenet_receive_ipsecnat_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive lrrd_server packets.
+## Do not audit attempts to send and receive ipsecnat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -36782,14 +37225,14 @@ interface(`corenet_sendrecv_lrrd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_lrrd_server_packets',`
- corenet_dontaudit_send_lrrd_server_packets($1)
- corenet_dontaudit_receive_lrrd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ipsecnat_server_packets',`
+ corenet_dontaudit_send_ipsecnat_server_packets($1)
+ corenet_dontaudit_receive_ipsecnat_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to lrrd_server the packet type.
+## Relabel packets to ipsecnat_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -36797,20 +37240,20 @@ interface(`corenet_dontaudit_sendrecv_lrrd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_lrrd_server_packets',`
+interface(`corenet_relabelto_ipsecnat_server_packets',`
gen_require(`
- type lrrd_server_packet_t;
+ type ipsecnat_server_packet_t;
')
- allow $1 lrrd_server_packet_t:packet relabelto;
+ allow $1 ipsecnat_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the mail port.
+## Send and receive TCP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36819,17 +37262,17 @@ interface(`corenet_relabelto_lrrd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mail_port',`
+interface(`corenet_tcp_sendrecv_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ircd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mail port.
+## Send UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36838,17 +37281,17 @@ interface(`corenet_tcp_sendrecv_mail_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mail_port',`
+interface(`corenet_udp_send_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:udp_socket send_msg;
+ allow $1 ircd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mail port.
+## Do not audit attempts to send UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36857,17 +37300,17 @@ interface(`corenet_udp_send_mail_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mail_port',`
+interface(`corenet_dontaudit_udp_send_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- dontaudit $1 mail_port_t:udp_socket send_msg;
+ dontaudit $1 ircd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mail port.
+## Receive UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36876,17 +37319,17 @@ interface(`corenet_dontaudit_udp_send_mail_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mail_port',`
+interface(`corenet_udp_receive_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:udp_socket recv_msg;
+ allow $1 ircd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mail port.
+## Do not audit attempts to receive UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36895,17 +37338,17 @@ interface(`corenet_udp_receive_mail_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mail_port',`
+interface(`corenet_dontaudit_udp_receive_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- dontaudit $1 mail_port_t:udp_socket recv_msg;
+ dontaudit $1 ircd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mail port.
+## Send and receive UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36914,15 +37357,15 @@ interface(`corenet_dontaudit_udp_receive_mail_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mail_port',`
- corenet_udp_send_mail_port($1)
- corenet_udp_receive_mail_port($1)
+interface(`corenet_udp_sendrecv_ircd_port',`
+ corenet_udp_send_ircd_port($1)
+ corenet_udp_receive_ircd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mail port.
+## UDP traffic on the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36931,14 +37374,14 @@ interface(`corenet_udp_sendrecv_mail_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mail_port',`
- corenet_dontaudit_udp_send_mail_port($1)
- corenet_dontaudit_udp_receive_mail_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ircd_port',`
+ corenet_dontaudit_udp_send_ircd_port($1)
+ corenet_dontaudit_udp_receive_ircd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mail port.
+## Bind TCP sockets to the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36947,18 +37390,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mail_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mail_port',`
+interface(`corenet_tcp_bind_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:tcp_socket name_bind;
+ allow $1 ircd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mail port.
+## Bind UDP sockets to the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36967,18 +37410,18 @@ interface(`corenet_tcp_bind_mail_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mail_port',`
+interface(`corenet_udp_bind_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:udp_socket name_bind;
+ allow $1 ircd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mail port.
+## Make a TCP connection to the ircd port.
## </summary>
## <param name="domain">
## <summary>
@@ -36986,18 +37429,18 @@ interface(`corenet_udp_bind_mail_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mail_port',`
+interface(`corenet_tcp_connect_ircd_port',`
gen_require(`
- type mail_port_t;
+ type ircd_port_t;
')
- allow $1 mail_port_t:tcp_socket name_connect;
+ allow $1 ircd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mail_client packets.
+## Send ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37006,17 +37449,17 @@ interface(`corenet_tcp_connect_mail_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mail_client_packets',`
+interface(`corenet_send_ircd_client_packets',`
gen_require(`
- type mail_client_packet_t;
+ type ircd_client_packet_t;
')
- allow $1 mail_client_packet_t:packet send;
+ allow $1 ircd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mail_client packets.
+## Do not audit attempts to send ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37025,17 +37468,17 @@ interface(`corenet_send_mail_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mail_client_packets',`
+interface(`corenet_dontaudit_send_ircd_client_packets',`
gen_require(`
- type mail_client_packet_t;
+ type ircd_client_packet_t;
')
- dontaudit $1 mail_client_packet_t:packet send;
+ dontaudit $1 ircd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mail_client packets.
+## Receive ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37044,17 +37487,17 @@ interface(`corenet_dontaudit_send_mail_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mail_client_packets',`
+interface(`corenet_receive_ircd_client_packets',`
gen_require(`
- type mail_client_packet_t;
+ type ircd_client_packet_t;
')
- allow $1 mail_client_packet_t:packet recv;
+ allow $1 ircd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mail_client packets.
+## Do not audit attempts to receive ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37063,17 +37506,17 @@ interface(`corenet_receive_mail_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mail_client_packets',`
+interface(`corenet_dontaudit_receive_ircd_client_packets',`
gen_require(`
- type mail_client_packet_t;
+ type ircd_client_packet_t;
')
- dontaudit $1 mail_client_packet_t:packet recv;
+ dontaudit $1 ircd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mail_client packets.
+## Send and receive ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37082,14 +37525,14 @@ interface(`corenet_dontaudit_receive_mail_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mail_client_packets',`
- corenet_send_mail_client_packets($1)
- corenet_receive_mail_client_packets($1)
+interface(`corenet_sendrecv_ircd_client_packets',`
+ corenet_send_ircd_client_packets($1)
+ corenet_receive_ircd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mail_client packets.
+## Do not audit attempts to send and receive ircd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37098,14 +37541,14 @@ interface(`corenet_sendrecv_mail_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mail_client_packets',`
- corenet_dontaudit_send_mail_client_packets($1)
- corenet_dontaudit_receive_mail_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ircd_client_packets',`
+ corenet_dontaudit_send_ircd_client_packets($1)
+ corenet_dontaudit_receive_ircd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mail_client the packet type.
+## Relabel packets to ircd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -37113,18 +37556,18 @@ interface(`corenet_dontaudit_sendrecv_mail_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mail_client_packets',`
+interface(`corenet_relabelto_ircd_client_packets',`
gen_require(`
- type mail_client_packet_t;
+ type ircd_client_packet_t;
')
- allow $1 mail_client_packet_t:packet relabelto;
+ allow $1 ircd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mail_server packets.
+## Send ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37133,17 +37576,17 @@ interface(`corenet_relabelto_mail_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mail_server_packets',`
+interface(`corenet_send_ircd_server_packets',`
gen_require(`
- type mail_server_packet_t;
+ type ircd_server_packet_t;
')
- allow $1 mail_server_packet_t:packet send;
+ allow $1 ircd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mail_server packets.
+## Do not audit attempts to send ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37152,17 +37595,17 @@ interface(`corenet_send_mail_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mail_server_packets',`
+interface(`corenet_dontaudit_send_ircd_server_packets',`
gen_require(`
- type mail_server_packet_t;
+ type ircd_server_packet_t;
')
- dontaudit $1 mail_server_packet_t:packet send;
+ dontaudit $1 ircd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mail_server packets.
+## Receive ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37171,17 +37614,17 @@ interface(`corenet_dontaudit_send_mail_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mail_server_packets',`
+interface(`corenet_receive_ircd_server_packets',`
gen_require(`
- type mail_server_packet_t;
+ type ircd_server_packet_t;
')
- allow $1 mail_server_packet_t:packet recv;
+ allow $1 ircd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mail_server packets.
+## Do not audit attempts to receive ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37190,17 +37633,17 @@ interface(`corenet_receive_mail_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mail_server_packets',`
+interface(`corenet_dontaudit_receive_ircd_server_packets',`
gen_require(`
- type mail_server_packet_t;
+ type ircd_server_packet_t;
')
- dontaudit $1 mail_server_packet_t:packet recv;
+ dontaudit $1 ircd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mail_server packets.
+## Send and receive ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37209,14 +37652,14 @@ interface(`corenet_dontaudit_receive_mail_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mail_server_packets',`
- corenet_send_mail_server_packets($1)
- corenet_receive_mail_server_packets($1)
+interface(`corenet_sendrecv_ircd_server_packets',`
+ corenet_send_ircd_server_packets($1)
+ corenet_receive_ircd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mail_server packets.
+## Do not audit attempts to send and receive ircd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37225,14 +37668,14 @@ interface(`corenet_sendrecv_mail_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mail_server_packets',`
- corenet_dontaudit_send_mail_server_packets($1)
- corenet_dontaudit_receive_mail_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ircd_server_packets',`
+ corenet_dontaudit_send_ircd_server_packets($1)
+ corenet_dontaudit_receive_ircd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mail_server the packet type.
+## Relabel packets to ircd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -37240,12 +37683,12 @@ interface(`corenet_dontaudit_sendrecv_mail_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mail_server_packets',`
+interface(`corenet_relabelto_ircd_server_packets',`
gen_require(`
- type mail_server_packet_t;
+ type ircd_server_packet_t;
')
- allow $1 mail_server_packet_t:packet relabelto;
+ allow $1 ircd_server_packet_t:packet relabelto;
')
@@ -37253,7 +37696,7 @@ interface(`corenet_relabelto_mail_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the matahari port.
+## Send and receive TCP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37262,17 +37705,17 @@ interface(`corenet_relabelto_mail_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_matahari_port',`
+interface(`corenet_tcp_sendrecv_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 isakmp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the matahari port.
+## Send UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37281,17 +37724,17 @@ interface(`corenet_tcp_sendrecv_matahari_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_matahari_port',`
+interface(`corenet_udp_send_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:udp_socket send_msg;
+ allow $1 isakmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the matahari port.
+## Do not audit attempts to send UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37300,17 +37743,17 @@ interface(`corenet_udp_send_matahari_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_matahari_port',`
+interface(`corenet_dontaudit_udp_send_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- dontaudit $1 matahari_port_t:udp_socket send_msg;
+ dontaudit $1 isakmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the matahari port.
+## Receive UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37319,17 +37762,17 @@ interface(`corenet_dontaudit_udp_send_matahari_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_matahari_port',`
+interface(`corenet_udp_receive_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:udp_socket recv_msg;
+ allow $1 isakmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the matahari port.
+## Do not audit attempts to receive UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37338,17 +37781,17 @@ interface(`corenet_udp_receive_matahari_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_matahari_port',`
+interface(`corenet_dontaudit_udp_receive_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- dontaudit $1 matahari_port_t:udp_socket recv_msg;
+ dontaudit $1 isakmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the matahari port.
+## Send and receive UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37357,15 +37800,15 @@ interface(`corenet_dontaudit_udp_receive_matahari_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_matahari_port',`
- corenet_udp_send_matahari_port($1)
- corenet_udp_receive_matahari_port($1)
+interface(`corenet_udp_sendrecv_isakmp_port',`
+ corenet_udp_send_isakmp_port($1)
+ corenet_udp_receive_isakmp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the matahari port.
+## UDP traffic on the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37374,14 +37817,14 @@ interface(`corenet_udp_sendrecv_matahari_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_matahari_port',`
- corenet_dontaudit_udp_send_matahari_port($1)
- corenet_dontaudit_udp_receive_matahari_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_isakmp_port',`
+ corenet_dontaudit_udp_send_isakmp_port($1)
+ corenet_dontaudit_udp_receive_isakmp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the matahari port.
+## Bind TCP sockets to the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37390,18 +37833,18 @@ interface(`corenet_dontaudit_udp_sendrecv_matahari_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_matahari_port',`
+interface(`corenet_tcp_bind_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:tcp_socket name_bind;
-
+ allow $1 isakmp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the matahari port.
+## Bind UDP sockets to the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37410,18 +37853,18 @@ interface(`corenet_tcp_bind_matahari_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_matahari_port',`
+interface(`corenet_udp_bind_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:udp_socket name_bind;
-
+ allow $1 isakmp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the matahari port.
+## Make a TCP connection to the isakmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -37429,18 +37872,18 @@ interface(`corenet_udp_bind_matahari_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_matahari_port',`
+interface(`corenet_tcp_connect_isakmp_port',`
gen_require(`
- type matahari_port_t;
+ type isakmp_port_t;
')
- allow $1 matahari_port_t:tcp_socket name_connect;
+ allow $1 isakmp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send matahari_client packets.
+## Send isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37449,17 +37892,17 @@ interface(`corenet_tcp_connect_matahari_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_matahari_client_packets',`
+interface(`corenet_send_isakmp_client_packets',`
gen_require(`
- type matahari_client_packet_t;
+ type isakmp_client_packet_t;
')
- allow $1 matahari_client_packet_t:packet send;
+ allow $1 isakmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send matahari_client packets.
+## Do not audit attempts to send isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37468,17 +37911,17 @@ interface(`corenet_send_matahari_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_matahari_client_packets',`
+interface(`corenet_dontaudit_send_isakmp_client_packets',`
gen_require(`
- type matahari_client_packet_t;
+ type isakmp_client_packet_t;
')
- dontaudit $1 matahari_client_packet_t:packet send;
+ dontaudit $1 isakmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive matahari_client packets.
+## Receive isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37487,17 +37930,17 @@ interface(`corenet_dontaudit_send_matahari_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_matahari_client_packets',`
+interface(`corenet_receive_isakmp_client_packets',`
gen_require(`
- type matahari_client_packet_t;
+ type isakmp_client_packet_t;
')
- allow $1 matahari_client_packet_t:packet recv;
+ allow $1 isakmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive matahari_client packets.
+## Do not audit attempts to receive isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37506,17 +37949,17 @@ interface(`corenet_receive_matahari_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_matahari_client_packets',`
+interface(`corenet_dontaudit_receive_isakmp_client_packets',`
gen_require(`
- type matahari_client_packet_t;
+ type isakmp_client_packet_t;
')
- dontaudit $1 matahari_client_packet_t:packet recv;
+ dontaudit $1 isakmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive matahari_client packets.
+## Send and receive isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37525,14 +37968,14 @@ interface(`corenet_dontaudit_receive_matahari_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_matahari_client_packets',`
- corenet_send_matahari_client_packets($1)
- corenet_receive_matahari_client_packets($1)
+interface(`corenet_sendrecv_isakmp_client_packets',`
+ corenet_send_isakmp_client_packets($1)
+ corenet_receive_isakmp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive matahari_client packets.
+## Do not audit attempts to send and receive isakmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37541,14 +37984,14 @@ interface(`corenet_sendrecv_matahari_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_matahari_client_packets',`
- corenet_dontaudit_send_matahari_client_packets($1)
- corenet_dontaudit_receive_matahari_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_isakmp_client_packets',`
+ corenet_dontaudit_send_isakmp_client_packets($1)
+ corenet_dontaudit_receive_isakmp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to matahari_client the packet type.
+## Relabel packets to isakmp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -37556,18 +37999,18 @@ interface(`corenet_dontaudit_sendrecv_matahari_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_matahari_client_packets',`
+interface(`corenet_relabelto_isakmp_client_packets',`
gen_require(`
- type matahari_client_packet_t;
+ type isakmp_client_packet_t;
')
- allow $1 matahari_client_packet_t:packet relabelto;
+ allow $1 isakmp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send matahari_server packets.
+## Send isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37576,17 +38019,17 @@ interface(`corenet_relabelto_matahari_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_matahari_server_packets',`
+interface(`corenet_send_isakmp_server_packets',`
gen_require(`
- type matahari_server_packet_t;
+ type isakmp_server_packet_t;
')
- allow $1 matahari_server_packet_t:packet send;
+ allow $1 isakmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send matahari_server packets.
+## Do not audit attempts to send isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37595,17 +38038,17 @@ interface(`corenet_send_matahari_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_matahari_server_packets',`
+interface(`corenet_dontaudit_send_isakmp_server_packets',`
gen_require(`
- type matahari_server_packet_t;
+ type isakmp_server_packet_t;
')
- dontaudit $1 matahari_server_packet_t:packet send;
+ dontaudit $1 isakmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive matahari_server packets.
+## Receive isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37614,17 +38057,17 @@ interface(`corenet_dontaudit_send_matahari_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_matahari_server_packets',`
+interface(`corenet_receive_isakmp_server_packets',`
gen_require(`
- type matahari_server_packet_t;
+ type isakmp_server_packet_t;
')
- allow $1 matahari_server_packet_t:packet recv;
+ allow $1 isakmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive matahari_server packets.
+## Do not audit attempts to receive isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37633,17 +38076,17 @@ interface(`corenet_receive_matahari_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_matahari_server_packets',`
+interface(`corenet_dontaudit_receive_isakmp_server_packets',`
gen_require(`
- type matahari_server_packet_t;
+ type isakmp_server_packet_t;
')
- dontaudit $1 matahari_server_packet_t:packet recv;
+ dontaudit $1 isakmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive matahari_server packets.
+## Send and receive isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37652,14 +38095,14 @@ interface(`corenet_dontaudit_receive_matahari_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_matahari_server_packets',`
- corenet_send_matahari_server_packets($1)
- corenet_receive_matahari_server_packets($1)
+interface(`corenet_sendrecv_isakmp_server_packets',`
+ corenet_send_isakmp_server_packets($1)
+ corenet_receive_isakmp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive matahari_server packets.
+## Do not audit attempts to send and receive isakmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37668,14 +38111,14 @@ interface(`corenet_sendrecv_matahari_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_matahari_server_packets',`
- corenet_dontaudit_send_matahari_server_packets($1)
- corenet_dontaudit_receive_matahari_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_isakmp_server_packets',`
+ corenet_dontaudit_send_isakmp_server_packets($1)
+ corenet_dontaudit_receive_isakmp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to matahari_server the packet type.
+## Relabel packets to isakmp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -37683,12 +38126,12 @@ interface(`corenet_dontaudit_sendrecv_matahari_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_matahari_server_packets',`
+interface(`corenet_relabelto_isakmp_server_packets',`
gen_require(`
- type matahari_server_packet_t;
+ type isakmp_server_packet_t;
')
- allow $1 matahari_server_packet_t:packet relabelto;
+ allow $1 isakmp_server_packet_t:packet relabelto;
')
@@ -37696,7 +38139,7 @@ interface(`corenet_relabelto_matahari_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the memcache port.
+## Send and receive TCP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37705,17 +38148,17 @@ interface(`corenet_relabelto_matahari_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_memcache_port',`
+interface(`corenet_tcp_sendrecv_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 iscsi_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the memcache port.
+## Send UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37724,17 +38167,17 @@ interface(`corenet_tcp_sendrecv_memcache_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_memcache_port',`
+interface(`corenet_udp_send_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:udp_socket send_msg;
+ allow $1 iscsi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the memcache port.
+## Do not audit attempts to send UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37743,17 +38186,17 @@ interface(`corenet_udp_send_memcache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_memcache_port',`
+interface(`corenet_dontaudit_udp_send_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- dontaudit $1 memcache_port_t:udp_socket send_msg;
+ dontaudit $1 iscsi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the memcache port.
+## Receive UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37762,17 +38205,17 @@ interface(`corenet_dontaudit_udp_send_memcache_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_memcache_port',`
+interface(`corenet_udp_receive_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:udp_socket recv_msg;
+ allow $1 iscsi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the memcache port.
+## Do not audit attempts to receive UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37781,17 +38224,17 @@ interface(`corenet_udp_receive_memcache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_memcache_port',`
+interface(`corenet_dontaudit_udp_receive_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- dontaudit $1 memcache_port_t:udp_socket recv_msg;
+ dontaudit $1 iscsi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the memcache port.
+## Send and receive UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37800,15 +38243,15 @@ interface(`corenet_dontaudit_udp_receive_memcache_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_memcache_port',`
- corenet_udp_send_memcache_port($1)
- corenet_udp_receive_memcache_port($1)
+interface(`corenet_udp_sendrecv_iscsi_port',`
+ corenet_udp_send_iscsi_port($1)
+ corenet_udp_receive_iscsi_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the memcache port.
+## UDP traffic on the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37817,14 +38260,14 @@ interface(`corenet_udp_sendrecv_memcache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_memcache_port',`
- corenet_dontaudit_udp_send_memcache_port($1)
- corenet_dontaudit_udp_receive_memcache_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_iscsi_port',`
+ corenet_dontaudit_udp_send_iscsi_port($1)
+ corenet_dontaudit_udp_receive_iscsi_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the memcache port.
+## Bind TCP sockets to the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37833,18 +38276,18 @@ interface(`corenet_dontaudit_udp_sendrecv_memcache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_memcache_port',`
+interface(`corenet_tcp_bind_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:tcp_socket name_bind;
+ allow $1 iscsi_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the memcache port.
+## Bind UDP sockets to the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37853,18 +38296,18 @@ interface(`corenet_tcp_bind_memcache_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_memcache_port',`
+interface(`corenet_udp_bind_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:udp_socket name_bind;
+ allow $1 iscsi_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the memcache port.
+## Make a TCP connection to the iscsi port.
## </summary>
## <param name="domain">
## <summary>
@@ -37872,18 +38315,18 @@ interface(`corenet_udp_bind_memcache_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_memcache_port',`
+interface(`corenet_tcp_connect_iscsi_port',`
gen_require(`
- type memcache_port_t;
+ type iscsi_port_t;
')
- allow $1 memcache_port_t:tcp_socket name_connect;
+ allow $1 iscsi_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send memcache_client packets.
+## Send iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37892,17 +38335,17 @@ interface(`corenet_tcp_connect_memcache_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_memcache_client_packets',`
+interface(`corenet_send_iscsi_client_packets',`
gen_require(`
- type memcache_client_packet_t;
+ type iscsi_client_packet_t;
')
- allow $1 memcache_client_packet_t:packet send;
+ allow $1 iscsi_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send memcache_client packets.
+## Do not audit attempts to send iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37911,17 +38354,17 @@ interface(`corenet_send_memcache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_memcache_client_packets',`
+interface(`corenet_dontaudit_send_iscsi_client_packets',`
gen_require(`
- type memcache_client_packet_t;
+ type iscsi_client_packet_t;
')
- dontaudit $1 memcache_client_packet_t:packet send;
+ dontaudit $1 iscsi_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive memcache_client packets.
+## Receive iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37930,17 +38373,17 @@ interface(`corenet_dontaudit_send_memcache_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_memcache_client_packets',`
+interface(`corenet_receive_iscsi_client_packets',`
gen_require(`
- type memcache_client_packet_t;
+ type iscsi_client_packet_t;
')
- allow $1 memcache_client_packet_t:packet recv;
+ allow $1 iscsi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive memcache_client packets.
+## Do not audit attempts to receive iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37949,17 +38392,17 @@ interface(`corenet_receive_memcache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_memcache_client_packets',`
+interface(`corenet_dontaudit_receive_iscsi_client_packets',`
gen_require(`
- type memcache_client_packet_t;
+ type iscsi_client_packet_t;
')
- dontaudit $1 memcache_client_packet_t:packet recv;
+ dontaudit $1 iscsi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive memcache_client packets.
+## Send and receive iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37968,14 +38411,14 @@ interface(`corenet_dontaudit_receive_memcache_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_memcache_client_packets',`
- corenet_send_memcache_client_packets($1)
- corenet_receive_memcache_client_packets($1)
+interface(`corenet_sendrecv_iscsi_client_packets',`
+ corenet_send_iscsi_client_packets($1)
+ corenet_receive_iscsi_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive memcache_client packets.
+## Do not audit attempts to send and receive iscsi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -37984,14 +38427,14 @@ interface(`corenet_sendrecv_memcache_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_memcache_client_packets',`
- corenet_dontaudit_send_memcache_client_packets($1)
- corenet_dontaudit_receive_memcache_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_iscsi_client_packets',`
+ corenet_dontaudit_send_iscsi_client_packets($1)
+ corenet_dontaudit_receive_iscsi_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to memcache_client the packet type.
+## Relabel packets to iscsi_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -37999,18 +38442,18 @@ interface(`corenet_dontaudit_sendrecv_memcache_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_memcache_client_packets',`
+interface(`corenet_relabelto_iscsi_client_packets',`
gen_require(`
- type memcache_client_packet_t;
+ type iscsi_client_packet_t;
')
- allow $1 memcache_client_packet_t:packet relabelto;
+ allow $1 iscsi_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send memcache_server packets.
+## Send iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38019,17 +38462,17 @@ interface(`corenet_relabelto_memcache_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_memcache_server_packets',`
+interface(`corenet_send_iscsi_server_packets',`
gen_require(`
- type memcache_server_packet_t;
+ type iscsi_server_packet_t;
')
- allow $1 memcache_server_packet_t:packet send;
+ allow $1 iscsi_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send memcache_server packets.
+## Do not audit attempts to send iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38038,17 +38481,17 @@ interface(`corenet_send_memcache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_memcache_server_packets',`
+interface(`corenet_dontaudit_send_iscsi_server_packets',`
gen_require(`
- type memcache_server_packet_t;
+ type iscsi_server_packet_t;
')
- dontaudit $1 memcache_server_packet_t:packet send;
+ dontaudit $1 iscsi_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive memcache_server packets.
+## Receive iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38057,17 +38500,17 @@ interface(`corenet_dontaudit_send_memcache_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_memcache_server_packets',`
+interface(`corenet_receive_iscsi_server_packets',`
gen_require(`
- type memcache_server_packet_t;
+ type iscsi_server_packet_t;
')
- allow $1 memcache_server_packet_t:packet recv;
+ allow $1 iscsi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive memcache_server packets.
+## Do not audit attempts to receive iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38076,17 +38519,17 @@ interface(`corenet_receive_memcache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_memcache_server_packets',`
+interface(`corenet_dontaudit_receive_iscsi_server_packets',`
gen_require(`
- type memcache_server_packet_t;
+ type iscsi_server_packet_t;
')
- dontaudit $1 memcache_server_packet_t:packet recv;
+ dontaudit $1 iscsi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive memcache_server packets.
+## Send and receive iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38095,14 +38538,14 @@ interface(`corenet_dontaudit_receive_memcache_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_memcache_server_packets',`
- corenet_send_memcache_server_packets($1)
- corenet_receive_memcache_server_packets($1)
+interface(`corenet_sendrecv_iscsi_server_packets',`
+ corenet_send_iscsi_server_packets($1)
+ corenet_receive_iscsi_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive memcache_server packets.
+## Do not audit attempts to send and receive iscsi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38111,14 +38554,14 @@ interface(`corenet_sendrecv_memcache_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_memcache_server_packets',`
- corenet_dontaudit_send_memcache_server_packets($1)
- corenet_dontaudit_receive_memcache_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_iscsi_server_packets',`
+ corenet_dontaudit_send_iscsi_server_packets($1)
+ corenet_dontaudit_receive_iscsi_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to memcache_server the packet type.
+## Relabel packets to iscsi_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -38126,12 +38569,12 @@ interface(`corenet_dontaudit_sendrecv_memcache_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_memcache_server_packets',`
+interface(`corenet_relabelto_iscsi_server_packets',`
gen_require(`
- type memcache_server_packet_t;
+ type iscsi_server_packet_t;
')
- allow $1 memcache_server_packet_t:packet relabelto;
+ allow $1 iscsi_server_packet_t:packet relabelto;
')
@@ -38139,7 +38582,7 @@ interface(`corenet_relabelto_memcache_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the milter port.
+## Send and receive TCP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38148,17 +38591,17 @@ interface(`corenet_relabelto_memcache_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_milter_port',`
+interface(`corenet_tcp_sendrecv_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 isns_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the milter port.
+## Send UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38167,17 +38610,17 @@ interface(`corenet_tcp_sendrecv_milter_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_milter_port',`
+interface(`corenet_udp_send_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:udp_socket send_msg;
+ allow $1 isns_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the milter port.
+## Do not audit attempts to send UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38186,17 +38629,17 @@ interface(`corenet_udp_send_milter_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_milter_port',`
+interface(`corenet_dontaudit_udp_send_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- dontaudit $1 milter_port_t:udp_socket send_msg;
+ dontaudit $1 isns_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the milter port.
+## Receive UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38205,17 +38648,17 @@ interface(`corenet_dontaudit_udp_send_milter_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_milter_port',`
+interface(`corenet_udp_receive_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:udp_socket recv_msg;
+ allow $1 isns_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the milter port.
+## Do not audit attempts to receive UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38224,17 +38667,17 @@ interface(`corenet_udp_receive_milter_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_milter_port',`
+interface(`corenet_dontaudit_udp_receive_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- dontaudit $1 milter_port_t:udp_socket recv_msg;
+ dontaudit $1 isns_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the milter port.
+## Send and receive UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38243,15 +38686,15 @@ interface(`corenet_dontaudit_udp_receive_milter_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_milter_port',`
- corenet_udp_send_milter_port($1)
- corenet_udp_receive_milter_port($1)
+interface(`corenet_udp_sendrecv_isns_port',`
+ corenet_udp_send_isns_port($1)
+ corenet_udp_receive_isns_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the milter port.
+## UDP traffic on the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38260,14 +38703,14 @@ interface(`corenet_udp_sendrecv_milter_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_milter_port',`
- corenet_dontaudit_udp_send_milter_port($1)
- corenet_dontaudit_udp_receive_milter_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_isns_port',`
+ corenet_dontaudit_udp_send_isns_port($1)
+ corenet_dontaudit_udp_receive_isns_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the milter port.
+## Bind TCP sockets to the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38276,18 +38719,18 @@ interface(`corenet_dontaudit_udp_sendrecv_milter_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_milter_port',`
+interface(`corenet_tcp_bind_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:tcp_socket name_bind;
+ allow $1 isns_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the milter port.
+## Bind UDP sockets to the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38296,18 +38739,18 @@ interface(`corenet_tcp_bind_milter_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_milter_port',`
+interface(`corenet_udp_bind_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:udp_socket name_bind;
+ allow $1 isns_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the milter port.
+## Make a TCP connection to the isns port.
## </summary>
## <param name="domain">
## <summary>
@@ -38315,18 +38758,18 @@ interface(`corenet_udp_bind_milter_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_milter_port',`
+interface(`corenet_tcp_connect_isns_port',`
gen_require(`
- type milter_port_t;
+ type isns_port_t;
')
- allow $1 milter_port_t:tcp_socket name_connect;
+ allow $1 isns_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send milter_client packets.
+## Send isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38335,17 +38778,17 @@ interface(`corenet_tcp_connect_milter_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_milter_client_packets',`
+interface(`corenet_send_isns_client_packets',`
gen_require(`
- type milter_client_packet_t;
+ type isns_client_packet_t;
')
- allow $1 milter_client_packet_t:packet send;
+ allow $1 isns_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send milter_client packets.
+## Do not audit attempts to send isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38354,17 +38797,17 @@ interface(`corenet_send_milter_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_milter_client_packets',`
+interface(`corenet_dontaudit_send_isns_client_packets',`
gen_require(`
- type milter_client_packet_t;
+ type isns_client_packet_t;
')
- dontaudit $1 milter_client_packet_t:packet send;
+ dontaudit $1 isns_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive milter_client packets.
+## Receive isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38373,17 +38816,17 @@ interface(`corenet_dontaudit_send_milter_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_milter_client_packets',`
+interface(`corenet_receive_isns_client_packets',`
gen_require(`
- type milter_client_packet_t;
+ type isns_client_packet_t;
')
- allow $1 milter_client_packet_t:packet recv;
+ allow $1 isns_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive milter_client packets.
+## Do not audit attempts to receive isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38392,17 +38835,17 @@ interface(`corenet_receive_milter_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_milter_client_packets',`
+interface(`corenet_dontaudit_receive_isns_client_packets',`
gen_require(`
- type milter_client_packet_t;
+ type isns_client_packet_t;
')
- dontaudit $1 milter_client_packet_t:packet recv;
+ dontaudit $1 isns_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive milter_client packets.
+## Send and receive isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38411,14 +38854,14 @@ interface(`corenet_dontaudit_receive_milter_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_milter_client_packets',`
- corenet_send_milter_client_packets($1)
- corenet_receive_milter_client_packets($1)
+interface(`corenet_sendrecv_isns_client_packets',`
+ corenet_send_isns_client_packets($1)
+ corenet_receive_isns_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive milter_client packets.
+## Do not audit attempts to send and receive isns_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38427,14 +38870,14 @@ interface(`corenet_sendrecv_milter_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_milter_client_packets',`
- corenet_dontaudit_send_milter_client_packets($1)
- corenet_dontaudit_receive_milter_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_isns_client_packets',`
+ corenet_dontaudit_send_isns_client_packets($1)
+ corenet_dontaudit_receive_isns_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to milter_client the packet type.
+## Relabel packets to isns_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -38442,18 +38885,18 @@ interface(`corenet_dontaudit_sendrecv_milter_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_milter_client_packets',`
+interface(`corenet_relabelto_isns_client_packets',`
gen_require(`
- type milter_client_packet_t;
+ type isns_client_packet_t;
')
- allow $1 milter_client_packet_t:packet relabelto;
+ allow $1 isns_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send milter_server packets.
+## Send isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38462,17 +38905,17 @@ interface(`corenet_relabelto_milter_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_milter_server_packets',`
+interface(`corenet_send_isns_server_packets',`
gen_require(`
- type milter_server_packet_t;
+ type isns_server_packet_t;
')
- allow $1 milter_server_packet_t:packet send;
+ allow $1 isns_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send milter_server packets.
+## Do not audit attempts to send isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38481,17 +38924,17 @@ interface(`corenet_send_milter_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_milter_server_packets',`
+interface(`corenet_dontaudit_send_isns_server_packets',`
gen_require(`
- type milter_server_packet_t;
+ type isns_server_packet_t;
')
- dontaudit $1 milter_server_packet_t:packet send;
+ dontaudit $1 isns_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive milter_server packets.
+## Receive isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38500,17 +38943,17 @@ interface(`corenet_dontaudit_send_milter_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_milter_server_packets',`
+interface(`corenet_receive_isns_server_packets',`
gen_require(`
- type milter_server_packet_t;
+ type isns_server_packet_t;
')
- allow $1 milter_server_packet_t:packet recv;
+ allow $1 isns_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive milter_server packets.
+## Do not audit attempts to receive isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38519,17 +38962,17 @@ interface(`corenet_receive_milter_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_milter_server_packets',`
+interface(`corenet_dontaudit_receive_isns_server_packets',`
gen_require(`
- type milter_server_packet_t;
+ type isns_server_packet_t;
')
- dontaudit $1 milter_server_packet_t:packet recv;
+ dontaudit $1 isns_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive milter_server packets.
+## Send and receive isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38538,14 +38981,14 @@ interface(`corenet_dontaudit_receive_milter_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_milter_server_packets',`
- corenet_send_milter_server_packets($1)
- corenet_receive_milter_server_packets($1)
+interface(`corenet_sendrecv_isns_server_packets',`
+ corenet_send_isns_server_packets($1)
+ corenet_receive_isns_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive milter_server packets.
+## Do not audit attempts to send and receive isns_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38554,14 +38997,14 @@ interface(`corenet_sendrecv_milter_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_milter_server_packets',`
- corenet_dontaudit_send_milter_server_packets($1)
- corenet_dontaudit_receive_milter_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_isns_server_packets',`
+ corenet_dontaudit_send_isns_server_packets($1)
+ corenet_dontaudit_receive_isns_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to milter_server the packet type.
+## Relabel packets to isns_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -38569,20 +39012,20 @@ interface(`corenet_dontaudit_sendrecv_milter_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_milter_server_packets',`
+interface(`corenet_relabelto_isns_server_packets',`
gen_require(`
- type milter_server_packet_t;
+ type isns_server_packet_t;
')
- allow $1 milter_server_packet_t:packet relabelto;
+ allow $1 isns_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the mmcc port.
+## Send and receive TCP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38591,17 +39034,17 @@ interface(`corenet_relabelto_milter_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mmcc_port',`
+interface(`corenet_tcp_sendrecv_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 jabber_client_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mmcc port.
+## Send UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38610,17 +39053,17 @@ interface(`corenet_tcp_sendrecv_mmcc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mmcc_port',`
+interface(`corenet_udp_send_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:udp_socket send_msg;
+ allow $1 jabber_client_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mmcc port.
+## Do not audit attempts to send UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38629,17 +39072,17 @@ interface(`corenet_udp_send_mmcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mmcc_port',`
+interface(`corenet_dontaudit_udp_send_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- dontaudit $1 mmcc_port_t:udp_socket send_msg;
+ dontaudit $1 jabber_client_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mmcc port.
+## Receive UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38648,17 +39091,17 @@ interface(`corenet_dontaudit_udp_send_mmcc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mmcc_port',`
+interface(`corenet_udp_receive_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:udp_socket recv_msg;
+ allow $1 jabber_client_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mmcc port.
+## Do not audit attempts to receive UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38667,17 +39110,17 @@ interface(`corenet_udp_receive_mmcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mmcc_port',`
+interface(`corenet_dontaudit_udp_receive_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- dontaudit $1 mmcc_port_t:udp_socket recv_msg;
+ dontaudit $1 jabber_client_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mmcc port.
+## Send and receive UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38686,15 +39129,15 @@ interface(`corenet_dontaudit_udp_receive_mmcc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mmcc_port',`
- corenet_udp_send_mmcc_port($1)
- corenet_udp_receive_mmcc_port($1)
+interface(`corenet_udp_sendrecv_jabber_client_port',`
+ corenet_udp_send_jabber_client_port($1)
+ corenet_udp_receive_jabber_client_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mmcc port.
+## UDP traffic on the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38703,14 +39146,14 @@ interface(`corenet_udp_sendrecv_mmcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mmcc_port',`
- corenet_dontaudit_udp_send_mmcc_port($1)
- corenet_dontaudit_udp_receive_mmcc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_jabber_client_port',`
+ corenet_dontaudit_udp_send_jabber_client_port($1)
+ corenet_dontaudit_udp_receive_jabber_client_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mmcc port.
+## Bind TCP sockets to the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38719,18 +39162,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mmcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mmcc_port',`
+interface(`corenet_tcp_bind_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:tcp_socket name_bind;
+ allow $1 jabber_client_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mmcc port.
+## Bind UDP sockets to the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38739,18 +39182,18 @@ interface(`corenet_tcp_bind_mmcc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mmcc_port',`
+interface(`corenet_udp_bind_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:udp_socket name_bind;
+ allow $1 jabber_client_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mmcc port.
+## Make a TCP connection to the jabber_client port.
## </summary>
## <param name="domain">
## <summary>
@@ -38758,18 +39201,18 @@ interface(`corenet_udp_bind_mmcc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mmcc_port',`
+interface(`corenet_tcp_connect_jabber_client_port',`
gen_require(`
- type mmcc_port_t;
+ type jabber_client_port_t;
')
- allow $1 mmcc_port_t:tcp_socket name_connect;
+ allow $1 jabber_client_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mmcc_client packets.
+## Send jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38778,17 +39221,17 @@ interface(`corenet_tcp_connect_mmcc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mmcc_client_packets',`
+interface(`corenet_send_jabber_client_client_packets',`
gen_require(`
- type mmcc_client_packet_t;
+ type jabber_client_client_packet_t;
')
- allow $1 mmcc_client_packet_t:packet send;
+ allow $1 jabber_client_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mmcc_client packets.
+## Do not audit attempts to send jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38797,17 +39240,17 @@ interface(`corenet_send_mmcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mmcc_client_packets',`
+interface(`corenet_dontaudit_send_jabber_client_client_packets',`
gen_require(`
- type mmcc_client_packet_t;
+ type jabber_client_client_packet_t;
')
- dontaudit $1 mmcc_client_packet_t:packet send;
+ dontaudit $1 jabber_client_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mmcc_client packets.
+## Receive jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38816,17 +39259,17 @@ interface(`corenet_dontaudit_send_mmcc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mmcc_client_packets',`
+interface(`corenet_receive_jabber_client_client_packets',`
gen_require(`
- type mmcc_client_packet_t;
+ type jabber_client_client_packet_t;
')
- allow $1 mmcc_client_packet_t:packet recv;
+ allow $1 jabber_client_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mmcc_client packets.
+## Do not audit attempts to receive jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38835,17 +39278,17 @@ interface(`corenet_receive_mmcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mmcc_client_packets',`
+interface(`corenet_dontaudit_receive_jabber_client_client_packets',`
gen_require(`
- type mmcc_client_packet_t;
+ type jabber_client_client_packet_t;
')
- dontaudit $1 mmcc_client_packet_t:packet recv;
+ dontaudit $1 jabber_client_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mmcc_client packets.
+## Send and receive jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38854,14 +39297,14 @@ interface(`corenet_dontaudit_receive_mmcc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mmcc_client_packets',`
- corenet_send_mmcc_client_packets($1)
- corenet_receive_mmcc_client_packets($1)
+interface(`corenet_sendrecv_jabber_client_client_packets',`
+ corenet_send_jabber_client_client_packets($1)
+ corenet_receive_jabber_client_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mmcc_client packets.
+## Do not audit attempts to send and receive jabber_client_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38870,14 +39313,14 @@ interface(`corenet_sendrecv_mmcc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mmcc_client_packets',`
- corenet_dontaudit_send_mmcc_client_packets($1)
- corenet_dontaudit_receive_mmcc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_jabber_client_client_packets',`
+ corenet_dontaudit_send_jabber_client_client_packets($1)
+ corenet_dontaudit_receive_jabber_client_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mmcc_client the packet type.
+## Relabel packets to jabber_client_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -38885,18 +39328,18 @@ interface(`corenet_dontaudit_sendrecv_mmcc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mmcc_client_packets',`
+interface(`corenet_relabelto_jabber_client_client_packets',`
gen_require(`
- type mmcc_client_packet_t;
+ type jabber_client_client_packet_t;
')
- allow $1 mmcc_client_packet_t:packet relabelto;
+ allow $1 jabber_client_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mmcc_server packets.
+## Send jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38905,17 +39348,17 @@ interface(`corenet_relabelto_mmcc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mmcc_server_packets',`
+interface(`corenet_send_jabber_client_server_packets',`
gen_require(`
- type mmcc_server_packet_t;
+ type jabber_client_server_packet_t;
')
- allow $1 mmcc_server_packet_t:packet send;
+ allow $1 jabber_client_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mmcc_server packets.
+## Do not audit attempts to send jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38924,17 +39367,17 @@ interface(`corenet_send_mmcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mmcc_server_packets',`
+interface(`corenet_dontaudit_send_jabber_client_server_packets',`
gen_require(`
- type mmcc_server_packet_t;
+ type jabber_client_server_packet_t;
')
- dontaudit $1 mmcc_server_packet_t:packet send;
+ dontaudit $1 jabber_client_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mmcc_server packets.
+## Receive jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38943,17 +39386,17 @@ interface(`corenet_dontaudit_send_mmcc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mmcc_server_packets',`
+interface(`corenet_receive_jabber_client_server_packets',`
gen_require(`
- type mmcc_server_packet_t;
+ type jabber_client_server_packet_t;
')
- allow $1 mmcc_server_packet_t:packet recv;
+ allow $1 jabber_client_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mmcc_server packets.
+## Do not audit attempts to receive jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38962,17 +39405,17 @@ interface(`corenet_receive_mmcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mmcc_server_packets',`
+interface(`corenet_dontaudit_receive_jabber_client_server_packets',`
gen_require(`
- type mmcc_server_packet_t;
+ type jabber_client_server_packet_t;
')
- dontaudit $1 mmcc_server_packet_t:packet recv;
+ dontaudit $1 jabber_client_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mmcc_server packets.
+## Send and receive jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38981,14 +39424,14 @@ interface(`corenet_dontaudit_receive_mmcc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mmcc_server_packets',`
- corenet_send_mmcc_server_packets($1)
- corenet_receive_mmcc_server_packets($1)
+interface(`corenet_sendrecv_jabber_client_server_packets',`
+ corenet_send_jabber_client_server_packets($1)
+ corenet_receive_jabber_client_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mmcc_server packets.
+## Do not audit attempts to send and receive jabber_client_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -38997,14 +39440,14 @@ interface(`corenet_sendrecv_mmcc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mmcc_server_packets',`
- corenet_dontaudit_send_mmcc_server_packets($1)
- corenet_dontaudit_receive_mmcc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_jabber_client_server_packets',`
+ corenet_dontaudit_send_jabber_client_server_packets($1)
+ corenet_dontaudit_receive_jabber_client_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mmcc_server the packet type.
+## Relabel packets to jabber_client_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -39012,12 +39455,12 @@ interface(`corenet_dontaudit_sendrecv_mmcc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mmcc_server_packets',`
+interface(`corenet_relabelto_jabber_client_server_packets',`
gen_require(`
- type mmcc_server_packet_t;
+ type jabber_client_server_packet_t;
')
- allow $1 mmcc_server_packet_t:packet relabelto;
+ allow $1 jabber_client_server_packet_t:packet relabelto;
')
@@ -39025,7 +39468,7 @@ interface(`corenet_relabelto_mmcc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the monopd port.
+## Send and receive TCP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39034,17 +39477,17 @@ interface(`corenet_relabelto_mmcc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_monopd_port',`
+interface(`corenet_tcp_sendrecv_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 jabber_interserver_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the monopd port.
+## Send UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39053,17 +39496,17 @@ interface(`corenet_tcp_sendrecv_monopd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_monopd_port',`
+interface(`corenet_udp_send_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:udp_socket send_msg;
+ allow $1 jabber_interserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the monopd port.
+## Do not audit attempts to send UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39072,17 +39515,17 @@ interface(`corenet_udp_send_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_monopd_port',`
+interface(`corenet_dontaudit_udp_send_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- dontaudit $1 monopd_port_t:udp_socket send_msg;
+ dontaudit $1 jabber_interserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the monopd port.
+## Receive UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39091,17 +39534,17 @@ interface(`corenet_dontaudit_udp_send_monopd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_monopd_port',`
+interface(`corenet_udp_receive_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:udp_socket recv_msg;
+ allow $1 jabber_interserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the monopd port.
+## Do not audit attempts to receive UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39110,17 +39553,17 @@ interface(`corenet_udp_receive_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_monopd_port',`
+interface(`corenet_dontaudit_udp_receive_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- dontaudit $1 monopd_port_t:udp_socket recv_msg;
+ dontaudit $1 jabber_interserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the monopd port.
+## Send and receive UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39129,15 +39572,15 @@ interface(`corenet_dontaudit_udp_receive_monopd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_monopd_port',`
- corenet_udp_send_monopd_port($1)
- corenet_udp_receive_monopd_port($1)
+interface(`corenet_udp_sendrecv_jabber_interserver_port',`
+ corenet_udp_send_jabber_interserver_port($1)
+ corenet_udp_receive_jabber_interserver_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the monopd port.
+## UDP traffic on the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39146,14 +39589,14 @@ interface(`corenet_udp_sendrecv_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
- corenet_dontaudit_udp_send_monopd_port($1)
- corenet_dontaudit_udp_receive_monopd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_jabber_interserver_port',`
+ corenet_dontaudit_udp_send_jabber_interserver_port($1)
+ corenet_dontaudit_udp_receive_jabber_interserver_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the monopd port.
+## Bind TCP sockets to the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39162,18 +39605,18 @@ interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_monopd_port',`
+interface(`corenet_tcp_bind_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:tcp_socket name_bind;
+ allow $1 jabber_interserver_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the monopd port.
+## Bind UDP sockets to the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39182,18 +39625,18 @@ interface(`corenet_tcp_bind_monopd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_monopd_port',`
+interface(`corenet_udp_bind_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:udp_socket name_bind;
+ allow $1 jabber_interserver_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the monopd port.
+## Make a TCP connection to the jabber_interserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -39201,18 +39644,18 @@ interface(`corenet_udp_bind_monopd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_monopd_port',`
+interface(`corenet_tcp_connect_jabber_interserver_port',`
gen_require(`
- type monopd_port_t;
+ type jabber_interserver_port_t;
')
- allow $1 monopd_port_t:tcp_socket name_connect;
+ allow $1 jabber_interserver_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send monopd_client packets.
+## Send jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39221,17 +39664,17 @@ interface(`corenet_tcp_connect_monopd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_monopd_client_packets',`
+interface(`corenet_send_jabber_interserver_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type jabber_interserver_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet send;
+ allow $1 jabber_interserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send monopd_client packets.
+## Do not audit attempts to send jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39240,17 +39683,17 @@ interface(`corenet_send_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_monopd_client_packets',`
+interface(`corenet_dontaudit_send_jabber_interserver_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type jabber_interserver_client_packet_t;
')
- dontaudit $1 monopd_client_packet_t:packet send;
+ dontaudit $1 jabber_interserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive monopd_client packets.
+## Receive jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39259,17 +39702,17 @@ interface(`corenet_dontaudit_send_monopd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_monopd_client_packets',`
+interface(`corenet_receive_jabber_interserver_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type jabber_interserver_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet recv;
+ allow $1 jabber_interserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive monopd_client packets.
+## Do not audit attempts to receive jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39278,17 +39721,17 @@ interface(`corenet_receive_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_monopd_client_packets',`
+interface(`corenet_dontaudit_receive_jabber_interserver_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type jabber_interserver_client_packet_t;
')
- dontaudit $1 monopd_client_packet_t:packet recv;
+ dontaudit $1 jabber_interserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive monopd_client packets.
+## Send and receive jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39297,14 +39740,14 @@ interface(`corenet_dontaudit_receive_monopd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_monopd_client_packets',`
- corenet_send_monopd_client_packets($1)
- corenet_receive_monopd_client_packets($1)
+interface(`corenet_sendrecv_jabber_interserver_client_packets',`
+ corenet_send_jabber_interserver_client_packets($1)
+ corenet_receive_jabber_interserver_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive monopd_client packets.
+## Do not audit attempts to send and receive jabber_interserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39313,14 +39756,14 @@ interface(`corenet_sendrecv_monopd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
- corenet_dontaudit_send_monopd_client_packets($1)
- corenet_dontaudit_receive_monopd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_jabber_interserver_client_packets',`
+ corenet_dontaudit_send_jabber_interserver_client_packets($1)
+ corenet_dontaudit_receive_jabber_interserver_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to monopd_client the packet type.
+## Relabel packets to jabber_interserver_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -39328,18 +39771,18 @@ interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_monopd_client_packets',`
+interface(`corenet_relabelto_jabber_interserver_client_packets',`
gen_require(`
- type monopd_client_packet_t;
+ type jabber_interserver_client_packet_t;
')
- allow $1 monopd_client_packet_t:packet relabelto;
+ allow $1 jabber_interserver_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send monopd_server packets.
+## Send jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39348,17 +39791,17 @@ interface(`corenet_relabelto_monopd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_monopd_server_packets',`
+interface(`corenet_send_jabber_interserver_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type jabber_interserver_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet send;
+ allow $1 jabber_interserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send monopd_server packets.
+## Do not audit attempts to send jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39367,17 +39810,17 @@ interface(`corenet_send_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_monopd_server_packets',`
+interface(`corenet_dontaudit_send_jabber_interserver_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type jabber_interserver_server_packet_t;
')
- dontaudit $1 monopd_server_packet_t:packet send;
+ dontaudit $1 jabber_interserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive monopd_server packets.
+## Receive jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39386,17 +39829,17 @@ interface(`corenet_dontaudit_send_monopd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_monopd_server_packets',`
+interface(`corenet_receive_jabber_interserver_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type jabber_interserver_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet recv;
+ allow $1 jabber_interserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive monopd_server packets.
+## Do not audit attempts to receive jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39405,17 +39848,17 @@ interface(`corenet_receive_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_monopd_server_packets',`
+interface(`corenet_dontaudit_receive_jabber_interserver_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type jabber_interserver_server_packet_t;
')
- dontaudit $1 monopd_server_packet_t:packet recv;
+ dontaudit $1 jabber_interserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive monopd_server packets.
+## Send and receive jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39424,14 +39867,14 @@ interface(`corenet_dontaudit_receive_monopd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_monopd_server_packets',`
- corenet_send_monopd_server_packets($1)
- corenet_receive_monopd_server_packets($1)
+interface(`corenet_sendrecv_jabber_interserver_server_packets',`
+ corenet_send_jabber_interserver_server_packets($1)
+ corenet_receive_jabber_interserver_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive monopd_server packets.
+## Do not audit attempts to send and receive jabber_interserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39440,14 +39883,14 @@ interface(`corenet_sendrecv_monopd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
- corenet_dontaudit_send_monopd_server_packets($1)
- corenet_dontaudit_receive_monopd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_jabber_interserver_server_packets',`
+ corenet_dontaudit_send_jabber_interserver_server_packets($1)
+ corenet_dontaudit_receive_jabber_interserver_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to monopd_server the packet type.
+## Relabel packets to jabber_interserver_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -39455,12 +39898,12 @@ interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_monopd_server_packets',`
+interface(`corenet_relabelto_jabber_interserver_server_packets',`
gen_require(`
- type monopd_server_packet_t;
+ type jabber_interserver_server_packet_t;
')
- allow $1 monopd_server_packet_t:packet relabelto;
+ allow $1 jabber_interserver_server_packet_t:packet relabelto;
')
@@ -39468,7 +39911,7 @@ interface(`corenet_relabelto_monopd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mpd port.
+## Send and receive TCP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39477,17 +39920,17 @@ interface(`corenet_relabelto_monopd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mpd_port',`
+interface(`corenet_tcp_sendrecv_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 jboss_iiop_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mpd port.
+## Send UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39496,17 +39939,17 @@ interface(`corenet_tcp_sendrecv_mpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mpd_port',`
+interface(`corenet_udp_send_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:udp_socket send_msg;
+ allow $1 jboss_iiop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mpd port.
+## Do not audit attempts to send UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39515,17 +39958,17 @@ interface(`corenet_udp_send_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mpd_port',`
+interface(`corenet_dontaudit_udp_send_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- dontaudit $1 mpd_port_t:udp_socket send_msg;
+ dontaudit $1 jboss_iiop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mpd port.
+## Receive UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39534,17 +39977,17 @@ interface(`corenet_dontaudit_udp_send_mpd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mpd_port',`
+interface(`corenet_udp_receive_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:udp_socket recv_msg;
+ allow $1 jboss_iiop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mpd port.
+## Do not audit attempts to receive UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39553,17 +39996,17 @@ interface(`corenet_udp_receive_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mpd_port',`
+interface(`corenet_dontaudit_udp_receive_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- dontaudit $1 mpd_port_t:udp_socket recv_msg;
+ dontaudit $1 jboss_iiop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mpd port.
+## Send and receive UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39572,15 +40015,15 @@ interface(`corenet_dontaudit_udp_receive_mpd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mpd_port',`
- corenet_udp_send_mpd_port($1)
- corenet_udp_receive_mpd_port($1)
+interface(`corenet_udp_sendrecv_jboss_iiop_port',`
+ corenet_udp_send_jboss_iiop_port($1)
+ corenet_udp_receive_jboss_iiop_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mpd port.
+## UDP traffic on the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39589,14 +40032,14 @@ interface(`corenet_udp_sendrecv_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
- corenet_dontaudit_udp_send_mpd_port($1)
- corenet_dontaudit_udp_receive_mpd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_jboss_iiop_port',`
+ corenet_dontaudit_udp_send_jboss_iiop_port($1)
+ corenet_dontaudit_udp_receive_jboss_iiop_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mpd port.
+## Bind TCP sockets to the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39605,18 +40048,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mpd_port',`
+interface(`corenet_tcp_bind_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:tcp_socket name_bind;
+ allow $1 jboss_iiop_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the mpd port.
+## Bind UDP sockets to the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39625,18 +40068,18 @@ interface(`corenet_tcp_bind_mpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mpd_port',`
+interface(`corenet_udp_bind_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:udp_socket name_bind;
+ allow $1 jboss_iiop_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the mpd port.
+## Make a TCP connection to the jboss_iiop port.
## </summary>
## <param name="domain">
## <summary>
@@ -39644,18 +40087,18 @@ interface(`corenet_udp_bind_mpd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mpd_port',`
+interface(`corenet_tcp_connect_jboss_iiop_port',`
gen_require(`
- type mpd_port_t;
+ type jboss_iiop_port_t;
')
- allow $1 mpd_port_t:tcp_socket name_connect;
+ allow $1 jboss_iiop_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mpd_client packets.
+## Send jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39664,17 +40107,17 @@ interface(`corenet_tcp_connect_mpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mpd_client_packets',`
+interface(`corenet_send_jboss_iiop_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type jboss_iiop_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet send;
+ allow $1 jboss_iiop_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mpd_client packets.
+## Do not audit attempts to send jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39683,17 +40126,17 @@ interface(`corenet_send_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mpd_client_packets',`
+interface(`corenet_dontaudit_send_jboss_iiop_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type jboss_iiop_client_packet_t;
')
- dontaudit $1 mpd_client_packet_t:packet send;
+ dontaudit $1 jboss_iiop_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mpd_client packets.
+## Receive jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39702,17 +40145,17 @@ interface(`corenet_dontaudit_send_mpd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mpd_client_packets',`
+interface(`corenet_receive_jboss_iiop_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type jboss_iiop_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet recv;
+ allow $1 jboss_iiop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mpd_client packets.
+## Do not audit attempts to receive jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39721,17 +40164,17 @@ interface(`corenet_receive_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mpd_client_packets',`
+interface(`corenet_dontaudit_receive_jboss_iiop_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type jboss_iiop_client_packet_t;
')
- dontaudit $1 mpd_client_packet_t:packet recv;
+ dontaudit $1 jboss_iiop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mpd_client packets.
+## Send and receive jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39740,14 +40183,14 @@ interface(`corenet_dontaudit_receive_mpd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mpd_client_packets',`
- corenet_send_mpd_client_packets($1)
- corenet_receive_mpd_client_packets($1)
+interface(`corenet_sendrecv_jboss_iiop_client_packets',`
+ corenet_send_jboss_iiop_client_packets($1)
+ corenet_receive_jboss_iiop_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mpd_client packets.
+## Do not audit attempts to send and receive jboss_iiop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39756,14 +40199,14 @@ interface(`corenet_sendrecv_mpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
- corenet_dontaudit_send_mpd_client_packets($1)
- corenet_dontaudit_receive_mpd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_jboss_iiop_client_packets',`
+ corenet_dontaudit_send_jboss_iiop_client_packets($1)
+ corenet_dontaudit_receive_jboss_iiop_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mpd_client the packet type.
+## Relabel packets to jboss_iiop_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -39771,18 +40214,18 @@ interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mpd_client_packets',`
+interface(`corenet_relabelto_jboss_iiop_client_packets',`
gen_require(`
- type mpd_client_packet_t;
+ type jboss_iiop_client_packet_t;
')
- allow $1 mpd_client_packet_t:packet relabelto;
+ allow $1 jboss_iiop_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mpd_server packets.
+## Send jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39791,17 +40234,17 @@ interface(`corenet_relabelto_mpd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mpd_server_packets',`
+interface(`corenet_send_jboss_iiop_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type jboss_iiop_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet send;
+ allow $1 jboss_iiop_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mpd_server packets.
+## Do not audit attempts to send jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39810,17 +40253,17 @@ interface(`corenet_send_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mpd_server_packets',`
+interface(`corenet_dontaudit_send_jboss_iiop_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type jboss_iiop_server_packet_t;
')
- dontaudit $1 mpd_server_packet_t:packet send;
+ dontaudit $1 jboss_iiop_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mpd_server packets.
+## Receive jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39829,17 +40272,17 @@ interface(`corenet_dontaudit_send_mpd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mpd_server_packets',`
+interface(`corenet_receive_jboss_iiop_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type jboss_iiop_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet recv;
+ allow $1 jboss_iiop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mpd_server packets.
+## Do not audit attempts to receive jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39848,17 +40291,17 @@ interface(`corenet_receive_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mpd_server_packets',`
+interface(`corenet_dontaudit_receive_jboss_iiop_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type jboss_iiop_server_packet_t;
')
- dontaudit $1 mpd_server_packet_t:packet recv;
+ dontaudit $1 jboss_iiop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mpd_server packets.
+## Send and receive jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39867,14 +40310,14 @@ interface(`corenet_dontaudit_receive_mpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mpd_server_packets',`
- corenet_send_mpd_server_packets($1)
- corenet_receive_mpd_server_packets($1)
+interface(`corenet_sendrecv_jboss_iiop_server_packets',`
+ corenet_send_jboss_iiop_server_packets($1)
+ corenet_receive_jboss_iiop_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mpd_server packets.
+## Do not audit attempts to send and receive jboss_iiop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -39883,14 +40326,14 @@ interface(`corenet_sendrecv_mpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
- corenet_dontaudit_send_mpd_server_packets($1)
- corenet_dontaudit_receive_mpd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_jboss_iiop_server_packets',`
+ corenet_dontaudit_send_jboss_iiop_server_packets($1)
+ corenet_dontaudit_receive_jboss_iiop_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mpd_server the packet type.
+## Relabel packets to jboss_iiop_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -39898,12 +40341,12 @@ interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mpd_server_packets',`
+interface(`corenet_relabelto_jboss_iiop_server_packets',`
gen_require(`
- type mpd_server_packet_t;
+ type jboss_iiop_server_packet_t;
')
- allow $1 mpd_server_packet_t:packet relabelto;
+ allow $1 jboss_iiop_server_packet_t:packet relabelto;
')
@@ -39911,7 +40354,7 @@ interface(`corenet_relabelto_mpd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the msnp port.
+## Send and receive TCP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -39920,17 +40363,17 @@ interface(`corenet_relabelto_mpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_msnp_port',`
+interface(`corenet_tcp_sendrecv_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 kerberos_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the msnp port.
+## Send UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -39939,17 +40382,17 @@ interface(`corenet_tcp_sendrecv_msnp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_msnp_port',`
+interface(`corenet_udp_send_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:udp_socket send_msg;
+ allow $1 kerberos_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the msnp port.
+## Do not audit attempts to send UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -39958,17 +40401,17 @@ interface(`corenet_udp_send_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_msnp_port',`
+interface(`corenet_dontaudit_udp_send_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- dontaudit $1 msnp_port_t:udp_socket send_msg;
+ dontaudit $1 kerberos_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the msnp port.
+## Receive UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -39977,17 +40420,17 @@ interface(`corenet_dontaudit_udp_send_msnp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_msnp_port',`
+interface(`corenet_udp_receive_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:udp_socket recv_msg;
+ allow $1 kerberos_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the msnp port.
+## Do not audit attempts to receive UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -39996,17 +40439,17 @@ interface(`corenet_udp_receive_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_msnp_port',`
+interface(`corenet_dontaudit_udp_receive_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- dontaudit $1 msnp_port_t:udp_socket recv_msg;
+ dontaudit $1 kerberos_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the msnp port.
+## Send and receive UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -40015,15 +40458,15 @@ interface(`corenet_dontaudit_udp_receive_msnp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_msnp_port',`
- corenet_udp_send_msnp_port($1)
- corenet_udp_receive_msnp_port($1)
+interface(`corenet_udp_sendrecv_kerberos_port',`
+ corenet_udp_send_kerberos_port($1)
+ corenet_udp_receive_kerberos_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the msnp port.
+## UDP traffic on the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -40032,14 +40475,14 @@ interface(`corenet_udp_sendrecv_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
- corenet_dontaudit_udp_send_msnp_port($1)
- corenet_dontaudit_udp_receive_msnp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_kerberos_port',`
+ corenet_dontaudit_udp_send_kerberos_port($1)
+ corenet_dontaudit_udp_receive_kerberos_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the msnp port.
+## Bind TCP sockets to the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -40048,18 +40491,18 @@ interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_msnp_port',`
+interface(`corenet_tcp_bind_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:tcp_socket name_bind;
-
+ allow $1 kerberos_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the msnp port.
+## Bind UDP sockets to the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -40068,18 +40511,18 @@ interface(`corenet_tcp_bind_msnp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_msnp_port',`
+interface(`corenet_udp_bind_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:udp_socket name_bind;
-
+ allow $1 kerberos_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the msnp port.
+## Make a TCP connection to the kerberos port.
## </summary>
## <param name="domain">
## <summary>
@@ -40087,18 +40530,18 @@ interface(`corenet_udp_bind_msnp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_msnp_port',`
+interface(`corenet_tcp_connect_kerberos_port',`
gen_require(`
- type msnp_port_t;
+ type kerberos_port_t;
')
- allow $1 msnp_port_t:tcp_socket name_connect;
+ allow $1 kerberos_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send msnp_client packets.
+## Send kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40107,17 +40550,17 @@ interface(`corenet_tcp_connect_msnp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msnp_client_packets',`
+interface(`corenet_send_kerberos_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type kerberos_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet send;
+ allow $1 kerberos_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msnp_client packets.
+## Do not audit attempts to send kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40126,17 +40569,17 @@ interface(`corenet_send_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msnp_client_packets',`
+interface(`corenet_dontaudit_send_kerberos_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type kerberos_client_packet_t;
')
- dontaudit $1 msnp_client_packet_t:packet send;
+ dontaudit $1 kerberos_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive msnp_client packets.
+## Receive kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40145,17 +40588,17 @@ interface(`corenet_dontaudit_send_msnp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msnp_client_packets',`
+interface(`corenet_receive_kerberos_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type kerberos_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet recv;
+ allow $1 kerberos_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msnp_client packets.
+## Do not audit attempts to receive kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40164,17 +40607,17 @@ interface(`corenet_receive_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msnp_client_packets',`
+interface(`corenet_dontaudit_receive_kerberos_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type kerberos_client_packet_t;
')
- dontaudit $1 msnp_client_packet_t:packet recv;
+ dontaudit $1 kerberos_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msnp_client packets.
+## Send and receive kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40183,14 +40626,14 @@ interface(`corenet_dontaudit_receive_msnp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msnp_client_packets',`
- corenet_send_msnp_client_packets($1)
- corenet_receive_msnp_client_packets($1)
+interface(`corenet_sendrecv_kerberos_client_packets',`
+ corenet_send_kerberos_client_packets($1)
+ corenet_receive_kerberos_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msnp_client packets.
+## Do not audit attempts to send and receive kerberos_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40199,14 +40642,14 @@ interface(`corenet_sendrecv_msnp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
- corenet_dontaudit_send_msnp_client_packets($1)
- corenet_dontaudit_receive_msnp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_client_packets',`
+ corenet_dontaudit_send_kerberos_client_packets($1)
+ corenet_dontaudit_receive_kerberos_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to msnp_client the packet type.
+## Relabel packets to kerberos_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -40214,18 +40657,18 @@ interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msnp_client_packets',`
+interface(`corenet_relabelto_kerberos_client_packets',`
gen_require(`
- type msnp_client_packet_t;
+ type kerberos_client_packet_t;
')
- allow $1 msnp_client_packet_t:packet relabelto;
+ allow $1 kerberos_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send msnp_server packets.
+## Send kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40234,17 +40677,17 @@ interface(`corenet_relabelto_msnp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_msnp_server_packets',`
+interface(`corenet_send_kerberos_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type kerberos_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet send;
+ allow $1 kerberos_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send msnp_server packets.
+## Do not audit attempts to send kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40253,17 +40696,17 @@ interface(`corenet_send_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_msnp_server_packets',`
+interface(`corenet_dontaudit_send_kerberos_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type kerberos_server_packet_t;
')
- dontaudit $1 msnp_server_packet_t:packet send;
+ dontaudit $1 kerberos_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive msnp_server packets.
+## Receive kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40272,17 +40715,17 @@ interface(`corenet_dontaudit_send_msnp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_msnp_server_packets',`
+interface(`corenet_receive_kerberos_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type kerberos_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet recv;
+ allow $1 kerberos_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive msnp_server packets.
+## Do not audit attempts to receive kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40291,17 +40734,17 @@ interface(`corenet_receive_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_msnp_server_packets',`
+interface(`corenet_dontaudit_receive_kerberos_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type kerberos_server_packet_t;
')
- dontaudit $1 msnp_server_packet_t:packet recv;
+ dontaudit $1 kerberos_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive msnp_server packets.
+## Send and receive kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40310,14 +40753,14 @@ interface(`corenet_dontaudit_receive_msnp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_msnp_server_packets',`
- corenet_send_msnp_server_packets($1)
- corenet_receive_msnp_server_packets($1)
+interface(`corenet_sendrecv_kerberos_server_packets',`
+ corenet_send_kerberos_server_packets($1)
+ corenet_receive_kerberos_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive msnp_server packets.
+## Do not audit attempts to send and receive kerberos_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40326,14 +40769,14 @@ interface(`corenet_sendrecv_msnp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
- corenet_dontaudit_send_msnp_server_packets($1)
- corenet_dontaudit_receive_msnp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_server_packets',`
+ corenet_dontaudit_send_kerberos_server_packets($1)
+ corenet_dontaudit_receive_kerberos_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to msnp_server the packet type.
+## Relabel packets to kerberos_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -40341,12 +40784,12 @@ interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_msnp_server_packets',`
+interface(`corenet_relabelto_kerberos_server_packets',`
gen_require(`
- type msnp_server_packet_t;
+ type kerberos_server_packet_t;
')
- allow $1 msnp_server_packet_t:packet relabelto;
+ allow $1 kerberos_server_packet_t:packet relabelto;
')
@@ -40354,7 +40797,7 @@ interface(`corenet_relabelto_msnp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mssql port.
+## Send and receive TCP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40363,17 +40806,17 @@ interface(`corenet_relabelto_msnp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mssql_port',`
+interface(`corenet_tcp_sendrecv_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 kerberos_admin_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mssql port.
+## Send UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40382,17 +40825,17 @@ interface(`corenet_tcp_sendrecv_mssql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mssql_port',`
+interface(`corenet_udp_send_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:udp_socket send_msg;
+ allow $1 kerberos_admin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mssql port.
+## Do not audit attempts to send UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40401,17 +40844,17 @@ interface(`corenet_udp_send_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mssql_port',`
+interface(`corenet_dontaudit_udp_send_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- dontaudit $1 mssql_port_t:udp_socket send_msg;
+ dontaudit $1 kerberos_admin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mssql port.
+## Receive UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40420,17 +40863,17 @@ interface(`corenet_dontaudit_udp_send_mssql_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mssql_port',`
+interface(`corenet_udp_receive_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:udp_socket recv_msg;
+ allow $1 kerberos_admin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mssql port.
+## Do not audit attempts to receive UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40439,17 +40882,17 @@ interface(`corenet_udp_receive_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mssql_port',`
+interface(`corenet_dontaudit_udp_receive_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- dontaudit $1 mssql_port_t:udp_socket recv_msg;
+ dontaudit $1 kerberos_admin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mssql port.
+## Send and receive UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40458,15 +40901,15 @@ interface(`corenet_dontaudit_udp_receive_mssql_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mssql_port',`
- corenet_udp_send_mssql_port($1)
- corenet_udp_receive_mssql_port($1)
+interface(`corenet_udp_sendrecv_kerberos_admin_port',`
+ corenet_udp_send_kerberos_admin_port($1)
+ corenet_udp_receive_kerberos_admin_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mssql port.
+## UDP traffic on the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40475,14 +40918,14 @@ interface(`corenet_udp_sendrecv_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
- corenet_dontaudit_udp_send_mssql_port($1)
- corenet_dontaudit_udp_receive_mssql_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_kerberos_admin_port',`
+ corenet_dontaudit_udp_send_kerberos_admin_port($1)
+ corenet_dontaudit_udp_receive_kerberos_admin_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mssql port.
+## Bind TCP sockets to the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40491,18 +40934,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mssql_port',`
+interface(`corenet_tcp_bind_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:tcp_socket name_bind;
+ allow $1 kerberos_admin_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the mssql port.
+## Bind UDP sockets to the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40511,18 +40954,18 @@ interface(`corenet_tcp_bind_mssql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mssql_port',`
+interface(`corenet_udp_bind_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:udp_socket name_bind;
+ allow $1 kerberos_admin_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the mssql port.
+## Make a TCP connection to the kerberos_admin port.
## </summary>
## <param name="domain">
## <summary>
@@ -40530,18 +40973,18 @@ interface(`corenet_udp_bind_mssql_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mssql_port',`
+interface(`corenet_tcp_connect_kerberos_admin_port',`
gen_require(`
- type mssql_port_t;
+ type kerberos_admin_port_t;
')
- allow $1 mssql_port_t:tcp_socket name_connect;
+ allow $1 kerberos_admin_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mssql_client packets.
+## Send kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40550,17 +40993,17 @@ interface(`corenet_tcp_connect_mssql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mssql_client_packets',`
+interface(`corenet_send_kerberos_admin_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type kerberos_admin_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet send;
+ allow $1 kerberos_admin_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mssql_client packets.
+## Do not audit attempts to send kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40569,17 +41012,17 @@ interface(`corenet_send_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mssql_client_packets',`
+interface(`corenet_dontaudit_send_kerberos_admin_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type kerberos_admin_client_packet_t;
')
- dontaudit $1 mssql_client_packet_t:packet send;
+ dontaudit $1 kerberos_admin_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mssql_client packets.
+## Receive kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40588,17 +41031,17 @@ interface(`corenet_dontaudit_send_mssql_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mssql_client_packets',`
+interface(`corenet_receive_kerberos_admin_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type kerberos_admin_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet recv;
+ allow $1 kerberos_admin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mssql_client packets.
+## Do not audit attempts to receive kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40607,17 +41050,17 @@ interface(`corenet_receive_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mssql_client_packets',`
+interface(`corenet_dontaudit_receive_kerberos_admin_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type kerberos_admin_client_packet_t;
')
- dontaudit $1 mssql_client_packet_t:packet recv;
+ dontaudit $1 kerberos_admin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mssql_client packets.
+## Send and receive kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40626,14 +41069,14 @@ interface(`corenet_dontaudit_receive_mssql_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mssql_client_packets',`
- corenet_send_mssql_client_packets($1)
- corenet_receive_mssql_client_packets($1)
+interface(`corenet_sendrecv_kerberos_admin_client_packets',`
+ corenet_send_kerberos_admin_client_packets($1)
+ corenet_receive_kerberos_admin_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mssql_client packets.
+## Do not audit attempts to send and receive kerberos_admin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40642,14 +41085,14 @@ interface(`corenet_sendrecv_mssql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
- corenet_dontaudit_send_mssql_client_packets($1)
- corenet_dontaudit_receive_mssql_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_admin_client_packets',`
+ corenet_dontaudit_send_kerberos_admin_client_packets($1)
+ corenet_dontaudit_receive_kerberos_admin_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mssql_client the packet type.
+## Relabel packets to kerberos_admin_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -40657,18 +41100,18 @@ interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mssql_client_packets',`
+interface(`corenet_relabelto_kerberos_admin_client_packets',`
gen_require(`
- type mssql_client_packet_t;
+ type kerberos_admin_client_packet_t;
')
- allow $1 mssql_client_packet_t:packet relabelto;
+ allow $1 kerberos_admin_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mssql_server packets.
+## Send kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40677,17 +41120,17 @@ interface(`corenet_relabelto_mssql_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mssql_server_packets',`
+interface(`corenet_send_kerberos_admin_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type kerberos_admin_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet send;
+ allow $1 kerberos_admin_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mssql_server packets.
+## Do not audit attempts to send kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40696,17 +41139,17 @@ interface(`corenet_send_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mssql_server_packets',`
+interface(`corenet_dontaudit_send_kerberos_admin_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type kerberos_admin_server_packet_t;
')
- dontaudit $1 mssql_server_packet_t:packet send;
+ dontaudit $1 kerberos_admin_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mssql_server packets.
+## Receive kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40715,17 +41158,17 @@ interface(`corenet_dontaudit_send_mssql_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mssql_server_packets',`
+interface(`corenet_receive_kerberos_admin_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type kerberos_admin_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet recv;
+ allow $1 kerberos_admin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mssql_server packets.
+## Do not audit attempts to receive kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40734,17 +41177,17 @@ interface(`corenet_receive_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mssql_server_packets',`
+interface(`corenet_dontaudit_receive_kerberos_admin_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type kerberos_admin_server_packet_t;
')
- dontaudit $1 mssql_server_packet_t:packet recv;
+ dontaudit $1 kerberos_admin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mssql_server packets.
+## Send and receive kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40753,14 +41196,14 @@ interface(`corenet_dontaudit_receive_mssql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mssql_server_packets',`
- corenet_send_mssql_server_packets($1)
- corenet_receive_mssql_server_packets($1)
+interface(`corenet_sendrecv_kerberos_admin_server_packets',`
+ corenet_send_kerberos_admin_server_packets($1)
+ corenet_receive_kerberos_admin_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mssql_server packets.
+## Do not audit attempts to send and receive kerberos_admin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40769,14 +41212,14 @@ interface(`corenet_sendrecv_mssql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
- corenet_dontaudit_send_mssql_server_packets($1)
- corenet_dontaudit_receive_mssql_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_admin_server_packets',`
+ corenet_dontaudit_send_kerberos_admin_server_packets($1)
+ corenet_dontaudit_receive_kerberos_admin_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mssql_server the packet type.
+## Relabel packets to kerberos_admin_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -40784,12 +41227,12 @@ interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mssql_server_packets',`
+interface(`corenet_relabelto_kerberos_admin_server_packets',`
gen_require(`
- type mssql_server_packet_t;
+ type kerberos_admin_server_packet_t;
')
- allow $1 mssql_server_packet_t:packet relabelto;
+ allow $1 kerberos_admin_server_packet_t:packet relabelto;
')
@@ -40797,7 +41240,7 @@ interface(`corenet_relabelto_mssql_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the munin port.
+## Send and receive TCP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40806,17 +41249,17 @@ interface(`corenet_relabelto_mssql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_munin_port',`
+interface(`corenet_tcp_sendrecv_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 kerberos_master_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the munin port.
+## Send UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40825,17 +41268,17 @@ interface(`corenet_tcp_sendrecv_munin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_munin_port',`
+interface(`corenet_udp_send_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:udp_socket send_msg;
+ allow $1 kerberos_master_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the munin port.
+## Do not audit attempts to send UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40844,17 +41287,17 @@ interface(`corenet_udp_send_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_munin_port',`
+interface(`corenet_dontaudit_udp_send_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- dontaudit $1 munin_port_t:udp_socket send_msg;
+ dontaudit $1 kerberos_master_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the munin port.
+## Receive UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40863,17 +41306,17 @@ interface(`corenet_dontaudit_udp_send_munin_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_munin_port',`
+interface(`corenet_udp_receive_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:udp_socket recv_msg;
+ allow $1 kerberos_master_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the munin port.
+## Do not audit attempts to receive UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40882,17 +41325,17 @@ interface(`corenet_udp_receive_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_munin_port',`
+interface(`corenet_dontaudit_udp_receive_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- dontaudit $1 munin_port_t:udp_socket recv_msg;
+ dontaudit $1 kerberos_master_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the munin port.
+## Send and receive UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40901,15 +41344,15 @@ interface(`corenet_dontaudit_udp_receive_munin_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_munin_port',`
- corenet_udp_send_munin_port($1)
- corenet_udp_receive_munin_port($1)
+interface(`corenet_udp_sendrecv_kerberos_master_port',`
+ corenet_udp_send_kerberos_master_port($1)
+ corenet_udp_receive_kerberos_master_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the munin port.
+## UDP traffic on the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40918,14 +41361,14 @@ interface(`corenet_udp_sendrecv_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
- corenet_dontaudit_udp_send_munin_port($1)
- corenet_dontaudit_udp_receive_munin_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_kerberos_master_port',`
+ corenet_dontaudit_udp_send_kerberos_master_port($1)
+ corenet_dontaudit_udp_receive_kerberos_master_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the munin port.
+## Bind TCP sockets to the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40934,18 +41377,18 @@ interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_munin_port',`
+interface(`corenet_tcp_bind_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:tcp_socket name_bind;
+ allow $1 kerberos_master_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the munin port.
+## Bind UDP sockets to the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40954,18 +41397,18 @@ interface(`corenet_tcp_bind_munin_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_munin_port',`
+interface(`corenet_udp_bind_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:udp_socket name_bind;
+ allow $1 kerberos_master_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the munin port.
+## Make a TCP connection to the kerberos_master port.
## </summary>
## <param name="domain">
## <summary>
@@ -40973,18 +41416,18 @@ interface(`corenet_udp_bind_munin_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_munin_port',`
+interface(`corenet_tcp_connect_kerberos_master_port',`
gen_require(`
- type munin_port_t;
+ type kerberos_master_port_t;
')
- allow $1 munin_port_t:tcp_socket name_connect;
+ allow $1 kerberos_master_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send munin_client packets.
+## Send kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -40993,17 +41436,17 @@ interface(`corenet_tcp_connect_munin_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_munin_client_packets',`
+interface(`corenet_send_kerberos_master_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type kerberos_master_client_packet_t;
')
- allow $1 munin_client_packet_t:packet send;
+ allow $1 kerberos_master_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send munin_client packets.
+## Do not audit attempts to send kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41012,17 +41455,17 @@ interface(`corenet_send_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_munin_client_packets',`
+interface(`corenet_dontaudit_send_kerberos_master_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type kerberos_master_client_packet_t;
')
- dontaudit $1 munin_client_packet_t:packet send;
+ dontaudit $1 kerberos_master_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive munin_client packets.
+## Receive kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41031,17 +41474,17 @@ interface(`corenet_dontaudit_send_munin_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_munin_client_packets',`
+interface(`corenet_receive_kerberos_master_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type kerberos_master_client_packet_t;
')
- allow $1 munin_client_packet_t:packet recv;
+ allow $1 kerberos_master_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive munin_client packets.
+## Do not audit attempts to receive kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41050,17 +41493,17 @@ interface(`corenet_receive_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_munin_client_packets',`
+interface(`corenet_dontaudit_receive_kerberos_master_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type kerberos_master_client_packet_t;
')
- dontaudit $1 munin_client_packet_t:packet recv;
+ dontaudit $1 kerberos_master_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive munin_client packets.
+## Send and receive kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41069,14 +41512,14 @@ interface(`corenet_dontaudit_receive_munin_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_munin_client_packets',`
- corenet_send_munin_client_packets($1)
- corenet_receive_munin_client_packets($1)
+interface(`corenet_sendrecv_kerberos_master_client_packets',`
+ corenet_send_kerberos_master_client_packets($1)
+ corenet_receive_kerberos_master_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive munin_client packets.
+## Do not audit attempts to send and receive kerberos_master_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41085,14 +41528,14 @@ interface(`corenet_sendrecv_munin_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
- corenet_dontaudit_send_munin_client_packets($1)
- corenet_dontaudit_receive_munin_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_master_client_packets',`
+ corenet_dontaudit_send_kerberos_master_client_packets($1)
+ corenet_dontaudit_receive_kerberos_master_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to munin_client the packet type.
+## Relabel packets to kerberos_master_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -41100,18 +41543,18 @@ interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_munin_client_packets',`
+interface(`corenet_relabelto_kerberos_master_client_packets',`
gen_require(`
- type munin_client_packet_t;
+ type kerberos_master_client_packet_t;
')
- allow $1 munin_client_packet_t:packet relabelto;
+ allow $1 kerberos_master_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send munin_server packets.
+## Send kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41120,17 +41563,17 @@ interface(`corenet_relabelto_munin_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_munin_server_packets',`
+interface(`corenet_send_kerberos_master_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type kerberos_master_server_packet_t;
')
- allow $1 munin_server_packet_t:packet send;
+ allow $1 kerberos_master_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send munin_server packets.
+## Do not audit attempts to send kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41139,17 +41582,17 @@ interface(`corenet_send_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_munin_server_packets',`
+interface(`corenet_dontaudit_send_kerberos_master_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type kerberos_master_server_packet_t;
')
- dontaudit $1 munin_server_packet_t:packet send;
+ dontaudit $1 kerberos_master_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive munin_server packets.
+## Receive kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41158,17 +41601,17 @@ interface(`corenet_dontaudit_send_munin_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_munin_server_packets',`
+interface(`corenet_receive_kerberos_master_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type kerberos_master_server_packet_t;
')
- allow $1 munin_server_packet_t:packet recv;
+ allow $1 kerberos_master_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive munin_server packets.
+## Do not audit attempts to receive kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41177,17 +41620,17 @@ interface(`corenet_receive_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_munin_server_packets',`
+interface(`corenet_dontaudit_receive_kerberos_master_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type kerberos_master_server_packet_t;
')
- dontaudit $1 munin_server_packet_t:packet recv;
+ dontaudit $1 kerberos_master_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive munin_server packets.
+## Send and receive kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41196,14 +41639,14 @@ interface(`corenet_dontaudit_receive_munin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_munin_server_packets',`
- corenet_send_munin_server_packets($1)
- corenet_receive_munin_server_packets($1)
+interface(`corenet_sendrecv_kerberos_master_server_packets',`
+ corenet_send_kerberos_master_server_packets($1)
+ corenet_receive_kerberos_master_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive munin_server packets.
+## Do not audit attempts to send and receive kerberos_master_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41212,14 +41655,14 @@ interface(`corenet_sendrecv_munin_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
- corenet_dontaudit_send_munin_server_packets($1)
- corenet_dontaudit_receive_munin_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_kerberos_master_server_packets',`
+ corenet_dontaudit_send_kerberos_master_server_packets($1)
+ corenet_dontaudit_receive_kerberos_master_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to munin_server the packet type.
+## Relabel packets to kerberos_master_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -41227,12 +41670,12 @@ interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_munin_server_packets',`
+interface(`corenet_relabelto_kerberos_master_server_packets',`
gen_require(`
- type munin_server_packet_t;
+ type kerberos_master_server_packet_t;
')
- allow $1 munin_server_packet_t:packet relabelto;
+ allow $1 kerberos_master_server_packet_t:packet relabelto;
')
@@ -41240,7 +41683,7 @@ interface(`corenet_relabelto_munin_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mysqld port.
+## Send and receive TCP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41249,17 +41692,17 @@ interface(`corenet_relabelto_munin_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mysqld_port',`
+interface(`corenet_tcp_sendrecv_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 kismet_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mysqld port.
+## Send UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41268,17 +41711,17 @@ interface(`corenet_tcp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mysqld_port',`
+interface(`corenet_udp_send_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:udp_socket send_msg;
+ allow $1 kismet_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mysqld port.
+## Do not audit attempts to send UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41287,17 +41730,17 @@ interface(`corenet_udp_send_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mysqld_port',`
+interface(`corenet_dontaudit_udp_send_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- dontaudit $1 mysqld_port_t:udp_socket send_msg;
+ dontaudit $1 kismet_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mysqld port.
+## Receive UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41306,17 +41749,17 @@ interface(`corenet_dontaudit_udp_send_mysqld_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mysqld_port',`
+interface(`corenet_udp_receive_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:udp_socket recv_msg;
+ allow $1 kismet_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mysqld port.
+## Do not audit attempts to receive UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41325,17 +41768,17 @@ interface(`corenet_udp_receive_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mysqld_port',`
+interface(`corenet_dontaudit_udp_receive_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- dontaudit $1 mysqld_port_t:udp_socket recv_msg;
+ dontaudit $1 kismet_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mysqld port.
+## Send and receive UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41344,15 +41787,15 @@ interface(`corenet_dontaudit_udp_receive_mysqld_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mysqld_port',`
- corenet_udp_send_mysqld_port($1)
- corenet_udp_receive_mysqld_port($1)
+interface(`corenet_udp_sendrecv_kismet_port',`
+ corenet_udp_send_kismet_port($1)
+ corenet_udp_receive_kismet_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mysqld port.
+## UDP traffic on the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41361,14 +41804,14 @@ interface(`corenet_udp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
- corenet_dontaudit_udp_send_mysqld_port($1)
- corenet_dontaudit_udp_receive_mysqld_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_kismet_port',`
+ corenet_dontaudit_udp_send_kismet_port($1)
+ corenet_dontaudit_udp_receive_kismet_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mysqld port.
+## Bind TCP sockets to the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41377,18 +41820,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mysqld_port',`
+interface(`corenet_tcp_bind_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 kismet_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the mysqld port.
+## Bind UDP sockets to the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41397,18 +41840,18 @@ interface(`corenet_tcp_bind_mysqld_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mysqld_port',`
+interface(`corenet_udp_bind_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 kismet_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the mysqld port.
+## Make a TCP connection to the kismet port.
## </summary>
## <param name="domain">
## <summary>
@@ -41416,18 +41859,18 @@ interface(`corenet_udp_bind_mysqld_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mysqld_port',`
+interface(`corenet_tcp_connect_kismet_port',`
gen_require(`
- type mysqld_port_t;
+ type kismet_port_t;
')
- allow $1 mysqld_port_t:tcp_socket name_connect;
+ allow $1 kismet_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mysqld_client packets.
+## Send kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41436,17 +41879,17 @@ interface(`corenet_tcp_connect_mysqld_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqld_client_packets',`
+interface(`corenet_send_kismet_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type kismet_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet send;
+ allow $1 kismet_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqld_client packets.
+## Do not audit attempts to send kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41455,17 +41898,17 @@ interface(`corenet_send_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqld_client_packets',`
+interface(`corenet_dontaudit_send_kismet_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type kismet_client_packet_t;
')
- dontaudit $1 mysqld_client_packet_t:packet send;
+ dontaudit $1 kismet_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqld_client packets.
+## Receive kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41474,17 +41917,17 @@ interface(`corenet_dontaudit_send_mysqld_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqld_client_packets',`
+interface(`corenet_receive_kismet_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type kismet_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet recv;
+ allow $1 kismet_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqld_client packets.
+## Do not audit attempts to receive kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41493,17 +41936,17 @@ interface(`corenet_receive_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqld_client_packets',`
+interface(`corenet_dontaudit_receive_kismet_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type kismet_client_packet_t;
')
- dontaudit $1 mysqld_client_packet_t:packet recv;
+ dontaudit $1 kismet_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqld_client packets.
+## Send and receive kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41512,14 +41955,14 @@ interface(`corenet_dontaudit_receive_mysqld_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqld_client_packets',`
- corenet_send_mysqld_client_packets($1)
- corenet_receive_mysqld_client_packets($1)
+interface(`corenet_sendrecv_kismet_client_packets',`
+ corenet_send_kismet_client_packets($1)
+ corenet_receive_kismet_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqld_client packets.
+## Do not audit attempts to send and receive kismet_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41528,14 +41971,14 @@ interface(`corenet_sendrecv_mysqld_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
- corenet_dontaudit_send_mysqld_client_packets($1)
- corenet_dontaudit_receive_mysqld_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_kismet_client_packets',`
+ corenet_dontaudit_send_kismet_client_packets($1)
+ corenet_dontaudit_receive_kismet_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqld_client the packet type.
+## Relabel packets to kismet_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -41543,18 +41986,18 @@ interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqld_client_packets',`
+interface(`corenet_relabelto_kismet_client_packets',`
gen_require(`
- type mysqld_client_packet_t;
+ type kismet_client_packet_t;
')
- allow $1 mysqld_client_packet_t:packet relabelto;
+ allow $1 kismet_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mysqld_server packets.
+## Send kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41563,17 +42006,17 @@ interface(`corenet_relabelto_mysqld_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqld_server_packets',`
+interface(`corenet_send_kismet_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type kismet_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet send;
+ allow $1 kismet_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqld_server packets.
+## Do not audit attempts to send kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41582,17 +42025,17 @@ interface(`corenet_send_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqld_server_packets',`
+interface(`corenet_dontaudit_send_kismet_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type kismet_server_packet_t;
')
- dontaudit $1 mysqld_server_packet_t:packet send;
+ dontaudit $1 kismet_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqld_server packets.
+## Receive kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41601,17 +42044,17 @@ interface(`corenet_dontaudit_send_mysqld_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqld_server_packets',`
+interface(`corenet_receive_kismet_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type kismet_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet recv;
+ allow $1 kismet_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqld_server packets.
+## Do not audit attempts to receive kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41620,17 +42063,17 @@ interface(`corenet_receive_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqld_server_packets',`
+interface(`corenet_dontaudit_receive_kismet_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type kismet_server_packet_t;
')
- dontaudit $1 mysqld_server_packet_t:packet recv;
+ dontaudit $1 kismet_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqld_server packets.
+## Send and receive kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41639,14 +42082,14 @@ interface(`corenet_dontaudit_receive_mysqld_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqld_server_packets',`
- corenet_send_mysqld_server_packets($1)
- corenet_receive_mysqld_server_packets($1)
+interface(`corenet_sendrecv_kismet_server_packets',`
+ corenet_send_kismet_server_packets($1)
+ corenet_receive_kismet_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqld_server packets.
+## Do not audit attempts to send and receive kismet_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41655,14 +42098,14 @@ interface(`corenet_sendrecv_mysqld_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
- corenet_dontaudit_send_mysqld_server_packets($1)
- corenet_dontaudit_receive_mysqld_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_kismet_server_packets',`
+ corenet_dontaudit_send_kismet_server_packets($1)
+ corenet_dontaudit_receive_kismet_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqld_server the packet type.
+## Relabel packets to kismet_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -41670,12 +42113,12 @@ interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqld_server_packets',`
+interface(`corenet_relabelto_kismet_server_packets',`
gen_require(`
- type mysqld_server_packet_t;
+ type kismet_server_packet_t;
')
- allow $1 mysqld_server_packet_t:packet relabelto;
+ allow $1 kismet_server_packet_t:packet relabelto;
')
@@ -41683,7 +42126,7 @@ interface(`corenet_relabelto_mysqld_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the mysqlmanagerd port.
+## Send and receive TCP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41692,17 +42135,17 @@ interface(`corenet_relabelto_mysqld_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
+interface(`corenet_tcp_sendrecv_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 kprop_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the mysqlmanagerd port.
+## Send UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41711,17 +42154,17 @@ interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_mysqlmanagerd_port',`
+interface(`corenet_udp_send_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket send_msg;
+ allow $1 kprop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the mysqlmanagerd port.
+## Do not audit attempts to send UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41730,17 +42173,17 @@ interface(`corenet_udp_send_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
+interface(`corenet_dontaudit_udp_send_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- dontaudit $1 mysqlmanagerd_port_t:udp_socket send_msg;
+ dontaudit $1 kprop_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the mysqlmanagerd port.
+## Receive UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41749,17 +42192,17 @@ interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_mysqlmanagerd_port',`
+interface(`corenet_udp_receive_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket recv_msg;
+ allow $1 kprop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the mysqlmanagerd port.
+## Do not audit attempts to receive UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41768,17 +42211,17 @@ interface(`corenet_udp_receive_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
+interface(`corenet_dontaudit_udp_receive_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- dontaudit $1 mysqlmanagerd_port_t:udp_socket recv_msg;
+ dontaudit $1 kprop_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the mysqlmanagerd port.
+## Send and receive UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41787,15 +42230,15 @@ interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
- corenet_udp_send_mysqlmanagerd_port($1)
- corenet_udp_receive_mysqlmanagerd_port($1)
+interface(`corenet_udp_sendrecv_kprop_port',`
+ corenet_udp_send_kprop_port($1)
+ corenet_udp_receive_kprop_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the mysqlmanagerd port.
+## UDP traffic on the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41804,14 +42247,14 @@ interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
- corenet_dontaudit_udp_send_mysqlmanagerd_port($1)
- corenet_dontaudit_udp_receive_mysqlmanagerd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_kprop_port',`
+ corenet_dontaudit_udp_send_kprop_port($1)
+ corenet_dontaudit_udp_receive_kprop_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the mysqlmanagerd port.
+## Bind TCP sockets to the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41820,18 +42263,18 @@ interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_mysqlmanagerd_port',`
+interface(`corenet_tcp_bind_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket name_bind;
-
+ allow $1 kprop_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the mysqlmanagerd port.
+## Bind UDP sockets to the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41840,18 +42283,18 @@ interface(`corenet_tcp_bind_mysqlmanagerd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_mysqlmanagerd_port',`
+interface(`corenet_udp_bind_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:udp_socket name_bind;
-
+ allow $1 kprop_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the mysqlmanagerd port.
+## Make a TCP connection to the kprop port.
## </summary>
## <param name="domain">
## <summary>
@@ -41859,18 +42302,18 @@ interface(`corenet_udp_bind_mysqlmanagerd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_mysqlmanagerd_port',`
+interface(`corenet_tcp_connect_kprop_port',`
gen_require(`
- type mysqlmanagerd_port_t;
+ type kprop_port_t;
')
- allow $1 mysqlmanagerd_port_t:tcp_socket name_connect;
+ allow $1 kprop_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send mysqlmanagerd_client packets.
+## Send kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41879,17 +42322,17 @@ interface(`corenet_tcp_connect_mysqlmanagerd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqlmanagerd_client_packets',`
+interface(`corenet_send_kprop_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type kprop_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet send;
+ allow $1 kprop_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqlmanagerd_client packets.
+## Do not audit attempts to send kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41898,17 +42341,17 @@ interface(`corenet_send_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
+interface(`corenet_dontaudit_send_kprop_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type kprop_client_packet_t;
')
- dontaudit $1 mysqlmanagerd_client_packet_t:packet send;
+ dontaudit $1 kprop_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqlmanagerd_client packets.
+## Receive kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41917,17 +42360,17 @@ interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqlmanagerd_client_packets',`
+interface(`corenet_receive_kprop_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type kprop_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet recv;
+ allow $1 kprop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqlmanagerd_client packets.
+## Do not audit attempts to receive kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41936,17 +42379,17 @@ interface(`corenet_receive_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
+interface(`corenet_dontaudit_receive_kprop_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type kprop_client_packet_t;
')
- dontaudit $1 mysqlmanagerd_client_packet_t:packet recv;
+ dontaudit $1 kprop_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqlmanagerd_client packets.
+## Send and receive kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41955,14 +42398,14 @@ interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
- corenet_send_mysqlmanagerd_client_packets($1)
- corenet_receive_mysqlmanagerd_client_packets($1)
+interface(`corenet_sendrecv_kprop_client_packets',`
+ corenet_send_kprop_client_packets($1)
+ corenet_receive_kprop_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqlmanagerd_client packets.
+## Do not audit attempts to send and receive kprop_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -41971,14 +42414,14 @@ interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
- corenet_dontaudit_send_mysqlmanagerd_client_packets($1)
- corenet_dontaudit_receive_mysqlmanagerd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_kprop_client_packets',`
+ corenet_dontaudit_send_kprop_client_packets($1)
+ corenet_dontaudit_receive_kprop_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqlmanagerd_client the packet type.
+## Relabel packets to kprop_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -41986,18 +42429,18 @@ interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
+interface(`corenet_relabelto_kprop_client_packets',`
gen_require(`
- type mysqlmanagerd_client_packet_t;
+ type kprop_client_packet_t;
')
- allow $1 mysqlmanagerd_client_packet_t:packet relabelto;
+ allow $1 kprop_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send mysqlmanagerd_server packets.
+## Send kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42006,17 +42449,17 @@ interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_mysqlmanagerd_server_packets',`
+interface(`corenet_send_kprop_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type kprop_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet send;
+ allow $1 kprop_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send mysqlmanagerd_server packets.
+## Do not audit attempts to send kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42025,17 +42468,17 @@ interface(`corenet_send_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
+interface(`corenet_dontaudit_send_kprop_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type kprop_server_packet_t;
')
- dontaudit $1 mysqlmanagerd_server_packet_t:packet send;
+ dontaudit $1 kprop_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive mysqlmanagerd_server packets.
+## Receive kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42044,17 +42487,17 @@ interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_mysqlmanagerd_server_packets',`
+interface(`corenet_receive_kprop_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type kprop_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet recv;
+ allow $1 kprop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive mysqlmanagerd_server packets.
+## Do not audit attempts to receive kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42063,17 +42506,17 @@ interface(`corenet_receive_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
+interface(`corenet_dontaudit_receive_kprop_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type kprop_server_packet_t;
')
- dontaudit $1 mysqlmanagerd_server_packet_t:packet recv;
+ dontaudit $1 kprop_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive mysqlmanagerd_server packets.
+## Send and receive kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42082,14 +42525,14 @@ interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
- corenet_send_mysqlmanagerd_server_packets($1)
- corenet_receive_mysqlmanagerd_server_packets($1)
+interface(`corenet_sendrecv_kprop_server_packets',`
+ corenet_send_kprop_server_packets($1)
+ corenet_receive_kprop_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive mysqlmanagerd_server packets.
+## Do not audit attempts to send and receive kprop_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42098,14 +42541,14 @@ interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
- corenet_dontaudit_send_mysqlmanagerd_server_packets($1)
- corenet_dontaudit_receive_mysqlmanagerd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_kprop_server_packets',`
+ corenet_dontaudit_send_kprop_server_packets($1)
+ corenet_dontaudit_receive_kprop_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to mysqlmanagerd_server the packet type.
+## Relabel packets to kprop_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -42113,12 +42556,12 @@ interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
+interface(`corenet_relabelto_kprop_server_packets',`
gen_require(`
- type mysqlmanagerd_server_packet_t;
+ type kprop_server_packet_t;
')
- allow $1 mysqlmanagerd_server_packet_t:packet relabelto;
+ allow $1 kprop_server_packet_t:packet relabelto;
')
@@ -42126,7 +42569,7 @@ interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nessus port.
+## Send and receive TCP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42135,17 +42578,17 @@ interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nessus_port',`
+interface(`corenet_tcp_sendrecv_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ktalkd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nessus port.
+## Send UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42154,17 +42597,17 @@ interface(`corenet_tcp_sendrecv_nessus_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nessus_port',`
+interface(`corenet_udp_send_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:udp_socket send_msg;
+ allow $1 ktalkd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nessus port.
+## Do not audit attempts to send UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42173,17 +42616,17 @@ interface(`corenet_udp_send_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nessus_port',`
+interface(`corenet_dontaudit_udp_send_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- dontaudit $1 nessus_port_t:udp_socket send_msg;
+ dontaudit $1 ktalkd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nessus port.
+## Receive UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42192,17 +42635,17 @@ interface(`corenet_dontaudit_udp_send_nessus_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nessus_port',`
+interface(`corenet_udp_receive_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:udp_socket recv_msg;
+ allow $1 ktalkd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nessus port.
+## Do not audit attempts to receive UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42211,17 +42654,17 @@ interface(`corenet_udp_receive_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nessus_port',`
+interface(`corenet_dontaudit_udp_receive_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- dontaudit $1 nessus_port_t:udp_socket recv_msg;
+ dontaudit $1 ktalkd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nessus port.
+## Send and receive UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42230,15 +42673,15 @@ interface(`corenet_dontaudit_udp_receive_nessus_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nessus_port',`
- corenet_udp_send_nessus_port($1)
- corenet_udp_receive_nessus_port($1)
+interface(`corenet_udp_sendrecv_ktalkd_port',`
+ corenet_udp_send_ktalkd_port($1)
+ corenet_udp_receive_ktalkd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nessus port.
+## UDP traffic on the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42247,14 +42690,14 @@ interface(`corenet_udp_sendrecv_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
- corenet_dontaudit_udp_send_nessus_port($1)
- corenet_dontaudit_udp_receive_nessus_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ktalkd_port',`
+ corenet_dontaudit_udp_send_ktalkd_port($1)
+ corenet_dontaudit_udp_receive_ktalkd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nessus port.
+## Bind TCP sockets to the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42263,18 +42706,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nessus_port',`
+interface(`corenet_tcp_bind_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:tcp_socket name_bind;
-
+ allow $1 ktalkd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the nessus port.
+## Bind UDP sockets to the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42283,18 +42726,18 @@ interface(`corenet_tcp_bind_nessus_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nessus_port',`
+interface(`corenet_udp_bind_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:udp_socket name_bind;
-
+ allow $1 ktalkd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the nessus port.
+## Make a TCP connection to the ktalkd port.
## </summary>
## <param name="domain">
## <summary>
@@ -42302,18 +42745,18 @@ interface(`corenet_udp_bind_nessus_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nessus_port',`
+interface(`corenet_tcp_connect_ktalkd_port',`
gen_require(`
- type nessus_port_t;
+ type ktalkd_port_t;
')
- allow $1 nessus_port_t:tcp_socket name_connect;
+ allow $1 ktalkd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nessus_client packets.
+## Send ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42322,17 +42765,17 @@ interface(`corenet_tcp_connect_nessus_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nessus_client_packets',`
+interface(`corenet_send_ktalkd_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type ktalkd_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet send;
+ allow $1 ktalkd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nessus_client packets.
+## Do not audit attempts to send ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42341,17 +42784,17 @@ interface(`corenet_send_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nessus_client_packets',`
+interface(`corenet_dontaudit_send_ktalkd_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type ktalkd_client_packet_t;
')
- dontaudit $1 nessus_client_packet_t:packet send;
+ dontaudit $1 ktalkd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nessus_client packets.
+## Receive ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42360,17 +42803,17 @@ interface(`corenet_dontaudit_send_nessus_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nessus_client_packets',`
+interface(`corenet_receive_ktalkd_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type ktalkd_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet recv;
+ allow $1 ktalkd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nessus_client packets.
+## Do not audit attempts to receive ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42379,17 +42822,17 @@ interface(`corenet_receive_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nessus_client_packets',`
+interface(`corenet_dontaudit_receive_ktalkd_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type ktalkd_client_packet_t;
')
- dontaudit $1 nessus_client_packet_t:packet recv;
+ dontaudit $1 ktalkd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nessus_client packets.
+## Send and receive ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42398,14 +42841,14 @@ interface(`corenet_dontaudit_receive_nessus_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nessus_client_packets',`
- corenet_send_nessus_client_packets($1)
- corenet_receive_nessus_client_packets($1)
+interface(`corenet_sendrecv_ktalkd_client_packets',`
+ corenet_send_ktalkd_client_packets($1)
+ corenet_receive_ktalkd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nessus_client packets.
+## Do not audit attempts to send and receive ktalkd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42414,14 +42857,14 @@ interface(`corenet_sendrecv_nessus_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
- corenet_dontaudit_send_nessus_client_packets($1)
- corenet_dontaudit_receive_nessus_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ktalkd_client_packets',`
+ corenet_dontaudit_send_ktalkd_client_packets($1)
+ corenet_dontaudit_receive_ktalkd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nessus_client the packet type.
+## Relabel packets to ktalkd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -42429,18 +42872,18 @@ interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nessus_client_packets',`
+interface(`corenet_relabelto_ktalkd_client_packets',`
gen_require(`
- type nessus_client_packet_t;
+ type ktalkd_client_packet_t;
')
- allow $1 nessus_client_packet_t:packet relabelto;
+ allow $1 ktalkd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nessus_server packets.
+## Send ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42449,17 +42892,17 @@ interface(`corenet_relabelto_nessus_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nessus_server_packets',`
+interface(`corenet_send_ktalkd_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type ktalkd_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet send;
+ allow $1 ktalkd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nessus_server packets.
+## Do not audit attempts to send ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42468,17 +42911,17 @@ interface(`corenet_send_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nessus_server_packets',`
+interface(`corenet_dontaudit_send_ktalkd_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type ktalkd_server_packet_t;
')
- dontaudit $1 nessus_server_packet_t:packet send;
+ dontaudit $1 ktalkd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nessus_server packets.
+## Receive ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42487,17 +42930,17 @@ interface(`corenet_dontaudit_send_nessus_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nessus_server_packets',`
+interface(`corenet_receive_ktalkd_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type ktalkd_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet recv;
+ allow $1 ktalkd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nessus_server packets.
+## Do not audit attempts to receive ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42506,17 +42949,17 @@ interface(`corenet_receive_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nessus_server_packets',`
+interface(`corenet_dontaudit_receive_ktalkd_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type ktalkd_server_packet_t;
')
- dontaudit $1 nessus_server_packet_t:packet recv;
+ dontaudit $1 ktalkd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nessus_server packets.
+## Send and receive ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42525,14 +42968,14 @@ interface(`corenet_dontaudit_receive_nessus_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nessus_server_packets',`
- corenet_send_nessus_server_packets($1)
- corenet_receive_nessus_server_packets($1)
+interface(`corenet_sendrecv_ktalkd_server_packets',`
+ corenet_send_ktalkd_server_packets($1)
+ corenet_receive_ktalkd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nessus_server packets.
+## Do not audit attempts to send and receive ktalkd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42541,14 +42984,14 @@ interface(`corenet_sendrecv_nessus_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
- corenet_dontaudit_send_nessus_server_packets($1)
- corenet_dontaudit_receive_nessus_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ktalkd_server_packets',`
+ corenet_dontaudit_send_ktalkd_server_packets($1)
+ corenet_dontaudit_receive_ktalkd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nessus_server the packet type.
+## Relabel packets to ktalkd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -42556,12 +42999,12 @@ interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nessus_server_packets',`
+interface(`corenet_relabelto_ktalkd_server_packets',`
gen_require(`
- type nessus_server_packet_t;
+ type ktalkd_server_packet_t;
')
- allow $1 nessus_server_packet_t:packet relabelto;
+ allow $1 ktalkd_server_packet_t:packet relabelto;
')
@@ -42569,7 +43012,7 @@ interface(`corenet_relabelto_nessus_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the netport port.
+## Send and receive TCP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42578,17 +43021,17 @@ interface(`corenet_relabelto_nessus_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_netport_port',`
+interface(`corenet_tcp_sendrecv_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 l2tp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the netport port.
+## Send UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42597,17 +43040,17 @@ interface(`corenet_tcp_sendrecv_netport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_netport_port',`
+interface(`corenet_udp_send_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:udp_socket send_msg;
+ allow $1 l2tp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the netport port.
+## Do not audit attempts to send UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42616,17 +43059,17 @@ interface(`corenet_udp_send_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_netport_port',`
+interface(`corenet_dontaudit_udp_send_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- dontaudit $1 netport_port_t:udp_socket send_msg;
+ dontaudit $1 l2tp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the netport port.
+## Receive UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42635,17 +43078,17 @@ interface(`corenet_dontaudit_udp_send_netport_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_netport_port',`
+interface(`corenet_udp_receive_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:udp_socket recv_msg;
+ allow $1 l2tp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the netport port.
+## Do not audit attempts to receive UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42654,17 +43097,17 @@ interface(`corenet_udp_receive_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_netport_port',`
+interface(`corenet_dontaudit_udp_receive_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- dontaudit $1 netport_port_t:udp_socket recv_msg;
+ dontaudit $1 l2tp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the netport port.
+## Send and receive UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42673,15 +43116,15 @@ interface(`corenet_dontaudit_udp_receive_netport_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_netport_port',`
- corenet_udp_send_netport_port($1)
- corenet_udp_receive_netport_port($1)
+interface(`corenet_udp_sendrecv_l2tp_port',`
+ corenet_udp_send_l2tp_port($1)
+ corenet_udp_receive_l2tp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the netport port.
+## UDP traffic on the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42690,14 +43133,14 @@ interface(`corenet_udp_sendrecv_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
- corenet_dontaudit_udp_send_netport_port($1)
- corenet_dontaudit_udp_receive_netport_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_l2tp_port',`
+ corenet_dontaudit_udp_send_l2tp_port($1)
+ corenet_dontaudit_udp_receive_l2tp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the netport port.
+## Bind TCP sockets to the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42706,18 +43149,18 @@ interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_netport_port',`
+interface(`corenet_tcp_bind_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:tcp_socket name_bind;
+ allow $1 l2tp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the netport port.
+## Bind UDP sockets to the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42726,18 +43169,18 @@ interface(`corenet_tcp_bind_netport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_netport_port',`
+interface(`corenet_udp_bind_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:udp_socket name_bind;
+ allow $1 l2tp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the netport port.
+## Make a TCP connection to the l2tp port.
## </summary>
## <param name="domain">
## <summary>
@@ -42745,18 +43188,18 @@ interface(`corenet_udp_bind_netport_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_netport_port',`
+interface(`corenet_tcp_connect_l2tp_port',`
gen_require(`
- type netport_port_t;
+ type l2tp_port_t;
')
- allow $1 netport_port_t:tcp_socket name_connect;
+ allow $1 l2tp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send netport_client packets.
+## Send l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42765,17 +43208,17 @@ interface(`corenet_tcp_connect_netport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netport_client_packets',`
+interface(`corenet_send_l2tp_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type l2tp_client_packet_t;
')
- allow $1 netport_client_packet_t:packet send;
+ allow $1 l2tp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netport_client packets.
+## Do not audit attempts to send l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42784,17 +43227,17 @@ interface(`corenet_send_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netport_client_packets',`
+interface(`corenet_dontaudit_send_l2tp_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type l2tp_client_packet_t;
')
- dontaudit $1 netport_client_packet_t:packet send;
+ dontaudit $1 l2tp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive netport_client packets.
+## Receive l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42803,17 +43246,17 @@ interface(`corenet_dontaudit_send_netport_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netport_client_packets',`
+interface(`corenet_receive_l2tp_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type l2tp_client_packet_t;
')
- allow $1 netport_client_packet_t:packet recv;
+ allow $1 l2tp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netport_client packets.
+## Do not audit attempts to receive l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42822,17 +43265,17 @@ interface(`corenet_receive_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netport_client_packets',`
+interface(`corenet_dontaudit_receive_l2tp_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type l2tp_client_packet_t;
')
- dontaudit $1 netport_client_packet_t:packet recv;
+ dontaudit $1 l2tp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netport_client packets.
+## Send and receive l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42841,14 +43284,14 @@ interface(`corenet_dontaudit_receive_netport_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netport_client_packets',`
- corenet_send_netport_client_packets($1)
- corenet_receive_netport_client_packets($1)
+interface(`corenet_sendrecv_l2tp_client_packets',`
+ corenet_send_l2tp_client_packets($1)
+ corenet_receive_l2tp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netport_client packets.
+## Do not audit attempts to send and receive l2tp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42857,14 +43300,14 @@ interface(`corenet_sendrecv_netport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
- corenet_dontaudit_send_netport_client_packets($1)
- corenet_dontaudit_receive_netport_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_l2tp_client_packets',`
+ corenet_dontaudit_send_l2tp_client_packets($1)
+ corenet_dontaudit_receive_l2tp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to netport_client the packet type.
+## Relabel packets to l2tp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -42872,18 +43315,18 @@ interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netport_client_packets',`
+interface(`corenet_relabelto_l2tp_client_packets',`
gen_require(`
- type netport_client_packet_t;
+ type l2tp_client_packet_t;
')
- allow $1 netport_client_packet_t:packet relabelto;
+ allow $1 l2tp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send netport_server packets.
+## Send l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42892,17 +43335,17 @@ interface(`corenet_relabelto_netport_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netport_server_packets',`
+interface(`corenet_send_l2tp_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type l2tp_server_packet_t;
')
- allow $1 netport_server_packet_t:packet send;
+ allow $1 l2tp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netport_server packets.
+## Do not audit attempts to send l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42911,17 +43354,17 @@ interface(`corenet_send_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netport_server_packets',`
+interface(`corenet_dontaudit_send_l2tp_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type l2tp_server_packet_t;
')
- dontaudit $1 netport_server_packet_t:packet send;
+ dontaudit $1 l2tp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive netport_server packets.
+## Receive l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42930,17 +43373,17 @@ interface(`corenet_dontaudit_send_netport_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netport_server_packets',`
+interface(`corenet_receive_l2tp_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type l2tp_server_packet_t;
')
- allow $1 netport_server_packet_t:packet recv;
+ allow $1 l2tp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netport_server packets.
+## Do not audit attempts to receive l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42949,17 +43392,17 @@ interface(`corenet_receive_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netport_server_packets',`
+interface(`corenet_dontaudit_receive_l2tp_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type l2tp_server_packet_t;
')
- dontaudit $1 netport_server_packet_t:packet recv;
+ dontaudit $1 l2tp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netport_server packets.
+## Send and receive l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42968,14 +43411,14 @@ interface(`corenet_dontaudit_receive_netport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netport_server_packets',`
- corenet_send_netport_server_packets($1)
- corenet_receive_netport_server_packets($1)
+interface(`corenet_sendrecv_l2tp_server_packets',`
+ corenet_send_l2tp_server_packets($1)
+ corenet_receive_l2tp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netport_server packets.
+## Do not audit attempts to send and receive l2tp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -42984,14 +43427,14 @@ interface(`corenet_sendrecv_netport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
- corenet_dontaudit_send_netport_server_packets($1)
- corenet_dontaudit_receive_netport_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_l2tp_server_packets',`
+ corenet_dontaudit_send_l2tp_server_packets($1)
+ corenet_dontaudit_receive_l2tp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to netport_server the packet type.
+## Relabel packets to l2tp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -42999,12 +43442,12 @@ interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netport_server_packets',`
+interface(`corenet_relabelto_l2tp_server_packets',`
gen_require(`
- type netport_server_packet_t;
+ type l2tp_server_packet_t;
')
- allow $1 netport_server_packet_t:packet relabelto;
+ allow $1 l2tp_server_packet_t:packet relabelto;
')
@@ -43012,7 +43455,7 @@ interface(`corenet_relabelto_netport_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the netsupport port.
+## Send and receive TCP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43021,17 +43464,17 @@ interface(`corenet_relabelto_netport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_netsupport_port',`
+interface(`corenet_tcp_sendrecv_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ldap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the netsupport port.
+## Send UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43040,17 +43483,17 @@ interface(`corenet_tcp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_netsupport_port',`
+interface(`corenet_udp_send_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:udp_socket send_msg;
+ allow $1 ldap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the netsupport port.
+## Do not audit attempts to send UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43059,17 +43502,17 @@ interface(`corenet_udp_send_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_netsupport_port',`
+interface(`corenet_dontaudit_udp_send_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- dontaudit $1 netsupport_port_t:udp_socket send_msg;
+ dontaudit $1 ldap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the netsupport port.
+## Receive UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43078,17 +43521,17 @@ interface(`corenet_dontaudit_udp_send_netsupport_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_netsupport_port',`
+interface(`corenet_udp_receive_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:udp_socket recv_msg;
+ allow $1 ldap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the netsupport port.
+## Do not audit attempts to receive UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43097,17 +43540,17 @@ interface(`corenet_udp_receive_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_netsupport_port',`
+interface(`corenet_dontaudit_udp_receive_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- dontaudit $1 netsupport_port_t:udp_socket recv_msg;
+ dontaudit $1 ldap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the netsupport port.
+## Send and receive UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43116,15 +43559,15 @@ interface(`corenet_dontaudit_udp_receive_netsupport_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_netsupport_port',`
- corenet_udp_send_netsupport_port($1)
- corenet_udp_receive_netsupport_port($1)
+interface(`corenet_udp_sendrecv_ldap_port',`
+ corenet_udp_send_ldap_port($1)
+ corenet_udp_receive_ldap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the netsupport port.
+## UDP traffic on the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43133,14 +43576,14 @@ interface(`corenet_udp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
- corenet_dontaudit_udp_send_netsupport_port($1)
- corenet_dontaudit_udp_receive_netsupport_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ldap_port',`
+ corenet_dontaudit_udp_send_ldap_port($1)
+ corenet_dontaudit_udp_receive_ldap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the netsupport port.
+## Bind TCP sockets to the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43149,18 +43592,18 @@ interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_netsupport_port',`
+interface(`corenet_tcp_bind_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:tcp_socket name_bind;
-
+ allow $1 ldap_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the netsupport port.
+## Bind UDP sockets to the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43169,18 +43612,18 @@ interface(`corenet_tcp_bind_netsupport_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_netsupport_port',`
+interface(`corenet_udp_bind_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:udp_socket name_bind;
-
+ allow $1 ldap_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the netsupport port.
+## Make a TCP connection to the ldap port.
## </summary>
## <param name="domain">
## <summary>
@@ -43188,18 +43631,18 @@ interface(`corenet_udp_bind_netsupport_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_netsupport_port',`
+interface(`corenet_tcp_connect_ldap_port',`
gen_require(`
- type netsupport_port_t;
+ type ldap_port_t;
')
- allow $1 netsupport_port_t:tcp_socket name_connect;
+ allow $1 ldap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send netsupport_client packets.
+## Send ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43208,17 +43651,17 @@ interface(`corenet_tcp_connect_netsupport_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netsupport_client_packets',`
+interface(`corenet_send_ldap_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type ldap_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet send;
+ allow $1 ldap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netsupport_client packets.
+## Do not audit attempts to send ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43227,17 +43670,17 @@ interface(`corenet_send_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netsupport_client_packets',`
+interface(`corenet_dontaudit_send_ldap_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type ldap_client_packet_t;
')
- dontaudit $1 netsupport_client_packet_t:packet send;
+ dontaudit $1 ldap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive netsupport_client packets.
+## Receive ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43246,17 +43689,17 @@ interface(`corenet_dontaudit_send_netsupport_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netsupport_client_packets',`
+interface(`corenet_receive_ldap_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type ldap_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet recv;
+ allow $1 ldap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netsupport_client packets.
+## Do not audit attempts to receive ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43265,17 +43708,17 @@ interface(`corenet_receive_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netsupport_client_packets',`
+interface(`corenet_dontaudit_receive_ldap_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type ldap_client_packet_t;
')
- dontaudit $1 netsupport_client_packet_t:packet recv;
+ dontaudit $1 ldap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netsupport_client packets.
+## Send and receive ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43284,14 +43727,14 @@ interface(`corenet_dontaudit_receive_netsupport_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netsupport_client_packets',`
- corenet_send_netsupport_client_packets($1)
- corenet_receive_netsupport_client_packets($1)
+interface(`corenet_sendrecv_ldap_client_packets',`
+ corenet_send_ldap_client_packets($1)
+ corenet_receive_ldap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netsupport_client packets.
+## Do not audit attempts to send and receive ldap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43300,14 +43743,14 @@ interface(`corenet_sendrecv_netsupport_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
- corenet_dontaudit_send_netsupport_client_packets($1)
- corenet_dontaudit_receive_netsupport_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ldap_client_packets',`
+ corenet_dontaudit_send_ldap_client_packets($1)
+ corenet_dontaudit_receive_ldap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to netsupport_client the packet type.
+## Relabel packets to ldap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -43315,18 +43758,18 @@ interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netsupport_client_packets',`
+interface(`corenet_relabelto_ldap_client_packets',`
gen_require(`
- type netsupport_client_packet_t;
+ type ldap_client_packet_t;
')
- allow $1 netsupport_client_packet_t:packet relabelto;
+ allow $1 ldap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send netsupport_server packets.
+## Send ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43335,17 +43778,17 @@ interface(`corenet_relabelto_netsupport_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_netsupport_server_packets',`
+interface(`corenet_send_ldap_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type ldap_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet send;
+ allow $1 ldap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send netsupport_server packets.
+## Do not audit attempts to send ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43354,17 +43797,17 @@ interface(`corenet_send_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_netsupport_server_packets',`
+interface(`corenet_dontaudit_send_ldap_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type ldap_server_packet_t;
')
- dontaudit $1 netsupport_server_packet_t:packet send;
+ dontaudit $1 ldap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive netsupport_server packets.
+## Receive ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43373,17 +43816,17 @@ interface(`corenet_dontaudit_send_netsupport_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_netsupport_server_packets',`
+interface(`corenet_receive_ldap_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type ldap_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet recv;
+ allow $1 ldap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive netsupport_server packets.
+## Do not audit attempts to receive ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43392,17 +43835,17 @@ interface(`corenet_receive_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_netsupport_server_packets',`
+interface(`corenet_dontaudit_receive_ldap_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type ldap_server_packet_t;
')
- dontaudit $1 netsupport_server_packet_t:packet recv;
+ dontaudit $1 ldap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive netsupport_server packets.
+## Send and receive ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43411,14 +43854,14 @@ interface(`corenet_dontaudit_receive_netsupport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_netsupport_server_packets',`
- corenet_send_netsupport_server_packets($1)
- corenet_receive_netsupport_server_packets($1)
+interface(`corenet_sendrecv_ldap_server_packets',`
+ corenet_send_ldap_server_packets($1)
+ corenet_receive_ldap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive netsupport_server packets.
+## Do not audit attempts to send and receive ldap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43427,14 +43870,14 @@ interface(`corenet_sendrecv_netsupport_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
- corenet_dontaudit_send_netsupport_server_packets($1)
- corenet_dontaudit_receive_netsupport_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ldap_server_packets',`
+ corenet_dontaudit_send_ldap_server_packets($1)
+ corenet_dontaudit_receive_ldap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to netsupport_server the packet type.
+## Relabel packets to ldap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -43442,12 +43885,12 @@ interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_netsupport_server_packets',`
+interface(`corenet_relabelto_ldap_server_packets',`
gen_require(`
- type netsupport_server_packet_t;
+ type ldap_server_packet_t;
')
- allow $1 netsupport_server_packet_t:packet relabelto;
+ allow $1 ldap_server_packet_t:packet relabelto;
')
@@ -43455,7 +43898,7 @@ interface(`corenet_relabelto_netsupport_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the nmbd port.
+## Send and receive TCP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43464,17 +43907,17 @@ interface(`corenet_relabelto_netsupport_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_nmbd_port',`
+interface(`corenet_tcp_sendrecv_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 lirc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the nmbd port.
+## Send UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43483,17 +43926,17 @@ interface(`corenet_tcp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_nmbd_port',`
+interface(`corenet_udp_send_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:udp_socket send_msg;
+ allow $1 lirc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the nmbd port.
+## Do not audit attempts to send UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43502,17 +43945,17 @@ interface(`corenet_udp_send_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_nmbd_port',`
+interface(`corenet_dontaudit_udp_send_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- dontaudit $1 nmbd_port_t:udp_socket send_msg;
+ dontaudit $1 lirc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the nmbd port.
+## Receive UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43521,17 +43964,17 @@ interface(`corenet_dontaudit_udp_send_nmbd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_nmbd_port',`
+interface(`corenet_udp_receive_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:udp_socket recv_msg;
+ allow $1 lirc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the nmbd port.
+## Do not audit attempts to receive UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43540,17 +43983,17 @@ interface(`corenet_udp_receive_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_nmbd_port',`
+interface(`corenet_dontaudit_udp_receive_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- dontaudit $1 nmbd_port_t:udp_socket recv_msg;
+ dontaudit $1 lirc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the nmbd port.
+## Send and receive UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43559,15 +44002,15 @@ interface(`corenet_dontaudit_udp_receive_nmbd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_nmbd_port',`
- corenet_udp_send_nmbd_port($1)
- corenet_udp_receive_nmbd_port($1)
+interface(`corenet_udp_sendrecv_lirc_port',`
+ corenet_udp_send_lirc_port($1)
+ corenet_udp_receive_lirc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the nmbd port.
+## UDP traffic on the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43576,14 +44019,14 @@ interface(`corenet_udp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
- corenet_dontaudit_udp_send_nmbd_port($1)
- corenet_dontaudit_udp_receive_nmbd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_lirc_port',`
+ corenet_dontaudit_udp_send_lirc_port($1)
+ corenet_dontaudit_udp_receive_lirc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the nmbd port.
+## Bind TCP sockets to the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43592,18 +44035,18 @@ interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_nmbd_port',`
+interface(`corenet_tcp_bind_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 lirc_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the nmbd port.
+## Bind UDP sockets to the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43612,18 +44055,18 @@ interface(`corenet_tcp_bind_nmbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_nmbd_port',`
+interface(`corenet_udp_bind_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 lirc_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the nmbd port.
+## Make a TCP connection to the lirc port.
## </summary>
## <param name="domain">
## <summary>
@@ -43631,18 +44074,18 @@ interface(`corenet_udp_bind_nmbd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_nmbd_port',`
+interface(`corenet_tcp_connect_lirc_port',`
gen_require(`
- type nmbd_port_t;
+ type lirc_port_t;
')
- allow $1 nmbd_port_t:tcp_socket name_connect;
+ allow $1 lirc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send nmbd_client packets.
+## Send lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43651,17 +44094,17 @@ interface(`corenet_tcp_connect_nmbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nmbd_client_packets',`
+interface(`corenet_send_lirc_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type lirc_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet send;
+ allow $1 lirc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nmbd_client packets.
+## Do not audit attempts to send lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43670,17 +44113,17 @@ interface(`corenet_send_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nmbd_client_packets',`
+interface(`corenet_dontaudit_send_lirc_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type lirc_client_packet_t;
')
- dontaudit $1 nmbd_client_packet_t:packet send;
+ dontaudit $1 lirc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive nmbd_client packets.
+## Receive lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43689,17 +44132,17 @@ interface(`corenet_dontaudit_send_nmbd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nmbd_client_packets',`
+interface(`corenet_receive_lirc_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type lirc_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet recv;
+ allow $1 lirc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nmbd_client packets.
+## Do not audit attempts to receive lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43708,17 +44151,17 @@ interface(`corenet_receive_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nmbd_client_packets',`
+interface(`corenet_dontaudit_receive_lirc_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type lirc_client_packet_t;
')
- dontaudit $1 nmbd_client_packet_t:packet recv;
+ dontaudit $1 lirc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nmbd_client packets.
+## Send and receive lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43727,14 +44170,14 @@ interface(`corenet_dontaudit_receive_nmbd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nmbd_client_packets',`
- corenet_send_nmbd_client_packets($1)
- corenet_receive_nmbd_client_packets($1)
+interface(`corenet_sendrecv_lirc_client_packets',`
+ corenet_send_lirc_client_packets($1)
+ corenet_receive_lirc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nmbd_client packets.
+## Do not audit attempts to send and receive lirc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43743,14 +44186,14 @@ interface(`corenet_sendrecv_nmbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
- corenet_dontaudit_send_nmbd_client_packets($1)
- corenet_dontaudit_receive_nmbd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_lirc_client_packets',`
+ corenet_dontaudit_send_lirc_client_packets($1)
+ corenet_dontaudit_receive_lirc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to nmbd_client the packet type.
+## Relabel packets to lirc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -43758,18 +44201,18 @@ interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nmbd_client_packets',`
+interface(`corenet_relabelto_lirc_client_packets',`
gen_require(`
- type nmbd_client_packet_t;
+ type lirc_client_packet_t;
')
- allow $1 nmbd_client_packet_t:packet relabelto;
+ allow $1 lirc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send nmbd_server packets.
+## Send lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43778,17 +44221,17 @@ interface(`corenet_relabelto_nmbd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_nmbd_server_packets',`
+interface(`corenet_send_lirc_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type lirc_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet send;
+ allow $1 lirc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send nmbd_server packets.
+## Do not audit attempts to send lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43797,17 +44240,17 @@ interface(`corenet_send_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_nmbd_server_packets',`
+interface(`corenet_dontaudit_send_lirc_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type lirc_server_packet_t;
')
- dontaudit $1 nmbd_server_packet_t:packet send;
+ dontaudit $1 lirc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive nmbd_server packets.
+## Receive lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43816,17 +44259,17 @@ interface(`corenet_dontaudit_send_nmbd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_nmbd_server_packets',`
+interface(`corenet_receive_lirc_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type lirc_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet recv;
+ allow $1 lirc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive nmbd_server packets.
+## Do not audit attempts to receive lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43835,17 +44278,17 @@ interface(`corenet_receive_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_nmbd_server_packets',`
+interface(`corenet_dontaudit_receive_lirc_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type lirc_server_packet_t;
')
- dontaudit $1 nmbd_server_packet_t:packet recv;
+ dontaudit $1 lirc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive nmbd_server packets.
+## Send and receive lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43854,14 +44297,14 @@ interface(`corenet_dontaudit_receive_nmbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_nmbd_server_packets',`
- corenet_send_nmbd_server_packets($1)
- corenet_receive_nmbd_server_packets($1)
+interface(`corenet_sendrecv_lirc_server_packets',`
+ corenet_send_lirc_server_packets($1)
+ corenet_receive_lirc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive nmbd_server packets.
+## Do not audit attempts to send and receive lirc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -43870,14 +44313,14 @@ interface(`corenet_sendrecv_nmbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
- corenet_dontaudit_send_nmbd_server_packets($1)
- corenet_dontaudit_receive_nmbd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_lirc_server_packets',`
+ corenet_dontaudit_send_lirc_server_packets($1)
+ corenet_dontaudit_receive_lirc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to nmbd_server the packet type.
+## Relabel packets to lirc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -43885,12 +44328,12 @@ interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_nmbd_server_packets',`
+interface(`corenet_relabelto_lirc_server_packets',`
gen_require(`
- type nmbd_server_packet_t;
+ type lirc_server_packet_t;
')
- allow $1 nmbd_server_packet_t:packet relabelto;
+ allow $1 lirc_server_packet_t:packet relabelto;
')
@@ -43898,7 +44341,7 @@ interface(`corenet_relabelto_nmbd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ntop port.
+## Send and receive TCP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -43907,17 +44350,17 @@ interface(`corenet_relabelto_nmbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ntop_port',`
+interface(`corenet_tcp_sendrecv_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 lmtp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ntop port.
+## Send UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -43926,17 +44369,17 @@ interface(`corenet_tcp_sendrecv_ntop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ntop_port',`
+interface(`corenet_udp_send_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:udp_socket send_msg;
+ allow $1 lmtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ntop port.
+## Do not audit attempts to send UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -43945,17 +44388,17 @@ interface(`corenet_udp_send_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ntop_port',`
+interface(`corenet_dontaudit_udp_send_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- dontaudit $1 ntop_port_t:udp_socket send_msg;
+ dontaudit $1 lmtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ntop port.
+## Receive UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -43964,17 +44407,17 @@ interface(`corenet_dontaudit_udp_send_ntop_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ntop_port',`
+interface(`corenet_udp_receive_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:udp_socket recv_msg;
+ allow $1 lmtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ntop port.
+## Do not audit attempts to receive UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -43983,17 +44426,17 @@ interface(`corenet_udp_receive_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ntop_port',`
+interface(`corenet_dontaudit_udp_receive_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- dontaudit $1 ntop_port_t:udp_socket recv_msg;
+ dontaudit $1 lmtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ntop port.
+## Send and receive UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -44002,15 +44445,15 @@ interface(`corenet_dontaudit_udp_receive_ntop_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ntop_port',`
- corenet_udp_send_ntop_port($1)
- corenet_udp_receive_ntop_port($1)
+interface(`corenet_udp_sendrecv_lmtp_port',`
+ corenet_udp_send_lmtp_port($1)
+ corenet_udp_receive_lmtp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ntop port.
+## UDP traffic on the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -44019,14 +44462,14 @@ interface(`corenet_udp_sendrecv_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
- corenet_dontaudit_udp_send_ntop_port($1)
- corenet_dontaudit_udp_receive_ntop_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_lmtp_port',`
+ corenet_dontaudit_udp_send_lmtp_port($1)
+ corenet_dontaudit_udp_receive_lmtp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ntop port.
+## Bind TCP sockets to the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -44035,18 +44478,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ntop_port',`
+interface(`corenet_tcp_bind_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:tcp_socket name_bind;
+ allow $1 lmtp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ntop port.
+## Bind UDP sockets to the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -44055,18 +44498,18 @@ interface(`corenet_tcp_bind_ntop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ntop_port',`
+interface(`corenet_udp_bind_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:udp_socket name_bind;
+ allow $1 lmtp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ntop port.
+## Make a TCP connection to the lmtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -44074,18 +44517,18 @@ interface(`corenet_udp_bind_ntop_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ntop_port',`
+interface(`corenet_tcp_connect_lmtp_port',`
gen_require(`
- type ntop_port_t;
+ type lmtp_port_t;
')
- allow $1 ntop_port_t:tcp_socket name_connect;
+ allow $1 lmtp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ntop_client packets.
+## Send lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44094,17 +44537,17 @@ interface(`corenet_tcp_connect_ntop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntop_client_packets',`
+interface(`corenet_send_lmtp_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type lmtp_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet send;
+ allow $1 lmtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntop_client packets.
+## Do not audit attempts to send lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44113,17 +44556,17 @@ interface(`corenet_send_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntop_client_packets',`
+interface(`corenet_dontaudit_send_lmtp_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type lmtp_client_packet_t;
')
- dontaudit $1 ntop_client_packet_t:packet send;
+ dontaudit $1 lmtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntop_client packets.
+## Receive lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44132,17 +44575,17 @@ interface(`corenet_dontaudit_send_ntop_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntop_client_packets',`
+interface(`corenet_receive_lmtp_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type lmtp_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet recv;
+ allow $1 lmtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntop_client packets.
+## Do not audit attempts to receive lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44151,17 +44594,17 @@ interface(`corenet_receive_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntop_client_packets',`
+interface(`corenet_dontaudit_receive_lmtp_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type lmtp_client_packet_t;
')
- dontaudit $1 ntop_client_packet_t:packet recv;
+ dontaudit $1 lmtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntop_client packets.
+## Send and receive lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44170,14 +44613,14 @@ interface(`corenet_dontaudit_receive_ntop_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntop_client_packets',`
- corenet_send_ntop_client_packets($1)
- corenet_receive_ntop_client_packets($1)
+interface(`corenet_sendrecv_lmtp_client_packets',`
+ corenet_send_lmtp_client_packets($1)
+ corenet_receive_lmtp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntop_client packets.
+## Do not audit attempts to send and receive lmtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44186,14 +44629,14 @@ interface(`corenet_sendrecv_ntop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
- corenet_dontaudit_send_ntop_client_packets($1)
- corenet_dontaudit_receive_ntop_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_lmtp_client_packets',`
+ corenet_dontaudit_send_lmtp_client_packets($1)
+ corenet_dontaudit_receive_lmtp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntop_client the packet type.
+## Relabel packets to lmtp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -44201,18 +44644,18 @@ interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntop_client_packets',`
+interface(`corenet_relabelto_lmtp_client_packets',`
gen_require(`
- type ntop_client_packet_t;
+ type lmtp_client_packet_t;
')
- allow $1 ntop_client_packet_t:packet relabelto;
+ allow $1 lmtp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ntop_server packets.
+## Send lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44221,17 +44664,17 @@ interface(`corenet_relabelto_ntop_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntop_server_packets',`
+interface(`corenet_send_lmtp_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type lmtp_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet send;
+ allow $1 lmtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntop_server packets.
+## Do not audit attempts to send lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44240,17 +44683,17 @@ interface(`corenet_send_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntop_server_packets',`
+interface(`corenet_dontaudit_send_lmtp_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type lmtp_server_packet_t;
')
- dontaudit $1 ntop_server_packet_t:packet send;
+ dontaudit $1 lmtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntop_server packets.
+## Receive lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44259,17 +44702,17 @@ interface(`corenet_dontaudit_send_ntop_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntop_server_packets',`
+interface(`corenet_receive_lmtp_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type lmtp_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet recv;
+ allow $1 lmtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntop_server packets.
+## Do not audit attempts to receive lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44278,17 +44721,17 @@ interface(`corenet_receive_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntop_server_packets',`
+interface(`corenet_dontaudit_receive_lmtp_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type lmtp_server_packet_t;
')
- dontaudit $1 ntop_server_packet_t:packet recv;
+ dontaudit $1 lmtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntop_server packets.
+## Send and receive lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44297,14 +44740,14 @@ interface(`corenet_dontaudit_receive_ntop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntop_server_packets',`
- corenet_send_ntop_server_packets($1)
- corenet_receive_ntop_server_packets($1)
+interface(`corenet_sendrecv_lmtp_server_packets',`
+ corenet_send_lmtp_server_packets($1)
+ corenet_receive_lmtp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntop_server packets.
+## Do not audit attempts to send and receive lmtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44313,14 +44756,14 @@ interface(`corenet_sendrecv_ntop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
- corenet_dontaudit_send_ntop_server_packets($1)
- corenet_dontaudit_receive_ntop_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_lmtp_server_packets',`
+ corenet_dontaudit_send_lmtp_server_packets($1)
+ corenet_dontaudit_receive_lmtp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntop_server the packet type.
+## Relabel packets to lmtp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -44328,12 +44771,12 @@ interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntop_server_packets',`
+interface(`corenet_relabelto_lmtp_server_packets',`
gen_require(`
- type ntop_server_packet_t;
+ type lmtp_server_packet_t;
')
- allow $1 ntop_server_packet_t:packet relabelto;
+ allow $1 lmtp_server_packet_t:packet relabelto;
')
@@ -44341,7 +44784,7 @@ interface(`corenet_relabelto_ntop_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ntp port.
+## Send and receive TCP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44350,17 +44793,17 @@ interface(`corenet_relabelto_ntop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ntp_port',`
+interface(`corenet_tcp_sendrecv_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 lrrd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ntp port.
+## Send UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44369,17 +44812,17 @@ interface(`corenet_tcp_sendrecv_ntp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ntp_port',`
+interface(`corenet_udp_send_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:udp_socket send_msg;
+ allow $1 lrrd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ntp port.
+## Do not audit attempts to send UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44388,17 +44831,17 @@ interface(`corenet_udp_send_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ntp_port',`
+interface(`corenet_dontaudit_udp_send_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- dontaudit $1 ntp_port_t:udp_socket send_msg;
+ dontaudit $1 lrrd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ntp port.
+## Receive UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44407,17 +44850,17 @@ interface(`corenet_dontaudit_udp_send_ntp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ntp_port',`
+interface(`corenet_udp_receive_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:udp_socket recv_msg;
+ allow $1 lrrd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ntp port.
+## Do not audit attempts to receive UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44426,17 +44869,17 @@ interface(`corenet_udp_receive_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ntp_port',`
+interface(`corenet_dontaudit_udp_receive_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- dontaudit $1 ntp_port_t:udp_socket recv_msg;
+ dontaudit $1 lrrd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ntp port.
+## Send and receive UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44445,15 +44888,15 @@ interface(`corenet_dontaudit_udp_receive_ntp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ntp_port',`
- corenet_udp_send_ntp_port($1)
- corenet_udp_receive_ntp_port($1)
+interface(`corenet_udp_sendrecv_lrrd_port',`
+ corenet_udp_send_lrrd_port($1)
+ corenet_udp_receive_lrrd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ntp port.
+## UDP traffic on the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44462,14 +44905,14 @@ interface(`corenet_udp_sendrecv_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
- corenet_dontaudit_udp_send_ntp_port($1)
- corenet_dontaudit_udp_receive_ntp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_lrrd_port',`
+ corenet_dontaudit_udp_send_lrrd_port($1)
+ corenet_dontaudit_udp_receive_lrrd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ntp port.
+## Bind TCP sockets to the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44478,18 +44921,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ntp_port',`
+interface(`corenet_tcp_bind_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 lrrd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the ntp port.
+## Bind UDP sockets to the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44498,18 +44941,18 @@ interface(`corenet_tcp_bind_ntp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ntp_port',`
+interface(`corenet_udp_bind_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 lrrd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the ntp port.
+## Make a TCP connection to the lrrd port.
## </summary>
## <param name="domain">
## <summary>
@@ -44517,18 +44960,18 @@ interface(`corenet_udp_bind_ntp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ntp_port',`
+interface(`corenet_tcp_connect_lrrd_port',`
gen_require(`
- type ntp_port_t;
+ type lrrd_port_t;
')
- allow $1 ntp_port_t:tcp_socket name_connect;
+ allow $1 lrrd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ntp_client packets.
+## Send lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44537,17 +44980,17 @@ interface(`corenet_tcp_connect_ntp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntp_client_packets',`
+interface(`corenet_send_lrrd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type lrrd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet send;
+ allow $1 lrrd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntp_client packets.
+## Do not audit attempts to send lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44556,17 +44999,17 @@ interface(`corenet_send_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntp_client_packets',`
+interface(`corenet_dontaudit_send_lrrd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type lrrd_client_packet_t;
')
- dontaudit $1 ntp_client_packet_t:packet send;
+ dontaudit $1 lrrd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntp_client packets.
+## Receive lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44575,17 +45018,17 @@ interface(`corenet_dontaudit_send_ntp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntp_client_packets',`
+interface(`corenet_receive_lrrd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type lrrd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet recv;
+ allow $1 lrrd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntp_client packets.
+## Do not audit attempts to receive lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44594,17 +45037,17 @@ interface(`corenet_receive_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntp_client_packets',`
+interface(`corenet_dontaudit_receive_lrrd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type lrrd_client_packet_t;
')
- dontaudit $1 ntp_client_packet_t:packet recv;
+ dontaudit $1 lrrd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntp_client packets.
+## Send and receive lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44613,14 +45056,14 @@ interface(`corenet_dontaudit_receive_ntp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntp_client_packets',`
- corenet_send_ntp_client_packets($1)
- corenet_receive_ntp_client_packets($1)
+interface(`corenet_sendrecv_lrrd_client_packets',`
+ corenet_send_lrrd_client_packets($1)
+ corenet_receive_lrrd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntp_client packets.
+## Do not audit attempts to send and receive lrrd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44629,14 +45072,14 @@ interface(`corenet_sendrecv_ntp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
- corenet_dontaudit_send_ntp_client_packets($1)
- corenet_dontaudit_receive_ntp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_lrrd_client_packets',`
+ corenet_dontaudit_send_lrrd_client_packets($1)
+ corenet_dontaudit_receive_lrrd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntp_client the packet type.
+## Relabel packets to lrrd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -44644,18 +45087,18 @@ interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntp_client_packets',`
+interface(`corenet_relabelto_lrrd_client_packets',`
gen_require(`
- type ntp_client_packet_t;
+ type lrrd_client_packet_t;
')
- allow $1 ntp_client_packet_t:packet relabelto;
+ allow $1 lrrd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ntp_server packets.
+## Send lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44664,17 +45107,17 @@ interface(`corenet_relabelto_ntp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ntp_server_packets',`
+interface(`corenet_send_lrrd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type lrrd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet send;
+ allow $1 lrrd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ntp_server packets.
+## Do not audit attempts to send lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44683,17 +45126,17 @@ interface(`corenet_send_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ntp_server_packets',`
+interface(`corenet_dontaudit_send_lrrd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type lrrd_server_packet_t;
')
- dontaudit $1 ntp_server_packet_t:packet send;
+ dontaudit $1 lrrd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ntp_server packets.
+## Receive lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44702,17 +45145,17 @@ interface(`corenet_dontaudit_send_ntp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ntp_server_packets',`
+interface(`corenet_receive_lrrd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type lrrd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet recv;
+ allow $1 lrrd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ntp_server packets.
+## Do not audit attempts to receive lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44721,17 +45164,17 @@ interface(`corenet_receive_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ntp_server_packets',`
+interface(`corenet_dontaudit_receive_lrrd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type lrrd_server_packet_t;
')
- dontaudit $1 ntp_server_packet_t:packet recv;
+ dontaudit $1 lrrd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ntp_server packets.
+## Send and receive lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44740,14 +45183,14 @@ interface(`corenet_dontaudit_receive_ntp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ntp_server_packets',`
- corenet_send_ntp_server_packets($1)
- corenet_receive_ntp_server_packets($1)
+interface(`corenet_sendrecv_lrrd_server_packets',`
+ corenet_send_lrrd_server_packets($1)
+ corenet_receive_lrrd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ntp_server packets.
+## Do not audit attempts to send and receive lrrd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44756,14 +45199,14 @@ interface(`corenet_sendrecv_ntp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
- corenet_dontaudit_send_ntp_server_packets($1)
- corenet_dontaudit_receive_ntp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_lrrd_server_packets',`
+ corenet_dontaudit_send_lrrd_server_packets($1)
+ corenet_dontaudit_receive_lrrd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ntp_server the packet type.
+## Relabel packets to lrrd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -44771,20 +45214,20 @@ interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ntp_server_packets',`
+interface(`corenet_relabelto_lrrd_server_packets',`
gen_require(`
- type ntp_server_packet_t;
+ type lrrd_server_packet_t;
')
- allow $1 ntp_server_packet_t:packet relabelto;
+ allow $1 lrrd_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the oracledb port.
+## Send and receive TCP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44793,17 +45236,17 @@ interface(`corenet_relabelto_ntp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_oracledb_port',`
+interface(`corenet_tcp_sendrecv_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mail_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the oracledb port.
+## Send UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44812,17 +45255,17 @@ interface(`corenet_tcp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_oracledb_port',`
+interface(`corenet_udp_send_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:udp_socket send_msg;
+ allow $1 mail_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the oracledb port.
+## Do not audit attempts to send UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44831,17 +45274,17 @@ interface(`corenet_udp_send_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_oracledb_port',`
+interface(`corenet_dontaudit_udp_send_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- dontaudit $1 oracledb_port_t:udp_socket send_msg;
+ dontaudit $1 mail_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the oracledb port.
+## Receive UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44850,17 +45293,17 @@ interface(`corenet_dontaudit_udp_send_oracledb_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_oracledb_port',`
+interface(`corenet_udp_receive_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:udp_socket recv_msg;
+ allow $1 mail_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the oracledb port.
+## Do not audit attempts to receive UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44869,17 +45312,17 @@ interface(`corenet_udp_receive_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_oracledb_port',`
+interface(`corenet_dontaudit_udp_receive_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- dontaudit $1 oracledb_port_t:udp_socket recv_msg;
+ dontaudit $1 mail_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the oracledb port.
+## Send and receive UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44888,15 +45331,15 @@ interface(`corenet_dontaudit_udp_receive_oracledb_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_oracledb_port',`
- corenet_udp_send_oracledb_port($1)
- corenet_udp_receive_oracledb_port($1)
+interface(`corenet_udp_sendrecv_mail_port',`
+ corenet_udp_send_mail_port($1)
+ corenet_udp_receive_mail_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the oracledb port.
+## UDP traffic on the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44905,14 +45348,14 @@ interface(`corenet_udp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
- corenet_dontaudit_udp_send_oracledb_port($1)
- corenet_dontaudit_udp_receive_oracledb_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mail_port',`
+ corenet_dontaudit_udp_send_mail_port($1)
+ corenet_dontaudit_udp_receive_mail_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the oracledb port.
+## Bind TCP sockets to the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44921,18 +45364,18 @@ interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_oracledb_port',`
+interface(`corenet_tcp_bind_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:tcp_socket name_bind;
+ allow $1 mail_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the oracledb port.
+## Bind UDP sockets to the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44941,18 +45384,18 @@ interface(`corenet_tcp_bind_oracledb_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_oracledb_port',`
+interface(`corenet_udp_bind_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:udp_socket name_bind;
+ allow $1 mail_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the oracledb port.
+## Make a TCP connection to the mail port.
## </summary>
## <param name="domain">
## <summary>
@@ -44960,18 +45403,18 @@ interface(`corenet_udp_bind_oracledb_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_oracledb_port',`
+interface(`corenet_tcp_connect_mail_port',`
gen_require(`
- type oracledb_port_t;
+ type mail_port_t;
')
- allow $1 oracledb_port_t:tcp_socket name_connect;
+ allow $1 mail_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send oracledb_client packets.
+## Send mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44980,17 +45423,17 @@ interface(`corenet_tcp_connect_oracledb_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oracledb_client_packets',`
+interface(`corenet_send_mail_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type mail_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet send;
+ allow $1 mail_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oracledb_client packets.
+## Do not audit attempts to send mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -44999,17 +45442,17 @@ interface(`corenet_send_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oracledb_client_packets',`
+interface(`corenet_dontaudit_send_mail_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type mail_client_packet_t;
')
- dontaudit $1 oracledb_client_packet_t:packet send;
+ dontaudit $1 mail_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive oracledb_client packets.
+## Receive mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45018,17 +45461,17 @@ interface(`corenet_dontaudit_send_oracledb_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oracledb_client_packets',`
+interface(`corenet_receive_mail_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type mail_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet recv;
+ allow $1 mail_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oracledb_client packets.
+## Do not audit attempts to receive mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45037,17 +45480,17 @@ interface(`corenet_receive_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oracledb_client_packets',`
+interface(`corenet_dontaudit_receive_mail_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type mail_client_packet_t;
')
- dontaudit $1 oracledb_client_packet_t:packet recv;
+ dontaudit $1 mail_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oracledb_client packets.
+## Send and receive mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45056,14 +45499,14 @@ interface(`corenet_dontaudit_receive_oracledb_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oracledb_client_packets',`
- corenet_send_oracledb_client_packets($1)
- corenet_receive_oracledb_client_packets($1)
+interface(`corenet_sendrecv_mail_client_packets',`
+ corenet_send_mail_client_packets($1)
+ corenet_receive_mail_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oracledb_client packets.
+## Do not audit attempts to send and receive mail_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45072,14 +45515,14 @@ interface(`corenet_sendrecv_oracledb_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
- corenet_dontaudit_send_oracledb_client_packets($1)
- corenet_dontaudit_receive_oracledb_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mail_client_packets',`
+ corenet_dontaudit_send_mail_client_packets($1)
+ corenet_dontaudit_receive_mail_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to oracledb_client the packet type.
+## Relabel packets to mail_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -45087,18 +45530,18 @@ interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oracledb_client_packets',`
+interface(`corenet_relabelto_mail_client_packets',`
gen_require(`
- type oracledb_client_packet_t;
+ type mail_client_packet_t;
')
- allow $1 oracledb_client_packet_t:packet relabelto;
+ allow $1 mail_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send oracledb_server packets.
+## Send mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45107,17 +45550,17 @@ interface(`corenet_relabelto_oracledb_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_oracledb_server_packets',`
+interface(`corenet_send_mail_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type mail_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet send;
+ allow $1 mail_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send oracledb_server packets.
+## Do not audit attempts to send mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45126,17 +45569,17 @@ interface(`corenet_send_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_oracledb_server_packets',`
+interface(`corenet_dontaudit_send_mail_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type mail_server_packet_t;
')
- dontaudit $1 oracledb_server_packet_t:packet send;
+ dontaudit $1 mail_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive oracledb_server packets.
+## Receive mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45145,17 +45588,17 @@ interface(`corenet_dontaudit_send_oracledb_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_oracledb_server_packets',`
+interface(`corenet_receive_mail_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type mail_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet recv;
+ allow $1 mail_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive oracledb_server packets.
+## Do not audit attempts to receive mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45164,17 +45607,17 @@ interface(`corenet_receive_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_oracledb_server_packets',`
+interface(`corenet_dontaudit_receive_mail_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type mail_server_packet_t;
')
- dontaudit $1 oracledb_server_packet_t:packet recv;
+ dontaudit $1 mail_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive oracledb_server packets.
+## Send and receive mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45183,14 +45626,14 @@ interface(`corenet_dontaudit_receive_oracledb_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_oracledb_server_packets',`
- corenet_send_oracledb_server_packets($1)
- corenet_receive_oracledb_server_packets($1)
+interface(`corenet_sendrecv_mail_server_packets',`
+ corenet_send_mail_server_packets($1)
+ corenet_receive_mail_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive oracledb_server packets.
+## Do not audit attempts to send and receive mail_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45199,14 +45642,14 @@ interface(`corenet_sendrecv_oracledb_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
- corenet_dontaudit_send_oracledb_server_packets($1)
- corenet_dontaudit_receive_oracledb_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mail_server_packets',`
+ corenet_dontaudit_send_mail_server_packets($1)
+ corenet_dontaudit_receive_mail_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to oracledb_server the packet type.
+## Relabel packets to mail_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -45214,12 +45657,12 @@ interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_oracledb_server_packets',`
+interface(`corenet_relabelto_mail_server_packets',`
gen_require(`
- type oracledb_server_packet_t;
+ type mail_server_packet_t;
')
- allow $1 oracledb_server_packet_t:packet relabelto;
+ allow $1 mail_server_packet_t:packet relabelto;
')
@@ -45227,7 +45670,7 @@ interface(`corenet_relabelto_oracledb_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ocsp port.
+## Send and receive TCP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45236,17 +45679,17 @@ interface(`corenet_relabelto_oracledb_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ocsp_port',`
+interface(`corenet_tcp_sendrecv_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 matahari_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ocsp port.
+## Send UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45255,17 +45698,17 @@ interface(`corenet_tcp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ocsp_port',`
+interface(`corenet_udp_send_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:udp_socket send_msg;
+ allow $1 matahari_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ocsp port.
+## Do not audit attempts to send UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45274,17 +45717,17 @@ interface(`corenet_udp_send_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ocsp_port',`
+interface(`corenet_dontaudit_udp_send_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- dontaudit $1 ocsp_port_t:udp_socket send_msg;
+ dontaudit $1 matahari_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ocsp port.
+## Receive UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45293,17 +45736,17 @@ interface(`corenet_dontaudit_udp_send_ocsp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ocsp_port',`
+interface(`corenet_udp_receive_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:udp_socket recv_msg;
+ allow $1 matahari_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ocsp port.
+## Do not audit attempts to receive UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45312,17 +45755,17 @@ interface(`corenet_udp_receive_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ocsp_port',`
+interface(`corenet_dontaudit_udp_receive_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- dontaudit $1 ocsp_port_t:udp_socket recv_msg;
+ dontaudit $1 matahari_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ocsp port.
+## Send and receive UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45331,15 +45774,15 @@ interface(`corenet_dontaudit_udp_receive_ocsp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ocsp_port',`
- corenet_udp_send_ocsp_port($1)
- corenet_udp_receive_ocsp_port($1)
+interface(`corenet_udp_sendrecv_matahari_port',`
+ corenet_udp_send_matahari_port($1)
+ corenet_udp_receive_matahari_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ocsp port.
+## UDP traffic on the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45348,14 +45791,14 @@ interface(`corenet_udp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
- corenet_dontaudit_udp_send_ocsp_port($1)
- corenet_dontaudit_udp_receive_ocsp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_matahari_port',`
+ corenet_dontaudit_udp_send_matahari_port($1)
+ corenet_dontaudit_udp_receive_matahari_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ocsp port.
+## Bind TCP sockets to the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45364,18 +45807,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ocsp_port',`
+interface(`corenet_tcp_bind_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:tcp_socket name_bind;
+ allow $1 matahari_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ocsp port.
+## Bind UDP sockets to the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45384,18 +45827,18 @@ interface(`corenet_tcp_bind_ocsp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ocsp_port',`
+interface(`corenet_udp_bind_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:udp_socket name_bind;
+ allow $1 matahari_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ocsp port.
+## Make a TCP connection to the matahari port.
## </summary>
## <param name="domain">
## <summary>
@@ -45403,18 +45846,18 @@ interface(`corenet_udp_bind_ocsp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ocsp_port',`
+interface(`corenet_tcp_connect_matahari_port',`
gen_require(`
- type ocsp_port_t;
+ type matahari_port_t;
')
- allow $1 ocsp_port_t:tcp_socket name_connect;
+ allow $1 matahari_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ocsp_client packets.
+## Send matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45423,17 +45866,17 @@ interface(`corenet_tcp_connect_ocsp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ocsp_client_packets',`
+interface(`corenet_send_matahari_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type matahari_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet send;
+ allow $1 matahari_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ocsp_client packets.
+## Do not audit attempts to send matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45442,17 +45885,17 @@ interface(`corenet_send_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ocsp_client_packets',`
+interface(`corenet_dontaudit_send_matahari_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type matahari_client_packet_t;
')
- dontaudit $1 ocsp_client_packet_t:packet send;
+ dontaudit $1 matahari_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ocsp_client packets.
+## Receive matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45461,17 +45904,17 @@ interface(`corenet_dontaudit_send_ocsp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ocsp_client_packets',`
+interface(`corenet_receive_matahari_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type matahari_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet recv;
+ allow $1 matahari_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ocsp_client packets.
+## Do not audit attempts to receive matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45480,17 +45923,17 @@ interface(`corenet_receive_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ocsp_client_packets',`
+interface(`corenet_dontaudit_receive_matahari_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type matahari_client_packet_t;
')
- dontaudit $1 ocsp_client_packet_t:packet recv;
+ dontaudit $1 matahari_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ocsp_client packets.
+## Send and receive matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45499,14 +45942,14 @@ interface(`corenet_dontaudit_receive_ocsp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ocsp_client_packets',`
- corenet_send_ocsp_client_packets($1)
- corenet_receive_ocsp_client_packets($1)
+interface(`corenet_sendrecv_matahari_client_packets',`
+ corenet_send_matahari_client_packets($1)
+ corenet_receive_matahari_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ocsp_client packets.
+## Do not audit attempts to send and receive matahari_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45515,14 +45958,14 @@ interface(`corenet_sendrecv_ocsp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
- corenet_dontaudit_send_ocsp_client_packets($1)
- corenet_dontaudit_receive_ocsp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_matahari_client_packets',`
+ corenet_dontaudit_send_matahari_client_packets($1)
+ corenet_dontaudit_receive_matahari_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ocsp_client the packet type.
+## Relabel packets to matahari_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -45530,18 +45973,18 @@ interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ocsp_client_packets',`
+interface(`corenet_relabelto_matahari_client_packets',`
gen_require(`
- type ocsp_client_packet_t;
+ type matahari_client_packet_t;
')
- allow $1 ocsp_client_packet_t:packet relabelto;
+ allow $1 matahari_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ocsp_server packets.
+## Send matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45550,17 +45993,17 @@ interface(`corenet_relabelto_ocsp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ocsp_server_packets',`
+interface(`corenet_send_matahari_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type matahari_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet send;
+ allow $1 matahari_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ocsp_server packets.
+## Do not audit attempts to send matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45569,17 +46012,17 @@ interface(`corenet_send_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ocsp_server_packets',`
+interface(`corenet_dontaudit_send_matahari_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type matahari_server_packet_t;
')
- dontaudit $1 ocsp_server_packet_t:packet send;
+ dontaudit $1 matahari_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ocsp_server packets.
+## Receive matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45588,17 +46031,17 @@ interface(`corenet_dontaudit_send_ocsp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ocsp_server_packets',`
+interface(`corenet_receive_matahari_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type matahari_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet recv;
+ allow $1 matahari_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ocsp_server packets.
+## Do not audit attempts to receive matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45607,17 +46050,17 @@ interface(`corenet_receive_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ocsp_server_packets',`
+interface(`corenet_dontaudit_receive_matahari_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type matahari_server_packet_t;
')
- dontaudit $1 ocsp_server_packet_t:packet recv;
+ dontaudit $1 matahari_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ocsp_server packets.
+## Send and receive matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45626,14 +46069,14 @@ interface(`corenet_dontaudit_receive_ocsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ocsp_server_packets',`
- corenet_send_ocsp_server_packets($1)
- corenet_receive_ocsp_server_packets($1)
+interface(`corenet_sendrecv_matahari_server_packets',`
+ corenet_send_matahari_server_packets($1)
+ corenet_receive_matahari_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ocsp_server packets.
+## Do not audit attempts to send and receive matahari_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45642,14 +46085,14 @@ interface(`corenet_sendrecv_ocsp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
- corenet_dontaudit_send_ocsp_server_packets($1)
- corenet_dontaudit_receive_ocsp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_matahari_server_packets',`
+ corenet_dontaudit_send_matahari_server_packets($1)
+ corenet_dontaudit_receive_matahari_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ocsp_server the packet type.
+## Relabel packets to matahari_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -45657,12 +46100,12 @@ interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ocsp_server_packets',`
+interface(`corenet_relabelto_matahari_server_packets',`
gen_require(`
- type ocsp_server_packet_t;
+ type matahari_server_packet_t;
')
- allow $1 ocsp_server_packet_t:packet relabelto;
+ allow $1 matahari_server_packet_t:packet relabelto;
')
@@ -45670,7 +46113,7 @@ interface(`corenet_relabelto_ocsp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the openvpn port.
+## Send and receive TCP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45679,17 +46122,17 @@ interface(`corenet_relabelto_ocsp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_openvpn_port',`
+interface(`corenet_tcp_sendrecv_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 memcache_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the openvpn port.
+## Send UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45698,17 +46141,17 @@ interface(`corenet_tcp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_openvpn_port',`
+interface(`corenet_udp_send_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:udp_socket send_msg;
+ allow $1 memcache_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the openvpn port.
+## Do not audit attempts to send UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45717,17 +46160,17 @@ interface(`corenet_udp_send_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_openvpn_port',`
+interface(`corenet_dontaudit_udp_send_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- dontaudit $1 openvpn_port_t:udp_socket send_msg;
+ dontaudit $1 memcache_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the openvpn port.
+## Receive UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45736,17 +46179,17 @@ interface(`corenet_dontaudit_udp_send_openvpn_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_openvpn_port',`
+interface(`corenet_udp_receive_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:udp_socket recv_msg;
+ allow $1 memcache_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the openvpn port.
+## Do not audit attempts to receive UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45755,17 +46198,17 @@ interface(`corenet_udp_receive_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_openvpn_port',`
+interface(`corenet_dontaudit_udp_receive_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- dontaudit $1 openvpn_port_t:udp_socket recv_msg;
+ dontaudit $1 memcache_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the openvpn port.
+## Send and receive UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45774,15 +46217,15 @@ interface(`corenet_dontaudit_udp_receive_openvpn_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_openvpn_port',`
- corenet_udp_send_openvpn_port($1)
- corenet_udp_receive_openvpn_port($1)
+interface(`corenet_udp_sendrecv_memcache_port',`
+ corenet_udp_send_memcache_port($1)
+ corenet_udp_receive_memcache_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the openvpn port.
+## UDP traffic on the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45791,14 +46234,14 @@ interface(`corenet_udp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
- corenet_dontaudit_udp_send_openvpn_port($1)
- corenet_dontaudit_udp_receive_openvpn_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_memcache_port',`
+ corenet_dontaudit_udp_send_memcache_port($1)
+ corenet_dontaudit_udp_receive_memcache_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the openvpn port.
+## Bind TCP sockets to the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45807,18 +46250,18 @@ interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_openvpn_port',`
+interface(`corenet_tcp_bind_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:tcp_socket name_bind;
+ allow $1 memcache_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the openvpn port.
+## Bind UDP sockets to the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45827,18 +46270,18 @@ interface(`corenet_tcp_bind_openvpn_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_openvpn_port',`
+interface(`corenet_udp_bind_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:udp_socket name_bind;
+ allow $1 memcache_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the openvpn port.
+## Make a TCP connection to the memcache port.
## </summary>
## <param name="domain">
## <summary>
@@ -45846,18 +46289,18 @@ interface(`corenet_udp_bind_openvpn_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_openvpn_port',`
+interface(`corenet_tcp_connect_memcache_port',`
gen_require(`
- type openvpn_port_t;
+ type memcache_port_t;
')
- allow $1 openvpn_port_t:tcp_socket name_connect;
+ allow $1 memcache_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send openvpn_client packets.
+## Send memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45866,17 +46309,17 @@ interface(`corenet_tcp_connect_openvpn_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openvpn_client_packets',`
+interface(`corenet_send_memcache_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type memcache_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet send;
+ allow $1 memcache_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openvpn_client packets.
+## Do not audit attempts to send memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45885,17 +46328,17 @@ interface(`corenet_send_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openvpn_client_packets',`
+interface(`corenet_dontaudit_send_memcache_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type memcache_client_packet_t;
')
- dontaudit $1 openvpn_client_packet_t:packet send;
+ dontaudit $1 memcache_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive openvpn_client packets.
+## Receive memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45904,17 +46347,17 @@ interface(`corenet_dontaudit_send_openvpn_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openvpn_client_packets',`
+interface(`corenet_receive_memcache_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type memcache_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet recv;
+ allow $1 memcache_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openvpn_client packets.
+## Do not audit attempts to receive memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45923,17 +46366,17 @@ interface(`corenet_receive_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openvpn_client_packets',`
+interface(`corenet_dontaudit_receive_memcache_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type memcache_client_packet_t;
')
- dontaudit $1 openvpn_client_packet_t:packet recv;
+ dontaudit $1 memcache_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openvpn_client packets.
+## Send and receive memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45942,14 +46385,14 @@ interface(`corenet_dontaudit_receive_openvpn_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openvpn_client_packets',`
- corenet_send_openvpn_client_packets($1)
- corenet_receive_openvpn_client_packets($1)
+interface(`corenet_sendrecv_memcache_client_packets',`
+ corenet_send_memcache_client_packets($1)
+ corenet_receive_memcache_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openvpn_client packets.
+## Do not audit attempts to send and receive memcache_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45958,14 +46401,14 @@ interface(`corenet_sendrecv_openvpn_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
- corenet_dontaudit_send_openvpn_client_packets($1)
- corenet_dontaudit_receive_openvpn_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_memcache_client_packets',`
+ corenet_dontaudit_send_memcache_client_packets($1)
+ corenet_dontaudit_receive_memcache_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to openvpn_client the packet type.
+## Relabel packets to memcache_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -45973,18 +46416,18 @@ interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openvpn_client_packets',`
+interface(`corenet_relabelto_memcache_client_packets',`
gen_require(`
- type openvpn_client_packet_t;
+ type memcache_client_packet_t;
')
- allow $1 openvpn_client_packet_t:packet relabelto;
+ allow $1 memcache_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send openvpn_server packets.
+## Send memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -45993,17 +46436,17 @@ interface(`corenet_relabelto_openvpn_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_openvpn_server_packets',`
+interface(`corenet_send_memcache_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type memcache_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet send;
+ allow $1 memcache_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send openvpn_server packets.
+## Do not audit attempts to send memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46012,17 +46455,17 @@ interface(`corenet_send_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_openvpn_server_packets',`
+interface(`corenet_dontaudit_send_memcache_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type memcache_server_packet_t;
')
- dontaudit $1 openvpn_server_packet_t:packet send;
+ dontaudit $1 memcache_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive openvpn_server packets.
+## Receive memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46031,17 +46474,17 @@ interface(`corenet_dontaudit_send_openvpn_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_openvpn_server_packets',`
+interface(`corenet_receive_memcache_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type memcache_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet recv;
+ allow $1 memcache_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive openvpn_server packets.
+## Do not audit attempts to receive memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46050,17 +46493,17 @@ interface(`corenet_receive_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_openvpn_server_packets',`
+interface(`corenet_dontaudit_receive_memcache_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type memcache_server_packet_t;
')
- dontaudit $1 openvpn_server_packet_t:packet recv;
+ dontaudit $1 memcache_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive openvpn_server packets.
+## Send and receive memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46069,14 +46512,14 @@ interface(`corenet_dontaudit_receive_openvpn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_openvpn_server_packets',`
- corenet_send_openvpn_server_packets($1)
- corenet_receive_openvpn_server_packets($1)
+interface(`corenet_sendrecv_memcache_server_packets',`
+ corenet_send_memcache_server_packets($1)
+ corenet_receive_memcache_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive openvpn_server packets.
+## Do not audit attempts to send and receive memcache_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46085,14 +46528,14 @@ interface(`corenet_sendrecv_openvpn_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
- corenet_dontaudit_send_openvpn_server_packets($1)
- corenet_dontaudit_receive_openvpn_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_memcache_server_packets',`
+ corenet_dontaudit_send_memcache_server_packets($1)
+ corenet_dontaudit_receive_memcache_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to openvpn_server the packet type.
+## Relabel packets to memcache_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -46100,12 +46543,12 @@ interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_openvpn_server_packets',`
+interface(`corenet_relabelto_memcache_server_packets',`
gen_require(`
- type openvpn_server_packet_t;
+ type memcache_server_packet_t;
')
- allow $1 openvpn_server_packet_t:packet relabelto;
+ allow $1 memcache_server_packet_t:packet relabelto;
')
@@ -46113,7 +46556,7 @@ interface(`corenet_relabelto_openvpn_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pegasus_http port.
+## Send and receive TCP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46122,17 +46565,17 @@ interface(`corenet_relabelto_openvpn_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pegasus_http_port',`
+interface(`corenet_tcp_sendrecv_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 milter_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pegasus_http port.
+## Send UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46141,17 +46584,17 @@ interface(`corenet_tcp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pegasus_http_port',`
+interface(`corenet_udp_send_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket send_msg;
+ allow $1 milter_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pegasus_http port.
+## Do not audit attempts to send UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46160,17 +46603,17 @@ interface(`corenet_udp_send_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
+interface(`corenet_dontaudit_udp_send_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- dontaudit $1 pegasus_http_port_t:udp_socket send_msg;
+ dontaudit $1 milter_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pegasus_http port.
+## Receive UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46179,17 +46622,17 @@ interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pegasus_http_port',`
+interface(`corenet_udp_receive_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket recv_msg;
+ allow $1 milter_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pegasus_http port.
+## Do not audit attempts to receive UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46198,17 +46641,17 @@ interface(`corenet_udp_receive_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
+interface(`corenet_dontaudit_udp_receive_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- dontaudit $1 pegasus_http_port_t:udp_socket recv_msg;
+ dontaudit $1 milter_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pegasus_http port.
+## Send and receive UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46217,15 +46660,15 @@ interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pegasus_http_port',`
- corenet_udp_send_pegasus_http_port($1)
- corenet_udp_receive_pegasus_http_port($1)
+interface(`corenet_udp_sendrecv_milter_port',`
+ corenet_udp_send_milter_port($1)
+ corenet_udp_receive_milter_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pegasus_http port.
+## UDP traffic on the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46234,14 +46677,14 @@ interface(`corenet_udp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
- corenet_dontaudit_udp_send_pegasus_http_port($1)
- corenet_dontaudit_udp_receive_pegasus_http_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_milter_port',`
+ corenet_dontaudit_udp_send_milter_port($1)
+ corenet_dontaudit_udp_receive_milter_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pegasus_http port.
+## Bind TCP sockets to the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46250,18 +46693,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pegasus_http_port',`
+interface(`corenet_tcp_bind_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket name_bind;
+ allow $1 milter_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pegasus_http port.
+## Bind UDP sockets to the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46270,18 +46713,18 @@ interface(`corenet_tcp_bind_pegasus_http_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pegasus_http_port',`
+interface(`corenet_udp_bind_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:udp_socket name_bind;
+ allow $1 milter_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pegasus_http port.
+## Make a TCP connection to the milter port.
## </summary>
## <param name="domain">
## <summary>
@@ -46289,18 +46732,18 @@ interface(`corenet_udp_bind_pegasus_http_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pegasus_http_port',`
+interface(`corenet_tcp_connect_milter_port',`
gen_require(`
- type pegasus_http_port_t;
+ type milter_port_t;
')
- allow $1 pegasus_http_port_t:tcp_socket name_connect;
+ allow $1 milter_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pegasus_http_client packets.
+## Send milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46309,17 +46752,17 @@ interface(`corenet_tcp_connect_pegasus_http_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_http_client_packets',`
+interface(`corenet_send_milter_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type milter_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet send;
+ allow $1 milter_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_http_client packets.
+## Do not audit attempts to send milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46328,17 +46771,17 @@ interface(`corenet_send_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
+interface(`corenet_dontaudit_send_milter_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type milter_client_packet_t;
')
- dontaudit $1 pegasus_http_client_packet_t:packet send;
+ dontaudit $1 milter_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_http_client packets.
+## Receive milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46347,17 +46790,17 @@ interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_http_client_packets',`
+interface(`corenet_receive_milter_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type milter_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet recv;
+ allow $1 milter_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_http_client packets.
+## Do not audit attempts to receive milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46366,17 +46809,17 @@ interface(`corenet_receive_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
+interface(`corenet_dontaudit_receive_milter_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type milter_client_packet_t;
')
- dontaudit $1 pegasus_http_client_packet_t:packet recv;
+ dontaudit $1 milter_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_http_client packets.
+## Send and receive milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46385,14 +46828,14 @@ interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_http_client_packets',`
- corenet_send_pegasus_http_client_packets($1)
- corenet_receive_pegasus_http_client_packets($1)
+interface(`corenet_sendrecv_milter_client_packets',`
+ corenet_send_milter_client_packets($1)
+ corenet_receive_milter_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_http_client packets.
+## Do not audit attempts to send and receive milter_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46401,14 +46844,14 @@ interface(`corenet_sendrecv_pegasus_http_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
- corenet_dontaudit_send_pegasus_http_client_packets($1)
- corenet_dontaudit_receive_pegasus_http_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_milter_client_packets',`
+ corenet_dontaudit_send_milter_client_packets($1)
+ corenet_dontaudit_receive_milter_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_http_client the packet type.
+## Relabel packets to milter_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -46416,18 +46859,18 @@ interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_http_client_packets',`
+interface(`corenet_relabelto_milter_client_packets',`
gen_require(`
- type pegasus_http_client_packet_t;
+ type milter_client_packet_t;
')
- allow $1 pegasus_http_client_packet_t:packet relabelto;
+ allow $1 milter_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pegasus_http_server packets.
+## Send milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46436,17 +46879,17 @@ interface(`corenet_relabelto_pegasus_http_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_http_server_packets',`
+interface(`corenet_send_milter_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type milter_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet send;
+ allow $1 milter_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_http_server packets.
+## Do not audit attempts to send milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46455,17 +46898,17 @@ interface(`corenet_send_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
+interface(`corenet_dontaudit_send_milter_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type milter_server_packet_t;
')
- dontaudit $1 pegasus_http_server_packet_t:packet send;
+ dontaudit $1 milter_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_http_server packets.
+## Receive milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46474,17 +46917,17 @@ interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_http_server_packets',`
+interface(`corenet_receive_milter_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type milter_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet recv;
+ allow $1 milter_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_http_server packets.
+## Do not audit attempts to receive milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46493,17 +46936,17 @@ interface(`corenet_receive_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
+interface(`corenet_dontaudit_receive_milter_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type milter_server_packet_t;
')
- dontaudit $1 pegasus_http_server_packet_t:packet recv;
+ dontaudit $1 milter_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_http_server packets.
+## Send and receive milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46512,14 +46955,14 @@ interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_http_server_packets',`
- corenet_send_pegasus_http_server_packets($1)
- corenet_receive_pegasus_http_server_packets($1)
+interface(`corenet_sendrecv_milter_server_packets',`
+ corenet_send_milter_server_packets($1)
+ corenet_receive_milter_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_http_server packets.
+## Do not audit attempts to send and receive milter_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46528,14 +46971,14 @@ interface(`corenet_sendrecv_pegasus_http_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
- corenet_dontaudit_send_pegasus_http_server_packets($1)
- corenet_dontaudit_receive_pegasus_http_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_milter_server_packets',`
+ corenet_dontaudit_send_milter_server_packets($1)
+ corenet_dontaudit_receive_milter_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_http_server the packet type.
+## Relabel packets to milter_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -46543,20 +46986,20 @@ interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_http_server_packets',`
+interface(`corenet_relabelto_milter_server_packets',`
gen_require(`
- type pegasus_http_server_packet_t;
+ type milter_server_packet_t;
')
- allow $1 pegasus_http_server_packet_t:packet relabelto;
+ allow $1 milter_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the pegasus_https port.
+## Send and receive TCP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46565,17 +47008,17 @@ interface(`corenet_relabelto_pegasus_http_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pegasus_https_port',`
+interface(`corenet_tcp_sendrecv_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mmcc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pegasus_https port.
+## Send UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46584,17 +47027,17 @@ interface(`corenet_tcp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pegasus_https_port',`
+interface(`corenet_udp_send_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket send_msg;
+ allow $1 mmcc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pegasus_https port.
+## Do not audit attempts to send UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46603,17 +47046,17 @@ interface(`corenet_udp_send_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
+interface(`corenet_dontaudit_udp_send_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- dontaudit $1 pegasus_https_port_t:udp_socket send_msg;
+ dontaudit $1 mmcc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pegasus_https port.
+## Receive UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46622,17 +47065,17 @@ interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pegasus_https_port',`
+interface(`corenet_udp_receive_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket recv_msg;
+ allow $1 mmcc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pegasus_https port.
+## Do not audit attempts to receive UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46641,17 +47084,17 @@ interface(`corenet_udp_receive_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
+interface(`corenet_dontaudit_udp_receive_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- dontaudit $1 pegasus_https_port_t:udp_socket recv_msg;
+ dontaudit $1 mmcc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pegasus_https port.
+## Send and receive UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46660,15 +47103,15 @@ interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pegasus_https_port',`
- corenet_udp_send_pegasus_https_port($1)
- corenet_udp_receive_pegasus_https_port($1)
+interface(`corenet_udp_sendrecv_mmcc_port',`
+ corenet_udp_send_mmcc_port($1)
+ corenet_udp_receive_mmcc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pegasus_https port.
+## UDP traffic on the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46677,14 +47120,14 @@ interface(`corenet_udp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
- corenet_dontaudit_udp_send_pegasus_https_port($1)
- corenet_dontaudit_udp_receive_pegasus_https_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mmcc_port',`
+ corenet_dontaudit_udp_send_mmcc_port($1)
+ corenet_dontaudit_udp_receive_mmcc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pegasus_https port.
+## Bind TCP sockets to the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46693,18 +47136,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pegasus_https_port',`
+interface(`corenet_tcp_bind_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket name_bind;
+ allow $1 mmcc_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pegasus_https port.
+## Bind UDP sockets to the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46713,18 +47156,18 @@ interface(`corenet_tcp_bind_pegasus_https_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pegasus_https_port',`
+interface(`corenet_udp_bind_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:udp_socket name_bind;
+ allow $1 mmcc_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pegasus_https port.
+## Make a TCP connection to the mmcc port.
## </summary>
## <param name="domain">
## <summary>
@@ -46732,18 +47175,18 @@ interface(`corenet_udp_bind_pegasus_https_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pegasus_https_port',`
+interface(`corenet_tcp_connect_mmcc_port',`
gen_require(`
- type pegasus_https_port_t;
+ type mmcc_port_t;
')
- allow $1 pegasus_https_port_t:tcp_socket name_connect;
+ allow $1 mmcc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pegasus_https_client packets.
+## Send mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46752,17 +47195,17 @@ interface(`corenet_tcp_connect_pegasus_https_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_https_client_packets',`
+interface(`corenet_send_mmcc_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type mmcc_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet send;
+ allow $1 mmcc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_https_client packets.
+## Do not audit attempts to send mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46771,17 +47214,17 @@ interface(`corenet_send_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
+interface(`corenet_dontaudit_send_mmcc_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type mmcc_client_packet_t;
')
- dontaudit $1 pegasus_https_client_packet_t:packet send;
+ dontaudit $1 mmcc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_https_client packets.
+## Receive mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46790,17 +47233,17 @@ interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_https_client_packets',`
+interface(`corenet_receive_mmcc_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type mmcc_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet recv;
+ allow $1 mmcc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_https_client packets.
+## Do not audit attempts to receive mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46809,17 +47252,17 @@ interface(`corenet_receive_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
+interface(`corenet_dontaudit_receive_mmcc_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type mmcc_client_packet_t;
')
- dontaudit $1 pegasus_https_client_packet_t:packet recv;
+ dontaudit $1 mmcc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_https_client packets.
+## Send and receive mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46828,14 +47271,14 @@ interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_https_client_packets',`
- corenet_send_pegasus_https_client_packets($1)
- corenet_receive_pegasus_https_client_packets($1)
+interface(`corenet_sendrecv_mmcc_client_packets',`
+ corenet_send_mmcc_client_packets($1)
+ corenet_receive_mmcc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_https_client packets.
+## Do not audit attempts to send and receive mmcc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46844,14 +47287,14 @@ interface(`corenet_sendrecv_pegasus_https_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
- corenet_dontaudit_send_pegasus_https_client_packets($1)
- corenet_dontaudit_receive_pegasus_https_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mmcc_client_packets',`
+ corenet_dontaudit_send_mmcc_client_packets($1)
+ corenet_dontaudit_receive_mmcc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_https_client the packet type.
+## Relabel packets to mmcc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -46859,18 +47302,18 @@ interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_https_client_packets',`
+interface(`corenet_relabelto_mmcc_client_packets',`
gen_require(`
- type pegasus_https_client_packet_t;
+ type mmcc_client_packet_t;
')
- allow $1 pegasus_https_client_packet_t:packet relabelto;
+ allow $1 mmcc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pegasus_https_server packets.
+## Send mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46879,17 +47322,17 @@ interface(`corenet_relabelto_pegasus_https_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pegasus_https_server_packets',`
+interface(`corenet_send_mmcc_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type mmcc_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet send;
+ allow $1 mmcc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pegasus_https_server packets.
+## Do not audit attempts to send mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46898,17 +47341,17 @@ interface(`corenet_send_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
+interface(`corenet_dontaudit_send_mmcc_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type mmcc_server_packet_t;
')
- dontaudit $1 pegasus_https_server_packet_t:packet send;
+ dontaudit $1 mmcc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pegasus_https_server packets.
+## Receive mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46917,17 +47360,17 @@ interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pegasus_https_server_packets',`
+interface(`corenet_receive_mmcc_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type mmcc_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet recv;
+ allow $1 mmcc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pegasus_https_server packets.
+## Do not audit attempts to receive mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46936,17 +47379,17 @@ interface(`corenet_receive_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
+interface(`corenet_dontaudit_receive_mmcc_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type mmcc_server_packet_t;
')
- dontaudit $1 pegasus_https_server_packet_t:packet recv;
+ dontaudit $1 mmcc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pegasus_https_server packets.
+## Send and receive mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46955,14 +47398,14 @@ interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pegasus_https_server_packets',`
- corenet_send_pegasus_https_server_packets($1)
- corenet_receive_pegasus_https_server_packets($1)
+interface(`corenet_sendrecv_mmcc_server_packets',`
+ corenet_send_mmcc_server_packets($1)
+ corenet_receive_mmcc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pegasus_https_server packets.
+## Do not audit attempts to send and receive mmcc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -46971,14 +47414,14 @@ interface(`corenet_sendrecv_pegasus_https_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
- corenet_dontaudit_send_pegasus_https_server_packets($1)
- corenet_dontaudit_receive_pegasus_https_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mmcc_server_packets',`
+ corenet_dontaudit_send_mmcc_server_packets($1)
+ corenet_dontaudit_receive_mmcc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pegasus_https_server the packet type.
+## Relabel packets to mmcc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -46986,12 +47429,12 @@ interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pegasus_https_server_packets',`
+interface(`corenet_relabelto_mmcc_server_packets',`
gen_require(`
- type pegasus_https_server_packet_t;
+ type mmcc_server_packet_t;
')
- allow $1 pegasus_https_server_packet_t:packet relabelto;
+ allow $1 mmcc_server_packet_t:packet relabelto;
')
@@ -46999,7 +47442,7 @@ interface(`corenet_relabelto_pegasus_https_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pgpkeyserver port.
+## Send and receive TCP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47008,17 +47451,17 @@ interface(`corenet_relabelto_pegasus_https_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
+interface(`corenet_tcp_sendrecv_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 monopd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pgpkeyserver port.
+## Send UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47027,17 +47470,17 @@ interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pgpkeyserver_port',`
+interface(`corenet_udp_send_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket send_msg;
+ allow $1 monopd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pgpkeyserver port.
+## Do not audit attempts to send UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47046,17 +47489,17 @@ interface(`corenet_udp_send_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
+interface(`corenet_dontaudit_udp_send_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- dontaudit $1 pgpkeyserver_port_t:udp_socket send_msg;
+ dontaudit $1 monopd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pgpkeyserver port.
+## Receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47065,17 +47508,17 @@ interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pgpkeyserver_port',`
+interface(`corenet_udp_receive_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket recv_msg;
+ allow $1 monopd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pgpkeyserver port.
+## Do not audit attempts to receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47084,17 +47527,17 @@ interface(`corenet_udp_receive_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
+interface(`corenet_dontaudit_udp_receive_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- dontaudit $1 pgpkeyserver_port_t:udp_socket recv_msg;
+ dontaudit $1 monopd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pgpkeyserver port.
+## Send and receive UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47103,15 +47546,15 @@ interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
- corenet_udp_send_pgpkeyserver_port($1)
- corenet_udp_receive_pgpkeyserver_port($1)
+interface(`corenet_udp_sendrecv_monopd_port',`
+ corenet_udp_send_monopd_port($1)
+ corenet_udp_receive_monopd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pgpkeyserver port.
+## UDP traffic on the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47120,14 +47563,14 @@ interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
- corenet_dontaudit_udp_send_pgpkeyserver_port($1)
- corenet_dontaudit_udp_receive_pgpkeyserver_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_monopd_port',`
+ corenet_dontaudit_udp_send_monopd_port($1)
+ corenet_dontaudit_udp_receive_monopd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pgpkeyserver port.
+## Bind TCP sockets to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47136,18 +47579,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pgpkeyserver_port',`
+interface(`corenet_tcp_bind_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket name_bind;
+ allow $1 monopd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pgpkeyserver port.
+## Bind UDP sockets to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47156,18 +47599,18 @@ interface(`corenet_tcp_bind_pgpkeyserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pgpkeyserver_port',`
+interface(`corenet_udp_bind_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:udp_socket name_bind;
+ allow $1 monopd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pgpkeyserver port.
+## Make a TCP connection to the monopd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47175,18 +47618,18 @@ interface(`corenet_udp_bind_pgpkeyserver_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pgpkeyserver_port',`
+interface(`corenet_tcp_connect_monopd_port',`
gen_require(`
- type pgpkeyserver_port_t;
+ type monopd_port_t;
')
- allow $1 pgpkeyserver_port_t:tcp_socket name_connect;
+ allow $1 monopd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pgpkeyserver_client packets.
+## Send monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47195,17 +47638,17 @@ interface(`corenet_tcp_connect_pgpkeyserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pgpkeyserver_client_packets',`
+interface(`corenet_send_monopd_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet send;
+ allow $1 monopd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pgpkeyserver_client packets.
+## Do not audit attempts to send monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47214,17 +47657,17 @@ interface(`corenet_send_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
+interface(`corenet_dontaudit_send_monopd_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type monopd_client_packet_t;
')
- dontaudit $1 pgpkeyserver_client_packet_t:packet send;
+ dontaudit $1 monopd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pgpkeyserver_client packets.
+## Receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47233,17 +47676,17 @@ interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pgpkeyserver_client_packets',`
+interface(`corenet_receive_monopd_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet recv;
+ allow $1 monopd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pgpkeyserver_client packets.
+## Do not audit attempts to receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47252,17 +47695,17 @@ interface(`corenet_receive_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
+interface(`corenet_dontaudit_receive_monopd_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type monopd_client_packet_t;
')
- dontaudit $1 pgpkeyserver_client_packet_t:packet recv;
+ dontaudit $1 monopd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pgpkeyserver_client packets.
+## Send and receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47271,14 +47714,14 @@ interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
- corenet_send_pgpkeyserver_client_packets($1)
- corenet_receive_pgpkeyserver_client_packets($1)
+interface(`corenet_sendrecv_monopd_client_packets',`
+ corenet_send_monopd_client_packets($1)
+ corenet_receive_monopd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pgpkeyserver_client packets.
+## Do not audit attempts to send and receive monopd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47287,14 +47730,14 @@ interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
- corenet_dontaudit_send_pgpkeyserver_client_packets($1)
- corenet_dontaudit_receive_pgpkeyserver_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_monopd_client_packets',`
+ corenet_dontaudit_send_monopd_client_packets($1)
+ corenet_dontaudit_receive_monopd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pgpkeyserver_client the packet type.
+## Relabel packets to monopd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -47302,18 +47745,18 @@ interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pgpkeyserver_client_packets',`
+interface(`corenet_relabelto_monopd_client_packets',`
gen_require(`
- type pgpkeyserver_client_packet_t;
+ type monopd_client_packet_t;
')
- allow $1 pgpkeyserver_client_packet_t:packet relabelto;
+ allow $1 monopd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pgpkeyserver_server packets.
+## Send monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47322,17 +47765,17 @@ interface(`corenet_relabelto_pgpkeyserver_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pgpkeyserver_server_packets',`
+interface(`corenet_send_monopd_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet send;
+ allow $1 monopd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pgpkeyserver_server packets.
+## Do not audit attempts to send monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47341,17 +47784,17 @@ interface(`corenet_send_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
+interface(`corenet_dontaudit_send_monopd_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type monopd_server_packet_t;
')
- dontaudit $1 pgpkeyserver_server_packet_t:packet send;
+ dontaudit $1 monopd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pgpkeyserver_server packets.
+## Receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47360,17 +47803,17 @@ interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pgpkeyserver_server_packets',`
+interface(`corenet_receive_monopd_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet recv;
+ allow $1 monopd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pgpkeyserver_server packets.
+## Do not audit attempts to receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47379,17 +47822,17 @@ interface(`corenet_receive_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
+interface(`corenet_dontaudit_receive_monopd_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type monopd_server_packet_t;
')
- dontaudit $1 pgpkeyserver_server_packet_t:packet recv;
+ dontaudit $1 monopd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pgpkeyserver_server packets.
+## Send and receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47398,14 +47841,14 @@ interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
- corenet_send_pgpkeyserver_server_packets($1)
- corenet_receive_pgpkeyserver_server_packets($1)
+interface(`corenet_sendrecv_monopd_server_packets',`
+ corenet_send_monopd_server_packets($1)
+ corenet_receive_monopd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pgpkeyserver_server packets.
+## Do not audit attempts to send and receive monopd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47414,14 +47857,14 @@ interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
- corenet_dontaudit_send_pgpkeyserver_server_packets($1)
- corenet_dontaudit_receive_pgpkeyserver_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_monopd_server_packets',`
+ corenet_dontaudit_send_monopd_server_packets($1)
+ corenet_dontaudit_receive_monopd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pgpkeyserver_server the packet type.
+## Relabel packets to monopd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -47429,12 +47872,12 @@ interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pgpkeyserver_server_packets',`
+interface(`corenet_relabelto_monopd_server_packets',`
gen_require(`
- type pgpkeyserver_server_packet_t;
+ type monopd_server_packet_t;
')
- allow $1 pgpkeyserver_server_packet_t:packet relabelto;
+ allow $1 monopd_server_packet_t:packet relabelto;
')
@@ -47442,7 +47885,7 @@ interface(`corenet_relabelto_pgpkeyserver_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pingd port.
+## Send and receive TCP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47451,17 +47894,17 @@ interface(`corenet_relabelto_pgpkeyserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pingd_port',`
+interface(`corenet_tcp_sendrecv_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mountd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pingd port.
+## Send UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47470,17 +47913,17 @@ interface(`corenet_tcp_sendrecv_pingd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pingd_port',`
+interface(`corenet_udp_send_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:udp_socket send_msg;
+ allow $1 mountd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pingd port.
+## Do not audit attempts to send UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47489,17 +47932,17 @@ interface(`corenet_udp_send_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pingd_port',`
+interface(`corenet_dontaudit_udp_send_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- dontaudit $1 pingd_port_t:udp_socket send_msg;
+ dontaudit $1 mountd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pingd port.
+## Receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47508,17 +47951,17 @@ interface(`corenet_dontaudit_udp_send_pingd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pingd_port',`
+interface(`corenet_udp_receive_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:udp_socket recv_msg;
+ allow $1 mountd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pingd port.
+## Do not audit attempts to receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47527,17 +47970,17 @@ interface(`corenet_udp_receive_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pingd_port',`
+interface(`corenet_dontaudit_udp_receive_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- dontaudit $1 pingd_port_t:udp_socket recv_msg;
+ dontaudit $1 mountd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pingd port.
+## Send and receive UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47546,15 +47989,15 @@ interface(`corenet_dontaudit_udp_receive_pingd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pingd_port',`
- corenet_udp_send_pingd_port($1)
- corenet_udp_receive_pingd_port($1)
+interface(`corenet_udp_sendrecv_mountd_port',`
+ corenet_udp_send_mountd_port($1)
+ corenet_udp_receive_mountd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pingd port.
+## UDP traffic on the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47563,14 +48006,14 @@ interface(`corenet_udp_sendrecv_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
- corenet_dontaudit_udp_send_pingd_port($1)
- corenet_dontaudit_udp_receive_pingd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mountd_port',`
+ corenet_dontaudit_udp_send_mountd_port($1)
+ corenet_dontaudit_udp_receive_mountd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pingd port.
+## Bind TCP sockets to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47579,18 +48022,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pingd_port',`
+interface(`corenet_tcp_bind_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:tcp_socket name_bind;
+ allow $1 mountd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pingd port.
+## Bind UDP sockets to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47599,18 +48042,18 @@ interface(`corenet_tcp_bind_pingd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pingd_port',`
+interface(`corenet_udp_bind_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:udp_socket name_bind;
+ allow $1 mountd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pingd port.
+## Make a TCP connection to the mountd port.
## </summary>
## <param name="domain">
## <summary>
@@ -47618,18 +48061,18 @@ interface(`corenet_udp_bind_pingd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pingd_port',`
+interface(`corenet_tcp_connect_mountd_port',`
gen_require(`
- type pingd_port_t;
+ type mountd_port_t;
')
- allow $1 pingd_port_t:tcp_socket name_connect;
+ allow $1 mountd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pingd_client packets.
+## Send mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47638,17 +48081,17 @@ interface(`corenet_tcp_connect_pingd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pingd_client_packets',`
+interface(`corenet_send_mountd_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet send;
+ allow $1 mountd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pingd_client packets.
+## Do not audit attempts to send mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47657,17 +48100,17 @@ interface(`corenet_send_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pingd_client_packets',`
+interface(`corenet_dontaudit_send_mountd_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type mountd_client_packet_t;
')
- dontaudit $1 pingd_client_packet_t:packet send;
+ dontaudit $1 mountd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pingd_client packets.
+## Receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47676,17 +48119,17 @@ interface(`corenet_dontaudit_send_pingd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pingd_client_packets',`
+interface(`corenet_receive_mountd_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet recv;
+ allow $1 mountd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pingd_client packets.
+## Do not audit attempts to receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47695,17 +48138,17 @@ interface(`corenet_receive_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pingd_client_packets',`
+interface(`corenet_dontaudit_receive_mountd_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type mountd_client_packet_t;
')
- dontaudit $1 pingd_client_packet_t:packet recv;
+ dontaudit $1 mountd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pingd_client packets.
+## Send and receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47714,14 +48157,14 @@ interface(`corenet_dontaudit_receive_pingd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pingd_client_packets',`
- corenet_send_pingd_client_packets($1)
- corenet_receive_pingd_client_packets($1)
+interface(`corenet_sendrecv_mountd_client_packets',`
+ corenet_send_mountd_client_packets($1)
+ corenet_receive_mountd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pingd_client packets.
+## Do not audit attempts to send and receive mountd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47730,14 +48173,14 @@ interface(`corenet_sendrecv_pingd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
- corenet_dontaudit_send_pingd_client_packets($1)
- corenet_dontaudit_receive_pingd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mountd_client_packets',`
+ corenet_dontaudit_send_mountd_client_packets($1)
+ corenet_dontaudit_receive_mountd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pingd_client the packet type.
+## Relabel packets to mountd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -47745,18 +48188,18 @@ interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pingd_client_packets',`
+interface(`corenet_relabelto_mountd_client_packets',`
gen_require(`
- type pingd_client_packet_t;
+ type mountd_client_packet_t;
')
- allow $1 pingd_client_packet_t:packet relabelto;
+ allow $1 mountd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pingd_server packets.
+## Send mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47765,17 +48208,17 @@ interface(`corenet_relabelto_pingd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pingd_server_packets',`
+interface(`corenet_send_mountd_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet send;
+ allow $1 mountd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pingd_server packets.
+## Do not audit attempts to send mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47784,17 +48227,17 @@ interface(`corenet_send_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pingd_server_packets',`
+interface(`corenet_dontaudit_send_mountd_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type mountd_server_packet_t;
')
- dontaudit $1 pingd_server_packet_t:packet send;
+ dontaudit $1 mountd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pingd_server packets.
+## Receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47803,17 +48246,17 @@ interface(`corenet_dontaudit_send_pingd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pingd_server_packets',`
+interface(`corenet_receive_mountd_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet recv;
+ allow $1 mountd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pingd_server packets.
+## Do not audit attempts to receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47822,17 +48265,17 @@ interface(`corenet_receive_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pingd_server_packets',`
+interface(`corenet_dontaudit_receive_mountd_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type mountd_server_packet_t;
')
- dontaudit $1 pingd_server_packet_t:packet recv;
+ dontaudit $1 mountd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pingd_server packets.
+## Send and receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47841,14 +48284,14 @@ interface(`corenet_dontaudit_receive_pingd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pingd_server_packets',`
- corenet_send_pingd_server_packets($1)
- corenet_receive_pingd_server_packets($1)
+interface(`corenet_sendrecv_mountd_server_packets',`
+ corenet_send_mountd_server_packets($1)
+ corenet_receive_mountd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pingd_server packets.
+## Do not audit attempts to send and receive mountd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -47857,14 +48300,14 @@ interface(`corenet_sendrecv_pingd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
- corenet_dontaudit_send_pingd_server_packets($1)
- corenet_dontaudit_receive_pingd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mountd_server_packets',`
+ corenet_dontaudit_send_mountd_server_packets($1)
+ corenet_dontaudit_receive_mountd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pingd_server the packet type.
+## Relabel packets to mountd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -47872,12 +48315,12 @@ interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pingd_server_packets',`
+interface(`corenet_relabelto_mountd_server_packets',`
gen_require(`
- type pingd_server_packet_t;
+ type mountd_server_packet_t;
')
- allow $1 pingd_server_packet_t:packet relabelto;
+ allow $1 mountd_server_packet_t:packet relabelto;
')
@@ -47885,7 +48328,7 @@ interface(`corenet_relabelto_pingd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pop port.
+## Send and receive TCP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47894,17 +48337,17 @@ interface(`corenet_relabelto_pingd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pop_port',`
+interface(`corenet_tcp_sendrecv_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 movaz_ssc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pop port.
+## Send UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47913,17 +48356,17 @@ interface(`corenet_tcp_sendrecv_pop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pop_port',`
+interface(`corenet_udp_send_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:udp_socket send_msg;
+ allow $1 movaz_ssc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pop port.
+## Do not audit attempts to send UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47932,17 +48375,17 @@ interface(`corenet_udp_send_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pop_port',`
+interface(`corenet_dontaudit_udp_send_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- dontaudit $1 pop_port_t:udp_socket send_msg;
+ dontaudit $1 movaz_ssc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pop port.
+## Receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47951,17 +48394,17 @@ interface(`corenet_dontaudit_udp_send_pop_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pop_port',`
+interface(`corenet_udp_receive_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:udp_socket recv_msg;
+ allow $1 movaz_ssc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pop port.
+## Do not audit attempts to receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47970,17 +48413,17 @@ interface(`corenet_udp_receive_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pop_port',`
+interface(`corenet_dontaudit_udp_receive_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- dontaudit $1 pop_port_t:udp_socket recv_msg;
+ dontaudit $1 movaz_ssc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pop port.
+## Send and receive UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -47989,15 +48432,15 @@ interface(`corenet_dontaudit_udp_receive_pop_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pop_port',`
- corenet_udp_send_pop_port($1)
- corenet_udp_receive_pop_port($1)
+interface(`corenet_udp_sendrecv_movaz_ssc_port',`
+ corenet_udp_send_movaz_ssc_port($1)
+ corenet_udp_receive_movaz_ssc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pop port.
+## UDP traffic on the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -48006,14 +48449,14 @@ interface(`corenet_udp_sendrecv_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
- corenet_dontaudit_udp_send_pop_port($1)
- corenet_dontaudit_udp_receive_pop_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_movaz_ssc_port',`
+ corenet_dontaudit_udp_send_movaz_ssc_port($1)
+ corenet_dontaudit_udp_receive_movaz_ssc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pop port.
+## Bind TCP sockets to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -48022,18 +48465,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pop_port',`
+interface(`corenet_tcp_bind_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 movaz_ssc_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the pop port.
+## Bind UDP sockets to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -48042,18 +48485,18 @@ interface(`corenet_tcp_bind_pop_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pop_port',`
+interface(`corenet_udp_bind_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 movaz_ssc_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the pop port.
+## Make a TCP connection to the movaz_ssc port.
## </summary>
## <param name="domain">
## <summary>
@@ -48061,18 +48504,18 @@ interface(`corenet_udp_bind_pop_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pop_port',`
+interface(`corenet_tcp_connect_movaz_ssc_port',`
gen_require(`
- type pop_port_t;
+ type movaz_ssc_port_t;
')
- allow $1 pop_port_t:tcp_socket name_connect;
+ allow $1 movaz_ssc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pop_client packets.
+## Send movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48081,17 +48524,17 @@ interface(`corenet_tcp_connect_pop_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pop_client_packets',`
+interface(`corenet_send_movaz_ssc_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 pop_client_packet_t:packet send;
+ allow $1 movaz_ssc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pop_client packets.
+## Do not audit attempts to send movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48100,17 +48543,17 @@ interface(`corenet_send_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pop_client_packets',`
+interface(`corenet_dontaudit_send_movaz_ssc_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- dontaudit $1 pop_client_packet_t:packet send;
+ dontaudit $1 movaz_ssc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pop_client packets.
+## Receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48119,17 +48562,17 @@ interface(`corenet_dontaudit_send_pop_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pop_client_packets',`
+interface(`corenet_receive_movaz_ssc_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 pop_client_packet_t:packet recv;
+ allow $1 movaz_ssc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pop_client packets.
+## Do not audit attempts to receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48138,17 +48581,17 @@ interface(`corenet_receive_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pop_client_packets',`
+interface(`corenet_dontaudit_receive_movaz_ssc_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- dontaudit $1 pop_client_packet_t:packet recv;
+ dontaudit $1 movaz_ssc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pop_client packets.
+## Send and receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48157,14 +48600,14 @@ interface(`corenet_dontaudit_receive_pop_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pop_client_packets',`
- corenet_send_pop_client_packets($1)
- corenet_receive_pop_client_packets($1)
+interface(`corenet_sendrecv_movaz_ssc_client_packets',`
+ corenet_send_movaz_ssc_client_packets($1)
+ corenet_receive_movaz_ssc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pop_client packets.
+## Do not audit attempts to send and receive movaz_ssc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48173,14 +48616,14 @@ interface(`corenet_sendrecv_pop_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
- corenet_dontaudit_send_pop_client_packets($1)
- corenet_dontaudit_receive_pop_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_movaz_ssc_client_packets',`
+ corenet_dontaudit_send_movaz_ssc_client_packets($1)
+ corenet_dontaudit_receive_movaz_ssc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pop_client the packet type.
+## Relabel packets to movaz_ssc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -48188,18 +48631,18 @@ interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pop_client_packets',`
+interface(`corenet_relabelto_movaz_ssc_client_packets',`
gen_require(`
- type pop_client_packet_t;
+ type movaz_ssc_client_packet_t;
')
- allow $1 pop_client_packet_t:packet relabelto;
+ allow $1 movaz_ssc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pop_server packets.
+## Send movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48208,17 +48651,17 @@ interface(`corenet_relabelto_pop_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pop_server_packets',`
+interface(`corenet_send_movaz_ssc_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 pop_server_packet_t:packet send;
+ allow $1 movaz_ssc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pop_server packets.
+## Do not audit attempts to send movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48227,17 +48670,17 @@ interface(`corenet_send_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pop_server_packets',`
+interface(`corenet_dontaudit_send_movaz_ssc_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- dontaudit $1 pop_server_packet_t:packet send;
+ dontaudit $1 movaz_ssc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pop_server packets.
+## Receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48246,17 +48689,17 @@ interface(`corenet_dontaudit_send_pop_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pop_server_packets',`
+interface(`corenet_receive_movaz_ssc_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 pop_server_packet_t:packet recv;
+ allow $1 movaz_ssc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pop_server packets.
+## Do not audit attempts to receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48265,17 +48708,17 @@ interface(`corenet_receive_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pop_server_packets',`
+interface(`corenet_dontaudit_receive_movaz_ssc_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- dontaudit $1 pop_server_packet_t:packet recv;
+ dontaudit $1 movaz_ssc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pop_server packets.
+## Send and receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48284,14 +48727,14 @@ interface(`corenet_dontaudit_receive_pop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pop_server_packets',`
- corenet_send_pop_server_packets($1)
- corenet_receive_pop_server_packets($1)
+interface(`corenet_sendrecv_movaz_ssc_server_packets',`
+ corenet_send_movaz_ssc_server_packets($1)
+ corenet_receive_movaz_ssc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pop_server packets.
+## Do not audit attempts to send and receive movaz_ssc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48300,14 +48743,14 @@ interface(`corenet_sendrecv_pop_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
- corenet_dontaudit_send_pop_server_packets($1)
- corenet_dontaudit_receive_pop_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_movaz_ssc_server_packets',`
+ corenet_dontaudit_send_movaz_ssc_server_packets($1)
+ corenet_dontaudit_receive_movaz_ssc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pop_server the packet type.
+## Relabel packets to movaz_ssc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -48315,12 +48758,12 @@ interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pop_server_packets',`
+interface(`corenet_relabelto_movaz_ssc_server_packets',`
gen_require(`
- type pop_server_packet_t;
+ type movaz_ssc_server_packet_t;
')
- allow $1 pop_server_packet_t:packet relabelto;
+ allow $1 movaz_ssc_server_packet_t:packet relabelto;
')
@@ -48328,7 +48771,7 @@ interface(`corenet_relabelto_pop_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the portmap port.
+## Send and receive TCP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48337,17 +48780,17 @@ interface(`corenet_relabelto_pop_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_portmap_port',`
+interface(`corenet_tcp_sendrecv_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mpd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the portmap port.
+## Send UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48356,17 +48799,17 @@ interface(`corenet_tcp_sendrecv_portmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_portmap_port',`
+interface(`corenet_udp_send_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:udp_socket send_msg;
+ allow $1 mpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the portmap port.
+## Do not audit attempts to send UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48375,17 +48818,17 @@ interface(`corenet_udp_send_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_portmap_port',`
+interface(`corenet_dontaudit_udp_send_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- dontaudit $1 portmap_port_t:udp_socket send_msg;
+ dontaudit $1 mpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the portmap port.
+## Receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48394,17 +48837,17 @@ interface(`corenet_dontaudit_udp_send_portmap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_portmap_port',`
+interface(`corenet_udp_receive_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:udp_socket recv_msg;
+ allow $1 mpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the portmap port.
+## Do not audit attempts to receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48413,17 +48856,17 @@ interface(`corenet_udp_receive_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_portmap_port',`
+interface(`corenet_dontaudit_udp_receive_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- dontaudit $1 portmap_port_t:udp_socket recv_msg;
+ dontaudit $1 mpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the portmap port.
+## Send and receive UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48432,15 +48875,15 @@ interface(`corenet_dontaudit_udp_receive_portmap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_portmap_port',`
- corenet_udp_send_portmap_port($1)
- corenet_udp_receive_portmap_port($1)
+interface(`corenet_udp_sendrecv_mpd_port',`
+ corenet_udp_send_mpd_port($1)
+ corenet_udp_receive_mpd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the portmap port.
+## UDP traffic on the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48449,14 +48892,14 @@ interface(`corenet_udp_sendrecv_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
- corenet_dontaudit_udp_send_portmap_port($1)
- corenet_dontaudit_udp_receive_portmap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mpd_port',`
+ corenet_dontaudit_udp_send_mpd_port($1)
+ corenet_dontaudit_udp_receive_mpd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the portmap port.
+## Bind TCP sockets to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48465,18 +48908,18 @@ interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_portmap_port',`
+interface(`corenet_tcp_bind_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 mpd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the portmap port.
+## Bind UDP sockets to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48485,18 +48928,18 @@ interface(`corenet_tcp_bind_portmap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_portmap_port',`
+interface(`corenet_udp_bind_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 mpd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the portmap port.
+## Make a TCP connection to the mpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -48504,18 +48947,18 @@ interface(`corenet_udp_bind_portmap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_portmap_port',`
+interface(`corenet_tcp_connect_mpd_port',`
gen_require(`
- type portmap_port_t;
+ type mpd_port_t;
')
- allow $1 portmap_port_t:tcp_socket name_connect;
+ allow $1 mpd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send portmap_client packets.
+## Send mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48524,17 +48967,17 @@ interface(`corenet_tcp_connect_portmap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_portmap_client_packets',`
+interface(`corenet_send_mpd_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet send;
+ allow $1 mpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send portmap_client packets.
+## Do not audit attempts to send mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48543,17 +48986,17 @@ interface(`corenet_send_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_portmap_client_packets',`
+interface(`corenet_dontaudit_send_mpd_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type mpd_client_packet_t;
')
- dontaudit $1 portmap_client_packet_t:packet send;
+ dontaudit $1 mpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive portmap_client packets.
+## Receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48562,17 +49005,17 @@ interface(`corenet_dontaudit_send_portmap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_portmap_client_packets',`
+interface(`corenet_receive_mpd_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet recv;
+ allow $1 mpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive portmap_client packets.
+## Do not audit attempts to receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48581,17 +49024,17 @@ interface(`corenet_receive_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_portmap_client_packets',`
+interface(`corenet_dontaudit_receive_mpd_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type mpd_client_packet_t;
')
- dontaudit $1 portmap_client_packet_t:packet recv;
+ dontaudit $1 mpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive portmap_client packets.
+## Send and receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48600,14 +49043,14 @@ interface(`corenet_dontaudit_receive_portmap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_portmap_client_packets',`
- corenet_send_portmap_client_packets($1)
- corenet_receive_portmap_client_packets($1)
+interface(`corenet_sendrecv_mpd_client_packets',`
+ corenet_send_mpd_client_packets($1)
+ corenet_receive_mpd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive portmap_client packets.
+## Do not audit attempts to send and receive mpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48616,14 +49059,14 @@ interface(`corenet_sendrecv_portmap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
- corenet_dontaudit_send_portmap_client_packets($1)
- corenet_dontaudit_receive_portmap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mpd_client_packets',`
+ corenet_dontaudit_send_mpd_client_packets($1)
+ corenet_dontaudit_receive_mpd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to portmap_client the packet type.
+## Relabel packets to mpd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -48631,18 +49074,18 @@ interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_portmap_client_packets',`
+interface(`corenet_relabelto_mpd_client_packets',`
gen_require(`
- type portmap_client_packet_t;
+ type mpd_client_packet_t;
')
- allow $1 portmap_client_packet_t:packet relabelto;
+ allow $1 mpd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send portmap_server packets.
+## Send mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48651,17 +49094,17 @@ interface(`corenet_relabelto_portmap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_portmap_server_packets',`
+interface(`corenet_send_mpd_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet send;
+ allow $1 mpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send portmap_server packets.
+## Do not audit attempts to send mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48670,17 +49113,17 @@ interface(`corenet_send_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_portmap_server_packets',`
+interface(`corenet_dontaudit_send_mpd_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type mpd_server_packet_t;
')
- dontaudit $1 portmap_server_packet_t:packet send;
+ dontaudit $1 mpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive portmap_server packets.
+## Receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48689,17 +49132,17 @@ interface(`corenet_dontaudit_send_portmap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_portmap_server_packets',`
+interface(`corenet_receive_mpd_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet recv;
+ allow $1 mpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive portmap_server packets.
+## Do not audit attempts to receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48708,17 +49151,17 @@ interface(`corenet_receive_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_portmap_server_packets',`
+interface(`corenet_dontaudit_receive_mpd_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type mpd_server_packet_t;
')
- dontaudit $1 portmap_server_packet_t:packet recv;
+ dontaudit $1 mpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive portmap_server packets.
+## Send and receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48727,14 +49170,14 @@ interface(`corenet_dontaudit_receive_portmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_portmap_server_packets',`
- corenet_send_portmap_server_packets($1)
- corenet_receive_portmap_server_packets($1)
+interface(`corenet_sendrecv_mpd_server_packets',`
+ corenet_send_mpd_server_packets($1)
+ corenet_receive_mpd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive portmap_server packets.
+## Do not audit attempts to send and receive mpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48743,14 +49186,14 @@ interface(`corenet_sendrecv_portmap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
- corenet_dontaudit_send_portmap_server_packets($1)
- corenet_dontaudit_receive_portmap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mpd_server_packets',`
+ corenet_dontaudit_send_mpd_server_packets($1)
+ corenet_dontaudit_receive_mpd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to portmap_server the packet type.
+## Relabel packets to mpd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -48758,12 +49201,12 @@ interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_portmap_server_packets',`
+interface(`corenet_relabelto_mpd_server_packets',`
gen_require(`
- type portmap_server_packet_t;
+ type mpd_server_packet_t;
')
- allow $1 portmap_server_packet_t:packet relabelto;
+ allow $1 mpd_server_packet_t:packet relabelto;
')
@@ -48771,7 +49214,7 @@ interface(`corenet_relabelto_portmap_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postfix_policyd port.
+## Send and receive TCP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48780,17 +49223,17 @@ interface(`corenet_relabelto_portmap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
+interface(`corenet_tcp_sendrecv_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 msgsrvr_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postfix_policyd port.
+## Send UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48799,17 +49242,17 @@ interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postfix_policyd_port',`
+interface(`corenet_udp_send_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket send_msg;
+ allow $1 msgsrvr_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postfix_policyd port.
+## Do not audit attempts to send UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48818,17 +49261,17 @@ interface(`corenet_udp_send_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
+interface(`corenet_dontaudit_udp_send_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- dontaudit $1 postfix_policyd_port_t:udp_socket send_msg;
+ dontaudit $1 msgsrvr_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postfix_policyd port.
+## Receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48837,17 +49280,17 @@ interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postfix_policyd_port',`
+interface(`corenet_udp_receive_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket recv_msg;
+ allow $1 msgsrvr_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postfix_policyd port.
+## Do not audit attempts to receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48856,17 +49299,17 @@ interface(`corenet_udp_receive_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
+interface(`corenet_dontaudit_udp_receive_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- dontaudit $1 postfix_policyd_port_t:udp_socket recv_msg;
+ dontaudit $1 msgsrvr_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postfix_policyd port.
+## Send and receive UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48875,15 +49318,15 @@ interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postfix_policyd_port',`
- corenet_udp_send_postfix_policyd_port($1)
- corenet_udp_receive_postfix_policyd_port($1)
+interface(`corenet_udp_sendrecv_msgsrvr_port',`
+ corenet_udp_send_msgsrvr_port($1)
+ corenet_udp_receive_msgsrvr_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postfix_policyd port.
+## UDP traffic on the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48892,14 +49335,14 @@ interface(`corenet_udp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
- corenet_dontaudit_udp_send_postfix_policyd_port($1)
- corenet_dontaudit_udp_receive_postfix_policyd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_msgsrvr_port',`
+ corenet_dontaudit_udp_send_msgsrvr_port($1)
+ corenet_dontaudit_udp_receive_msgsrvr_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postfix_policyd port.
+## Bind TCP sockets to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48908,18 +49351,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postfix_policyd_port',`
+interface(`corenet_tcp_bind_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket name_bind;
+ allow $1 msgsrvr_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the postfix_policyd port.
+## Bind UDP sockets to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48928,18 +49371,18 @@ interface(`corenet_tcp_bind_postfix_policyd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postfix_policyd_port',`
+interface(`corenet_udp_bind_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:udp_socket name_bind;
+ allow $1 msgsrvr_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the postfix_policyd port.
+## Make a TCP connection to the msgsrvr port.
## </summary>
## <param name="domain">
## <summary>
@@ -48947,18 +49390,18 @@ interface(`corenet_udp_bind_postfix_policyd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postfix_policyd_port',`
+interface(`corenet_tcp_connect_msgsrvr_port',`
gen_require(`
- type postfix_policyd_port_t;
+ type msgsrvr_port_t;
')
- allow $1 postfix_policyd_port_t:tcp_socket name_connect;
+ allow $1 msgsrvr_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postfix_policyd_client packets.
+## Send msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48967,17 +49410,17 @@ interface(`corenet_tcp_connect_postfix_policyd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postfix_policyd_client_packets',`
+interface(`corenet_send_msgsrvr_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet send;
+ allow $1 msgsrvr_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postfix_policyd_client packets.
+## Do not audit attempts to send msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -48986,17 +49429,17 @@ interface(`corenet_send_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
+interface(`corenet_dontaudit_send_msgsrvr_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- dontaudit $1 postfix_policyd_client_packet_t:packet send;
+ dontaudit $1 msgsrvr_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postfix_policyd_client packets.
+## Receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49005,17 +49448,17 @@ interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postfix_policyd_client_packets',`
+interface(`corenet_receive_msgsrvr_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet recv;
+ allow $1 msgsrvr_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postfix_policyd_client packets.
+## Do not audit attempts to receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49024,17 +49467,17 @@ interface(`corenet_receive_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
+interface(`corenet_dontaudit_receive_msgsrvr_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- dontaudit $1 postfix_policyd_client_packet_t:packet recv;
+ dontaudit $1 msgsrvr_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postfix_policyd_client packets.
+## Send and receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49043,14 +49486,14 @@ interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postfix_policyd_client_packets',`
- corenet_send_postfix_policyd_client_packets($1)
- corenet_receive_postfix_policyd_client_packets($1)
+interface(`corenet_sendrecv_msgsrvr_client_packets',`
+ corenet_send_msgsrvr_client_packets($1)
+ corenet_receive_msgsrvr_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postfix_policyd_client packets.
+## Do not audit attempts to send and receive msgsrvr_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49059,14 +49502,14 @@ interface(`corenet_sendrecv_postfix_policyd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
- corenet_dontaudit_send_postfix_policyd_client_packets($1)
- corenet_dontaudit_receive_postfix_policyd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_msgsrvr_client_packets',`
+ corenet_dontaudit_send_msgsrvr_client_packets($1)
+ corenet_dontaudit_receive_msgsrvr_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postfix_policyd_client the packet type.
+## Relabel packets to msgsrvr_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49074,18 +49517,18 @@ interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postfix_policyd_client_packets',`
+interface(`corenet_relabelto_msgsrvr_client_packets',`
gen_require(`
- type postfix_policyd_client_packet_t;
+ type msgsrvr_client_packet_t;
')
- allow $1 postfix_policyd_client_packet_t:packet relabelto;
+ allow $1 msgsrvr_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postfix_policyd_server packets.
+## Send msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49094,17 +49537,17 @@ interface(`corenet_relabelto_postfix_policyd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postfix_policyd_server_packets',`
+interface(`corenet_send_msgsrvr_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet send;
+ allow $1 msgsrvr_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postfix_policyd_server packets.
+## Do not audit attempts to send msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49113,17 +49556,17 @@ interface(`corenet_send_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
+interface(`corenet_dontaudit_send_msgsrvr_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- dontaudit $1 postfix_policyd_server_packet_t:packet send;
+ dontaudit $1 msgsrvr_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postfix_policyd_server packets.
+## Receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49132,17 +49575,17 @@ interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postfix_policyd_server_packets',`
+interface(`corenet_receive_msgsrvr_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet recv;
+ allow $1 msgsrvr_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postfix_policyd_server packets.
+## Do not audit attempts to receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49151,17 +49594,17 @@ interface(`corenet_receive_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
+interface(`corenet_dontaudit_receive_msgsrvr_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- dontaudit $1 postfix_policyd_server_packet_t:packet recv;
+ dontaudit $1 msgsrvr_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postfix_policyd_server packets.
+## Send and receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49170,14 +49613,14 @@ interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postfix_policyd_server_packets',`
- corenet_send_postfix_policyd_server_packets($1)
- corenet_receive_postfix_policyd_server_packets($1)
+interface(`corenet_sendrecv_msgsrvr_server_packets',`
+ corenet_send_msgsrvr_server_packets($1)
+ corenet_receive_msgsrvr_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postfix_policyd_server packets.
+## Do not audit attempts to send and receive msgsrvr_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49186,14 +49629,14 @@ interface(`corenet_sendrecv_postfix_policyd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
- corenet_dontaudit_send_postfix_policyd_server_packets($1)
- corenet_dontaudit_receive_postfix_policyd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_msgsrvr_server_packets',`
+ corenet_dontaudit_send_msgsrvr_server_packets($1)
+ corenet_dontaudit_receive_msgsrvr_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postfix_policyd_server the packet type.
+## Relabel packets to msgsrvr_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49201,12 +49644,12 @@ interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postfix_policyd_server_packets',`
+interface(`corenet_relabelto_msgsrvr_server_packets',`
gen_require(`
- type postfix_policyd_server_packet_t;
+ type msgsrvr_server_packet_t;
')
- allow $1 postfix_policyd_server_packet_t:packet relabelto;
+ allow $1 msgsrvr_server_packet_t:packet relabelto;
')
@@ -49214,7 +49657,7 @@ interface(`corenet_relabelto_postfix_policyd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postgresql port.
+## Send and receive TCP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49223,17 +49666,17 @@ interface(`corenet_relabelto_postfix_policyd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postgresql_port',`
+interface(`corenet_tcp_sendrecv_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 msnp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postgresql port.
+## Send UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49242,17 +49685,17 @@ interface(`corenet_tcp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postgresql_port',`
+interface(`corenet_udp_send_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:udp_socket send_msg;
+ allow $1 msnp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postgresql port.
+## Do not audit attempts to send UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49261,17 +49704,17 @@ interface(`corenet_udp_send_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postgresql_port',`
+interface(`corenet_dontaudit_udp_send_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- dontaudit $1 postgresql_port_t:udp_socket send_msg;
+ dontaudit $1 msnp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postgresql port.
+## Receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49280,17 +49723,17 @@ interface(`corenet_dontaudit_udp_send_postgresql_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postgresql_port',`
+interface(`corenet_udp_receive_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:udp_socket recv_msg;
+ allow $1 msnp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postgresql port.
+## Do not audit attempts to receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49299,17 +49742,17 @@ interface(`corenet_udp_receive_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postgresql_port',`
+interface(`corenet_dontaudit_udp_receive_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- dontaudit $1 postgresql_port_t:udp_socket recv_msg;
+ dontaudit $1 msnp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postgresql port.
+## Send and receive UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49318,15 +49761,15 @@ interface(`corenet_dontaudit_udp_receive_postgresql_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postgresql_port',`
- corenet_udp_send_postgresql_port($1)
- corenet_udp_receive_postgresql_port($1)
+interface(`corenet_udp_sendrecv_msnp_port',`
+ corenet_udp_send_msnp_port($1)
+ corenet_udp_receive_msnp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postgresql port.
+## UDP traffic on the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49335,14 +49778,14 @@ interface(`corenet_udp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
- corenet_dontaudit_udp_send_postgresql_port($1)
- corenet_dontaudit_udp_receive_postgresql_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_msnp_port',`
+ corenet_dontaudit_udp_send_msnp_port($1)
+ corenet_dontaudit_udp_receive_msnp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postgresql port.
+## Bind TCP sockets to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49351,18 +49794,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postgresql_port',`
+interface(`corenet_tcp_bind_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:tcp_socket name_bind;
+ allow $1 msnp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the postgresql port.
+## Bind UDP sockets to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49371,18 +49814,18 @@ interface(`corenet_tcp_bind_postgresql_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postgresql_port',`
+interface(`corenet_udp_bind_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:udp_socket name_bind;
+ allow $1 msnp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the postgresql port.
+## Make a TCP connection to the msnp port.
## </summary>
## <param name="domain">
## <summary>
@@ -49390,18 +49833,18 @@ interface(`corenet_udp_bind_postgresql_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postgresql_port',`
+interface(`corenet_tcp_connect_msnp_port',`
gen_require(`
- type postgresql_port_t;
+ type msnp_port_t;
')
- allow $1 postgresql_port_t:tcp_socket name_connect;
+ allow $1 msnp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postgresql_client packets.
+## Send msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49410,17 +49853,17 @@ interface(`corenet_tcp_connect_postgresql_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgresql_client_packets',`
+interface(`corenet_send_msnp_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet send;
+ allow $1 msnp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgresql_client packets.
+## Do not audit attempts to send msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49429,17 +49872,17 @@ interface(`corenet_send_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgresql_client_packets',`
+interface(`corenet_dontaudit_send_msnp_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type msnp_client_packet_t;
')
- dontaudit $1 postgresql_client_packet_t:packet send;
+ dontaudit $1 msnp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgresql_client packets.
+## Receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49448,17 +49891,17 @@ interface(`corenet_dontaudit_send_postgresql_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgresql_client_packets',`
+interface(`corenet_receive_msnp_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet recv;
+ allow $1 msnp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgresql_client packets.
+## Do not audit attempts to receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49467,17 +49910,17 @@ interface(`corenet_receive_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgresql_client_packets',`
+interface(`corenet_dontaudit_receive_msnp_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type msnp_client_packet_t;
')
- dontaudit $1 postgresql_client_packet_t:packet recv;
+ dontaudit $1 msnp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgresql_client packets.
+## Send and receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49486,14 +49929,14 @@ interface(`corenet_dontaudit_receive_postgresql_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgresql_client_packets',`
- corenet_send_postgresql_client_packets($1)
- corenet_receive_postgresql_client_packets($1)
+interface(`corenet_sendrecv_msnp_client_packets',`
+ corenet_send_msnp_client_packets($1)
+ corenet_receive_msnp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgresql_client packets.
+## Do not audit attempts to send and receive msnp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49502,14 +49945,14 @@ interface(`corenet_sendrecv_postgresql_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
- corenet_dontaudit_send_postgresql_client_packets($1)
- corenet_dontaudit_receive_postgresql_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_msnp_client_packets',`
+ corenet_dontaudit_send_msnp_client_packets($1)
+ corenet_dontaudit_receive_msnp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgresql_client the packet type.
+## Relabel packets to msnp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49517,18 +49960,18 @@ interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgresql_client_packets',`
+interface(`corenet_relabelto_msnp_client_packets',`
gen_require(`
- type postgresql_client_packet_t;
+ type msnp_client_packet_t;
')
- allow $1 postgresql_client_packet_t:packet relabelto;
+ allow $1 msnp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postgresql_server packets.
+## Send msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49537,17 +49980,17 @@ interface(`corenet_relabelto_postgresql_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgresql_server_packets',`
+interface(`corenet_send_msnp_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet send;
+ allow $1 msnp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgresql_server packets.
+## Do not audit attempts to send msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49556,17 +49999,17 @@ interface(`corenet_send_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgresql_server_packets',`
+interface(`corenet_dontaudit_send_msnp_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type msnp_server_packet_t;
')
- dontaudit $1 postgresql_server_packet_t:packet send;
+ dontaudit $1 msnp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgresql_server packets.
+## Receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49575,17 +50018,17 @@ interface(`corenet_dontaudit_send_postgresql_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgresql_server_packets',`
+interface(`corenet_receive_msnp_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet recv;
+ allow $1 msnp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgresql_server packets.
+## Do not audit attempts to receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49594,17 +50037,17 @@ interface(`corenet_receive_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgresql_server_packets',`
+interface(`corenet_dontaudit_receive_msnp_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type msnp_server_packet_t;
')
- dontaudit $1 postgresql_server_packet_t:packet recv;
+ dontaudit $1 msnp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgresql_server packets.
+## Send and receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49613,14 +50056,14 @@ interface(`corenet_dontaudit_receive_postgresql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgresql_server_packets',`
- corenet_send_postgresql_server_packets($1)
- corenet_receive_postgresql_server_packets($1)
+interface(`corenet_sendrecv_msnp_server_packets',`
+ corenet_send_msnp_server_packets($1)
+ corenet_receive_msnp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgresql_server packets.
+## Do not audit attempts to send and receive msnp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49629,14 +50072,14 @@ interface(`corenet_sendrecv_postgresql_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
- corenet_dontaudit_send_postgresql_server_packets($1)
- corenet_dontaudit_receive_postgresql_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_msnp_server_packets',`
+ corenet_dontaudit_send_msnp_server_packets($1)
+ corenet_dontaudit_receive_msnp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgresql_server the packet type.
+## Relabel packets to msnp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49644,12 +50087,12 @@ interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgresql_server_packets',`
+interface(`corenet_relabelto_msnp_server_packets',`
gen_require(`
- type postgresql_server_packet_t;
+ type msnp_server_packet_t;
')
- allow $1 postgresql_server_packet_t:packet relabelto;
+ allow $1 msnp_server_packet_t:packet relabelto;
')
@@ -49657,7 +50100,7 @@ interface(`corenet_relabelto_postgresql_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the postgrey port.
+## Send and receive TCP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49666,17 +50109,17 @@ interface(`corenet_relabelto_postgresql_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_postgrey_port',`
+interface(`corenet_tcp_sendrecv_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mssql_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the postgrey port.
+## Send UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49685,17 +50128,17 @@ interface(`corenet_tcp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_postgrey_port',`
+interface(`corenet_udp_send_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:udp_socket send_msg;
+ allow $1 mssql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the postgrey port.
+## Do not audit attempts to send UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49704,17 +50147,17 @@ interface(`corenet_udp_send_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_postgrey_port',`
+interface(`corenet_dontaudit_udp_send_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- dontaudit $1 postgrey_port_t:udp_socket send_msg;
+ dontaudit $1 mssql_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the postgrey port.
+## Receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49723,17 +50166,17 @@ interface(`corenet_dontaudit_udp_send_postgrey_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_postgrey_port',`
+interface(`corenet_udp_receive_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:udp_socket recv_msg;
+ allow $1 mssql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the postgrey port.
+## Do not audit attempts to receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49742,17 +50185,17 @@ interface(`corenet_udp_receive_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_postgrey_port',`
+interface(`corenet_dontaudit_udp_receive_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- dontaudit $1 postgrey_port_t:udp_socket recv_msg;
+ dontaudit $1 mssql_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the postgrey port.
+## Send and receive UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49761,15 +50204,15 @@ interface(`corenet_dontaudit_udp_receive_postgrey_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_postgrey_port',`
- corenet_udp_send_postgrey_port($1)
- corenet_udp_receive_postgrey_port($1)
+interface(`corenet_udp_sendrecv_mssql_port',`
+ corenet_udp_send_mssql_port($1)
+ corenet_udp_receive_mssql_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the postgrey port.
+## UDP traffic on the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49778,14 +50221,14 @@ interface(`corenet_udp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
- corenet_dontaudit_udp_send_postgrey_port($1)
- corenet_dontaudit_udp_receive_postgrey_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mssql_port',`
+ corenet_dontaudit_udp_send_mssql_port($1)
+ corenet_dontaudit_udp_receive_mssql_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the postgrey port.
+## Bind TCP sockets to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49794,18 +50237,18 @@ interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_postgrey_port',`
+interface(`corenet_tcp_bind_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:tcp_socket name_bind;
-
+ allow $1 mssql_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the postgrey port.
+## Bind UDP sockets to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49814,18 +50257,18 @@ interface(`corenet_tcp_bind_postgrey_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_postgrey_port',`
+interface(`corenet_udp_bind_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:udp_socket name_bind;
-
+ allow $1 mssql_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the postgrey port.
+## Make a TCP connection to the mssql port.
## </summary>
## <param name="domain">
## <summary>
@@ -49833,18 +50276,18 @@ interface(`corenet_udp_bind_postgrey_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_postgrey_port',`
+interface(`corenet_tcp_connect_mssql_port',`
gen_require(`
- type postgrey_port_t;
+ type mssql_port_t;
')
- allow $1 postgrey_port_t:tcp_socket name_connect;
+ allow $1 mssql_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send postgrey_client packets.
+## Send mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49853,17 +50296,17 @@ interface(`corenet_tcp_connect_postgrey_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgrey_client_packets',`
+interface(`corenet_send_mssql_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet send;
+ allow $1 mssql_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgrey_client packets.
+## Do not audit attempts to send mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49872,17 +50315,17 @@ interface(`corenet_send_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgrey_client_packets',`
+interface(`corenet_dontaudit_send_mssql_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type mssql_client_packet_t;
')
- dontaudit $1 postgrey_client_packet_t:packet send;
+ dontaudit $1 mssql_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgrey_client packets.
+## Receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49891,17 +50334,17 @@ interface(`corenet_dontaudit_send_postgrey_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgrey_client_packets',`
+interface(`corenet_receive_mssql_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet recv;
+ allow $1 mssql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgrey_client packets.
+## Do not audit attempts to receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49910,17 +50353,17 @@ interface(`corenet_receive_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgrey_client_packets',`
+interface(`corenet_dontaudit_receive_mssql_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type mssql_client_packet_t;
')
- dontaudit $1 postgrey_client_packet_t:packet recv;
+ dontaudit $1 mssql_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgrey_client packets.
+## Send and receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49929,14 +50372,14 @@ interface(`corenet_dontaudit_receive_postgrey_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgrey_client_packets',`
- corenet_send_postgrey_client_packets($1)
- corenet_receive_postgrey_client_packets($1)
+interface(`corenet_sendrecv_mssql_client_packets',`
+ corenet_send_mssql_client_packets($1)
+ corenet_receive_mssql_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgrey_client packets.
+## Do not audit attempts to send and receive mssql_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49945,14 +50388,14 @@ interface(`corenet_sendrecv_postgrey_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
- corenet_dontaudit_send_postgrey_client_packets($1)
- corenet_dontaudit_receive_postgrey_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mssql_client_packets',`
+ corenet_dontaudit_send_mssql_client_packets($1)
+ corenet_dontaudit_receive_mssql_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgrey_client the packet type.
+## Relabel packets to mssql_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -49960,18 +50403,18 @@ interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgrey_client_packets',`
+interface(`corenet_relabelto_mssql_client_packets',`
gen_require(`
- type postgrey_client_packet_t;
+ type mssql_client_packet_t;
')
- allow $1 postgrey_client_packet_t:packet relabelto;
+ allow $1 mssql_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send postgrey_server packets.
+## Send mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49980,17 +50423,17 @@ interface(`corenet_relabelto_postgrey_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_postgrey_server_packets',`
+interface(`corenet_send_mssql_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet send;
+ allow $1 mssql_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send postgrey_server packets.
+## Do not audit attempts to send mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -49999,17 +50442,17 @@ interface(`corenet_send_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_postgrey_server_packets',`
+interface(`corenet_dontaudit_send_mssql_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type mssql_server_packet_t;
')
- dontaudit $1 postgrey_server_packet_t:packet send;
+ dontaudit $1 mssql_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive postgrey_server packets.
+## Receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50018,17 +50461,17 @@ interface(`corenet_dontaudit_send_postgrey_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_postgrey_server_packets',`
+interface(`corenet_receive_mssql_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet recv;
+ allow $1 mssql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive postgrey_server packets.
+## Do not audit attempts to receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50037,17 +50480,17 @@ interface(`corenet_receive_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_postgrey_server_packets',`
+interface(`corenet_dontaudit_receive_mssql_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type mssql_server_packet_t;
')
- dontaudit $1 postgrey_server_packet_t:packet recv;
+ dontaudit $1 mssql_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive postgrey_server packets.
+## Send and receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50056,14 +50499,14 @@ interface(`corenet_dontaudit_receive_postgrey_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_postgrey_server_packets',`
- corenet_send_postgrey_server_packets($1)
- corenet_receive_postgrey_server_packets($1)
+interface(`corenet_sendrecv_mssql_server_packets',`
+ corenet_send_mssql_server_packets($1)
+ corenet_receive_mssql_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive postgrey_server packets.
+## Do not audit attempts to send and receive mssql_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50072,14 +50515,14 @@ interface(`corenet_sendrecv_postgrey_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
- corenet_dontaudit_send_postgrey_server_packets($1)
- corenet_dontaudit_receive_postgrey_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mssql_server_packets',`
+ corenet_dontaudit_send_mssql_server_packets($1)
+ corenet_dontaudit_receive_mssql_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to postgrey_server the packet type.
+## Relabel packets to mssql_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50087,12 +50530,12 @@ interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_postgrey_server_packets',`
+interface(`corenet_relabelto_mssql_server_packets',`
gen_require(`
- type postgrey_server_packet_t;
+ type mssql_server_packet_t;
')
- allow $1 postgrey_server_packet_t:packet relabelto;
+ allow $1 mssql_server_packet_t:packet relabelto;
')
@@ -50100,7 +50543,7 @@ interface(`corenet_relabelto_postgrey_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the prelude port.
+## Send and receive TCP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50109,17 +50552,17 @@ interface(`corenet_relabelto_postgrey_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_prelude_port',`
+interface(`corenet_tcp_sendrecv_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ms_streaming_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the prelude port.
+## Send UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50128,17 +50571,17 @@ interface(`corenet_tcp_sendrecv_prelude_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_prelude_port',`
+interface(`corenet_udp_send_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:udp_socket send_msg;
+ allow $1 ms_streaming_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the prelude port.
+## Do not audit attempts to send UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50147,17 +50590,17 @@ interface(`corenet_udp_send_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_prelude_port',`
+interface(`corenet_dontaudit_udp_send_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- dontaudit $1 prelude_port_t:udp_socket send_msg;
+ dontaudit $1 ms_streaming_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the prelude port.
+## Receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50166,17 +50609,17 @@ interface(`corenet_dontaudit_udp_send_prelude_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_prelude_port',`
+interface(`corenet_udp_receive_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:udp_socket recv_msg;
+ allow $1 ms_streaming_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the prelude port.
+## Do not audit attempts to receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50185,17 +50628,17 @@ interface(`corenet_udp_receive_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_prelude_port',`
+interface(`corenet_dontaudit_udp_receive_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- dontaudit $1 prelude_port_t:udp_socket recv_msg;
+ dontaudit $1 ms_streaming_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the prelude port.
+## Send and receive UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50204,15 +50647,15 @@ interface(`corenet_dontaudit_udp_receive_prelude_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_prelude_port',`
- corenet_udp_send_prelude_port($1)
- corenet_udp_receive_prelude_port($1)
+interface(`corenet_udp_sendrecv_ms_streaming_port',`
+ corenet_udp_send_ms_streaming_port($1)
+ corenet_udp_receive_ms_streaming_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the prelude port.
+## UDP traffic on the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50221,14 +50664,14 @@ interface(`corenet_udp_sendrecv_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
- corenet_dontaudit_udp_send_prelude_port($1)
- corenet_dontaudit_udp_receive_prelude_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ms_streaming_port',`
+ corenet_dontaudit_udp_send_ms_streaming_port($1)
+ corenet_dontaudit_udp_receive_ms_streaming_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the prelude port.
+## Bind TCP sockets to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50237,18 +50680,18 @@ interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_prelude_port',`
+interface(`corenet_tcp_bind_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:tcp_socket name_bind;
+ allow $1 ms_streaming_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the prelude port.
+## Bind UDP sockets to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50257,18 +50700,18 @@ interface(`corenet_tcp_bind_prelude_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_prelude_port',`
+interface(`corenet_udp_bind_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:udp_socket name_bind;
+ allow $1 ms_streaming_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the prelude port.
+## Make a TCP connection to the ms_streaming port.
## </summary>
## <param name="domain">
## <summary>
@@ -50276,18 +50719,18 @@ interface(`corenet_udp_bind_prelude_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_prelude_port',`
+interface(`corenet_tcp_connect_ms_streaming_port',`
gen_require(`
- type prelude_port_t;
+ type ms_streaming_port_t;
')
- allow $1 prelude_port_t:tcp_socket name_connect;
+ allow $1 ms_streaming_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send prelude_client packets.
+## Send ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50296,17 +50739,17 @@ interface(`corenet_tcp_connect_prelude_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_prelude_client_packets',`
+interface(`corenet_send_ms_streaming_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet send;
+ allow $1 ms_streaming_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send prelude_client packets.
+## Do not audit attempts to send ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50315,17 +50758,17 @@ interface(`corenet_send_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_prelude_client_packets',`
+interface(`corenet_dontaudit_send_ms_streaming_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- dontaudit $1 prelude_client_packet_t:packet send;
+ dontaudit $1 ms_streaming_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive prelude_client packets.
+## Receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50334,17 +50777,17 @@ interface(`corenet_dontaudit_send_prelude_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_prelude_client_packets',`
+interface(`corenet_receive_ms_streaming_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet recv;
+ allow $1 ms_streaming_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive prelude_client packets.
+## Do not audit attempts to receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50353,17 +50796,17 @@ interface(`corenet_receive_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_prelude_client_packets',`
+interface(`corenet_dontaudit_receive_ms_streaming_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- dontaudit $1 prelude_client_packet_t:packet recv;
+ dontaudit $1 ms_streaming_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive prelude_client packets.
+## Send and receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50372,14 +50815,14 @@ interface(`corenet_dontaudit_receive_prelude_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_prelude_client_packets',`
- corenet_send_prelude_client_packets($1)
- corenet_receive_prelude_client_packets($1)
+interface(`corenet_sendrecv_ms_streaming_client_packets',`
+ corenet_send_ms_streaming_client_packets($1)
+ corenet_receive_ms_streaming_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive prelude_client packets.
+## Do not audit attempts to send and receive ms_streaming_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50388,14 +50831,14 @@ interface(`corenet_sendrecv_prelude_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
- corenet_dontaudit_send_prelude_client_packets($1)
- corenet_dontaudit_receive_prelude_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ms_streaming_client_packets',`
+ corenet_dontaudit_send_ms_streaming_client_packets($1)
+ corenet_dontaudit_receive_ms_streaming_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to prelude_client the packet type.
+## Relabel packets to ms_streaming_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50403,18 +50846,18 @@ interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_prelude_client_packets',`
+interface(`corenet_relabelto_ms_streaming_client_packets',`
gen_require(`
- type prelude_client_packet_t;
+ type ms_streaming_client_packet_t;
')
- allow $1 prelude_client_packet_t:packet relabelto;
+ allow $1 ms_streaming_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send prelude_server packets.
+## Send ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50423,17 +50866,17 @@ interface(`corenet_relabelto_prelude_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_prelude_server_packets',`
+interface(`corenet_send_ms_streaming_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet send;
+ allow $1 ms_streaming_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send prelude_server packets.
+## Do not audit attempts to send ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50442,17 +50885,17 @@ interface(`corenet_send_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_prelude_server_packets',`
+interface(`corenet_dontaudit_send_ms_streaming_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- dontaudit $1 prelude_server_packet_t:packet send;
+ dontaudit $1 ms_streaming_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive prelude_server packets.
+## Receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50461,17 +50904,17 @@ interface(`corenet_dontaudit_send_prelude_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_prelude_server_packets',`
+interface(`corenet_receive_ms_streaming_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet recv;
+ allow $1 ms_streaming_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive prelude_server packets.
+## Do not audit attempts to receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50480,17 +50923,17 @@ interface(`corenet_receive_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_prelude_server_packets',`
+interface(`corenet_dontaudit_receive_ms_streaming_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- dontaudit $1 prelude_server_packet_t:packet recv;
+ dontaudit $1 ms_streaming_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive prelude_server packets.
+## Send and receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50499,14 +50942,14 @@ interface(`corenet_dontaudit_receive_prelude_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_prelude_server_packets',`
- corenet_send_prelude_server_packets($1)
- corenet_receive_prelude_server_packets($1)
+interface(`corenet_sendrecv_ms_streaming_server_packets',`
+ corenet_send_ms_streaming_server_packets($1)
+ corenet_receive_ms_streaming_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive prelude_server packets.
+## Do not audit attempts to send and receive ms_streaming_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50515,14 +50958,14 @@ interface(`corenet_sendrecv_prelude_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
- corenet_dontaudit_send_prelude_server_packets($1)
- corenet_dontaudit_receive_prelude_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ms_streaming_server_packets',`
+ corenet_dontaudit_send_ms_streaming_server_packets($1)
+ corenet_dontaudit_receive_ms_streaming_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to prelude_server the packet type.
+## Relabel packets to ms_streaming_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50530,12 +50973,12 @@ interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_prelude_server_packets',`
+interface(`corenet_relabelto_ms_streaming_server_packets',`
gen_require(`
- type prelude_server_packet_t;
+ type ms_streaming_server_packet_t;
')
- allow $1 prelude_server_packet_t:packet relabelto;
+ allow $1 ms_streaming_server_packet_t:packet relabelto;
')
@@ -50543,7 +50986,7 @@ interface(`corenet_relabelto_prelude_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the presence port.
+## Send and receive TCP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50552,17 +50995,17 @@ interface(`corenet_relabelto_prelude_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_presence_port',`
+interface(`corenet_tcp_sendrecv_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 munin_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the presence port.
+## Send UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50571,17 +51014,17 @@ interface(`corenet_tcp_sendrecv_presence_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_presence_port',`
+interface(`corenet_udp_send_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:udp_socket send_msg;
+ allow $1 munin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the presence port.
+## Do not audit attempts to send UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50590,17 +51033,17 @@ interface(`corenet_udp_send_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_presence_port',`
+interface(`corenet_dontaudit_udp_send_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- dontaudit $1 presence_port_t:udp_socket send_msg;
+ dontaudit $1 munin_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the presence port.
+## Receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50609,17 +51052,17 @@ interface(`corenet_dontaudit_udp_send_presence_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_presence_port',`
+interface(`corenet_udp_receive_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:udp_socket recv_msg;
+ allow $1 munin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the presence port.
+## Do not audit attempts to receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50628,17 +51071,17 @@ interface(`corenet_udp_receive_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_presence_port',`
+interface(`corenet_dontaudit_udp_receive_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- dontaudit $1 presence_port_t:udp_socket recv_msg;
+ dontaudit $1 munin_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the presence port.
+## Send and receive UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50647,15 +51090,15 @@ interface(`corenet_dontaudit_udp_receive_presence_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_presence_port',`
- corenet_udp_send_presence_port($1)
- corenet_udp_receive_presence_port($1)
+interface(`corenet_udp_sendrecv_munin_port',`
+ corenet_udp_send_munin_port($1)
+ corenet_udp_receive_munin_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the presence port.
+## UDP traffic on the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50664,14 +51107,14 @@ interface(`corenet_udp_sendrecv_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
- corenet_dontaudit_udp_send_presence_port($1)
- corenet_dontaudit_udp_receive_presence_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_munin_port',`
+ corenet_dontaudit_udp_send_munin_port($1)
+ corenet_dontaudit_udp_receive_munin_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the presence port.
+## Bind TCP sockets to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50680,18 +51123,18 @@ interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_presence_port',`
+interface(`corenet_tcp_bind_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 munin_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the presence port.
+## Bind UDP sockets to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50700,18 +51143,18 @@ interface(`corenet_tcp_bind_presence_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_presence_port',`
+interface(`corenet_udp_bind_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 munin_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the presence port.
+## Make a TCP connection to the munin port.
## </summary>
## <param name="domain">
## <summary>
@@ -50719,18 +51162,18 @@ interface(`corenet_udp_bind_presence_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_presence_port',`
+interface(`corenet_tcp_connect_munin_port',`
gen_require(`
- type presence_port_t;
+ type munin_port_t;
')
- allow $1 presence_port_t:tcp_socket name_connect;
+ allow $1 munin_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send presence_client packets.
+## Send munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50739,17 +51182,17 @@ interface(`corenet_tcp_connect_presence_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_presence_client_packets',`
+interface(`corenet_send_munin_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 presence_client_packet_t:packet send;
+ allow $1 munin_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send presence_client packets.
+## Do not audit attempts to send munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50758,17 +51201,17 @@ interface(`corenet_send_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_presence_client_packets',`
+interface(`corenet_dontaudit_send_munin_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type munin_client_packet_t;
')
- dontaudit $1 presence_client_packet_t:packet send;
+ dontaudit $1 munin_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive presence_client packets.
+## Receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50777,17 +51220,17 @@ interface(`corenet_dontaudit_send_presence_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_presence_client_packets',`
+interface(`corenet_receive_munin_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 presence_client_packet_t:packet recv;
+ allow $1 munin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive presence_client packets.
+## Do not audit attempts to receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50796,17 +51239,17 @@ interface(`corenet_receive_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_presence_client_packets',`
+interface(`corenet_dontaudit_receive_munin_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type munin_client_packet_t;
')
- dontaudit $1 presence_client_packet_t:packet recv;
+ dontaudit $1 munin_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive presence_client packets.
+## Send and receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50815,14 +51258,14 @@ interface(`corenet_dontaudit_receive_presence_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_presence_client_packets',`
- corenet_send_presence_client_packets($1)
- corenet_receive_presence_client_packets($1)
+interface(`corenet_sendrecv_munin_client_packets',`
+ corenet_send_munin_client_packets($1)
+ corenet_receive_munin_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive presence_client packets.
+## Do not audit attempts to send and receive munin_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50831,14 +51274,14 @@ interface(`corenet_sendrecv_presence_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
- corenet_dontaudit_send_presence_client_packets($1)
- corenet_dontaudit_receive_presence_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_munin_client_packets',`
+ corenet_dontaudit_send_munin_client_packets($1)
+ corenet_dontaudit_receive_munin_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to presence_client the packet type.
+## Relabel packets to munin_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50846,18 +51289,18 @@ interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_presence_client_packets',`
+interface(`corenet_relabelto_munin_client_packets',`
gen_require(`
- type presence_client_packet_t;
+ type munin_client_packet_t;
')
- allow $1 presence_client_packet_t:packet relabelto;
+ allow $1 munin_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send presence_server packets.
+## Send munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50866,17 +51309,17 @@ interface(`corenet_relabelto_presence_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_presence_server_packets',`
+interface(`corenet_send_munin_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 presence_server_packet_t:packet send;
+ allow $1 munin_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send presence_server packets.
+## Do not audit attempts to send munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50885,17 +51328,17 @@ interface(`corenet_send_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_presence_server_packets',`
+interface(`corenet_dontaudit_send_munin_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type munin_server_packet_t;
')
- dontaudit $1 presence_server_packet_t:packet send;
+ dontaudit $1 munin_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive presence_server packets.
+## Receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50904,17 +51347,17 @@ interface(`corenet_dontaudit_send_presence_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_presence_server_packets',`
+interface(`corenet_receive_munin_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 presence_server_packet_t:packet recv;
+ allow $1 munin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive presence_server packets.
+## Do not audit attempts to receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50923,17 +51366,17 @@ interface(`corenet_receive_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_presence_server_packets',`
+interface(`corenet_dontaudit_receive_munin_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type munin_server_packet_t;
')
- dontaudit $1 presence_server_packet_t:packet recv;
+ dontaudit $1 munin_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive presence_server packets.
+## Send and receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50942,14 +51385,14 @@ interface(`corenet_dontaudit_receive_presence_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_presence_server_packets',`
- corenet_send_presence_server_packets($1)
- corenet_receive_presence_server_packets($1)
+interface(`corenet_sendrecv_munin_server_packets',`
+ corenet_send_munin_server_packets($1)
+ corenet_receive_munin_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive presence_server packets.
+## Do not audit attempts to send and receive munin_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -50958,14 +51401,14 @@ interface(`corenet_sendrecv_presence_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
- corenet_dontaudit_send_presence_server_packets($1)
- corenet_dontaudit_receive_presence_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_munin_server_packets',`
+ corenet_dontaudit_send_munin_server_packets($1)
+ corenet_dontaudit_receive_munin_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to presence_server the packet type.
+## Relabel packets to munin_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -50973,12 +51416,12 @@ interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_presence_server_packets',`
+interface(`corenet_relabelto_munin_server_packets',`
gen_require(`
- type presence_server_packet_t;
+ type munin_server_packet_t;
')
- allow $1 presence_server_packet_t:packet relabelto;
+ allow $1 munin_server_packet_t:packet relabelto;
')
@@ -50986,7 +51429,7 @@ interface(`corenet_relabelto_presence_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the printer port.
+## Send and receive TCP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -50995,17 +51438,17 @@ interface(`corenet_relabelto_presence_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_printer_port',`
+interface(`corenet_tcp_sendrecv_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mxi_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the printer port.
+## Send UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51014,17 +51457,17 @@ interface(`corenet_tcp_sendrecv_printer_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_printer_port',`
+interface(`corenet_udp_send_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:udp_socket send_msg;
+ allow $1 mxi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the printer port.
+## Do not audit attempts to send UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51033,17 +51476,17 @@ interface(`corenet_udp_send_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_printer_port',`
+interface(`corenet_dontaudit_udp_send_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- dontaudit $1 printer_port_t:udp_socket send_msg;
+ dontaudit $1 mxi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the printer port.
+## Receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51052,17 +51495,17 @@ interface(`corenet_dontaudit_udp_send_printer_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_printer_port',`
+interface(`corenet_udp_receive_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:udp_socket recv_msg;
+ allow $1 mxi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the printer port.
+## Do not audit attempts to receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51071,17 +51514,17 @@ interface(`corenet_udp_receive_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_printer_port',`
+interface(`corenet_dontaudit_udp_receive_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- dontaudit $1 printer_port_t:udp_socket recv_msg;
+ dontaudit $1 mxi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the printer port.
+## Send and receive UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51090,15 +51533,15 @@ interface(`corenet_dontaudit_udp_receive_printer_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_printer_port',`
- corenet_udp_send_printer_port($1)
- corenet_udp_receive_printer_port($1)
+interface(`corenet_udp_sendrecv_mxi_port',`
+ corenet_udp_send_mxi_port($1)
+ corenet_udp_receive_mxi_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the printer port.
+## UDP traffic on the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51107,14 +51550,14 @@ interface(`corenet_udp_sendrecv_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
- corenet_dontaudit_udp_send_printer_port($1)
- corenet_dontaudit_udp_receive_printer_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mxi_port',`
+ corenet_dontaudit_udp_send_mxi_port($1)
+ corenet_dontaudit_udp_receive_mxi_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the printer port.
+## Bind TCP sockets to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51123,18 +51566,18 @@ interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_printer_port',`
+interface(`corenet_tcp_bind_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 mxi_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the printer port.
+## Bind UDP sockets to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51143,18 +51586,18 @@ interface(`corenet_tcp_bind_printer_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_printer_port',`
+interface(`corenet_udp_bind_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 mxi_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the printer port.
+## Make a TCP connection to the mxi port.
## </summary>
## <param name="domain">
## <summary>
@@ -51162,18 +51605,18 @@ interface(`corenet_udp_bind_printer_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_printer_port',`
+interface(`corenet_tcp_connect_mxi_port',`
gen_require(`
- type printer_port_t;
+ type mxi_port_t;
')
- allow $1 printer_port_t:tcp_socket name_connect;
+ allow $1 mxi_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send printer_client packets.
+## Send mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51182,17 +51625,17 @@ interface(`corenet_tcp_connect_printer_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_printer_client_packets',`
+interface(`corenet_send_mxi_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 printer_client_packet_t:packet send;
+ allow $1 mxi_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send printer_client packets.
+## Do not audit attempts to send mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51201,17 +51644,17 @@ interface(`corenet_send_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_printer_client_packets',`
+interface(`corenet_dontaudit_send_mxi_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type mxi_client_packet_t;
')
- dontaudit $1 printer_client_packet_t:packet send;
+ dontaudit $1 mxi_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive printer_client packets.
+## Receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51220,17 +51663,17 @@ interface(`corenet_dontaudit_send_printer_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_printer_client_packets',`
+interface(`corenet_receive_mxi_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 printer_client_packet_t:packet recv;
+ allow $1 mxi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive printer_client packets.
+## Do not audit attempts to receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51239,17 +51682,17 @@ interface(`corenet_receive_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_printer_client_packets',`
+interface(`corenet_dontaudit_receive_mxi_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type mxi_client_packet_t;
')
- dontaudit $1 printer_client_packet_t:packet recv;
+ dontaudit $1 mxi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive printer_client packets.
+## Send and receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51258,14 +51701,14 @@ interface(`corenet_dontaudit_receive_printer_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_printer_client_packets',`
- corenet_send_printer_client_packets($1)
- corenet_receive_printer_client_packets($1)
+interface(`corenet_sendrecv_mxi_client_packets',`
+ corenet_send_mxi_client_packets($1)
+ corenet_receive_mxi_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive printer_client packets.
+## Do not audit attempts to send and receive mxi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51274,14 +51717,14 @@ interface(`corenet_sendrecv_printer_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
- corenet_dontaudit_send_printer_client_packets($1)
- corenet_dontaudit_receive_printer_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mxi_client_packets',`
+ corenet_dontaudit_send_mxi_client_packets($1)
+ corenet_dontaudit_receive_mxi_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to printer_client the packet type.
+## Relabel packets to mxi_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51289,18 +51732,18 @@ interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_printer_client_packets',`
+interface(`corenet_relabelto_mxi_client_packets',`
gen_require(`
- type printer_client_packet_t;
+ type mxi_client_packet_t;
')
- allow $1 printer_client_packet_t:packet relabelto;
+ allow $1 mxi_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send printer_server packets.
+## Send mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51309,17 +51752,17 @@ interface(`corenet_relabelto_printer_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_printer_server_packets',`
+interface(`corenet_send_mxi_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 printer_server_packet_t:packet send;
+ allow $1 mxi_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send printer_server packets.
+## Do not audit attempts to send mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51328,17 +51771,17 @@ interface(`corenet_send_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_printer_server_packets',`
+interface(`corenet_dontaudit_send_mxi_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type mxi_server_packet_t;
')
- dontaudit $1 printer_server_packet_t:packet send;
+ dontaudit $1 mxi_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive printer_server packets.
+## Receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51347,17 +51790,17 @@ interface(`corenet_dontaudit_send_printer_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_printer_server_packets',`
+interface(`corenet_receive_mxi_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 printer_server_packet_t:packet recv;
+ allow $1 mxi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive printer_server packets.
+## Do not audit attempts to receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51366,17 +51809,17 @@ interface(`corenet_receive_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_printer_server_packets',`
+interface(`corenet_dontaudit_receive_mxi_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type mxi_server_packet_t;
')
- dontaudit $1 printer_server_packet_t:packet recv;
+ dontaudit $1 mxi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive printer_server packets.
+## Send and receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51385,14 +51828,14 @@ interface(`corenet_dontaudit_receive_printer_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_printer_server_packets',`
- corenet_send_printer_server_packets($1)
- corenet_receive_printer_server_packets($1)
+interface(`corenet_sendrecv_mxi_server_packets',`
+ corenet_send_mxi_server_packets($1)
+ corenet_receive_mxi_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive printer_server packets.
+## Do not audit attempts to send and receive mxi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51401,14 +51844,14 @@ interface(`corenet_sendrecv_printer_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
- corenet_dontaudit_send_printer_server_packets($1)
- corenet_dontaudit_receive_printer_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mxi_server_packets',`
+ corenet_dontaudit_send_mxi_server_packets($1)
+ corenet_dontaudit_receive_mxi_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to printer_server the packet type.
+## Relabel packets to mxi_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51416,12 +51859,12 @@ interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_printer_server_packets',`
+interface(`corenet_relabelto_mxi_server_packets',`
gen_require(`
- type printer_server_packet_t;
+ type mxi_server_packet_t;
')
- allow $1 printer_server_packet_t:packet relabelto;
+ allow $1 mxi_server_packet_t:packet relabelto;
')
@@ -51429,7 +51872,7 @@ interface(`corenet_relabelto_printer_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ptal port.
+## Send and receive TCP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51438,17 +51881,17 @@ interface(`corenet_relabelto_printer_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ptal_port',`
+interface(`corenet_tcp_sendrecv_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mysqld_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ptal port.
+## Send UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51457,17 +51900,17 @@ interface(`corenet_tcp_sendrecv_ptal_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ptal_port',`
+interface(`corenet_udp_send_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:udp_socket send_msg;
+ allow $1 mysqld_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ptal port.
+## Do not audit attempts to send UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51476,17 +51919,17 @@ interface(`corenet_udp_send_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ptal_port',`
+interface(`corenet_dontaudit_udp_send_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- dontaudit $1 ptal_port_t:udp_socket send_msg;
+ dontaudit $1 mysqld_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ptal port.
+## Receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51495,17 +51938,17 @@ interface(`corenet_dontaudit_udp_send_ptal_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ptal_port',`
+interface(`corenet_udp_receive_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:udp_socket recv_msg;
+ allow $1 mysqld_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ptal port.
+## Do not audit attempts to receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51514,17 +51957,17 @@ interface(`corenet_udp_receive_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ptal_port',`
+interface(`corenet_dontaudit_udp_receive_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- dontaudit $1 ptal_port_t:udp_socket recv_msg;
+ dontaudit $1 mysqld_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ptal port.
+## Send and receive UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51533,15 +51976,15 @@ interface(`corenet_dontaudit_udp_receive_ptal_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ptal_port',`
- corenet_udp_send_ptal_port($1)
- corenet_udp_receive_ptal_port($1)
+interface(`corenet_udp_sendrecv_mysqld_port',`
+ corenet_udp_send_mysqld_port($1)
+ corenet_udp_receive_mysqld_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ptal port.
+## UDP traffic on the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51550,14 +51993,14 @@ interface(`corenet_udp_sendrecv_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
- corenet_dontaudit_udp_send_ptal_port($1)
- corenet_dontaudit_udp_receive_ptal_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mysqld_port',`
+ corenet_dontaudit_udp_send_mysqld_port($1)
+ corenet_dontaudit_udp_receive_mysqld_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ptal port.
+## Bind TCP sockets to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51566,18 +52009,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ptal_port',`
+interface(`corenet_tcp_bind_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:tcp_socket name_bind;
-
+ allow $1 mysqld_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ptal port.
+## Bind UDP sockets to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51586,18 +52029,18 @@ interface(`corenet_tcp_bind_ptal_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ptal_port',`
+interface(`corenet_udp_bind_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:udp_socket name_bind;
-
+ allow $1 mysqld_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ptal port.
+## Make a TCP connection to the mysqld port.
## </summary>
## <param name="domain">
## <summary>
@@ -51605,18 +52048,18 @@ interface(`corenet_udp_bind_ptal_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ptal_port',`
+interface(`corenet_tcp_connect_mysqld_port',`
gen_require(`
- type ptal_port_t;
+ type mysqld_port_t;
')
- allow $1 ptal_port_t:tcp_socket name_connect;
+ allow $1 mysqld_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ptal_client packets.
+## Send mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51625,17 +52068,17 @@ interface(`corenet_tcp_connect_ptal_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ptal_client_packets',`
+interface(`corenet_send_mysqld_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet send;
+ allow $1 mysqld_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ptal_client packets.
+## Do not audit attempts to send mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51644,17 +52087,17 @@ interface(`corenet_send_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ptal_client_packets',`
+interface(`corenet_dontaudit_send_mysqld_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type mysqld_client_packet_t;
')
- dontaudit $1 ptal_client_packet_t:packet send;
+ dontaudit $1 mysqld_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ptal_client packets.
+## Receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51663,17 +52106,17 @@ interface(`corenet_dontaudit_send_ptal_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ptal_client_packets',`
+interface(`corenet_receive_mysqld_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet recv;
+ allow $1 mysqld_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ptal_client packets.
+## Do not audit attempts to receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51682,17 +52125,17 @@ interface(`corenet_receive_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ptal_client_packets',`
+interface(`corenet_dontaudit_receive_mysqld_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type mysqld_client_packet_t;
')
- dontaudit $1 ptal_client_packet_t:packet recv;
+ dontaudit $1 mysqld_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ptal_client packets.
+## Send and receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51701,14 +52144,14 @@ interface(`corenet_dontaudit_receive_ptal_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ptal_client_packets',`
- corenet_send_ptal_client_packets($1)
- corenet_receive_ptal_client_packets($1)
+interface(`corenet_sendrecv_mysqld_client_packets',`
+ corenet_send_mysqld_client_packets($1)
+ corenet_receive_mysqld_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ptal_client packets.
+## Do not audit attempts to send and receive mysqld_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51717,14 +52160,14 @@ interface(`corenet_sendrecv_ptal_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
- corenet_dontaudit_send_ptal_client_packets($1)
- corenet_dontaudit_receive_ptal_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqld_client_packets',`
+ corenet_dontaudit_send_mysqld_client_packets($1)
+ corenet_dontaudit_receive_mysqld_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ptal_client the packet type.
+## Relabel packets to mysqld_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51732,18 +52175,18 @@ interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ptal_client_packets',`
+interface(`corenet_relabelto_mysqld_client_packets',`
gen_require(`
- type ptal_client_packet_t;
+ type mysqld_client_packet_t;
')
- allow $1 ptal_client_packet_t:packet relabelto;
+ allow $1 mysqld_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ptal_server packets.
+## Send mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51752,17 +52195,17 @@ interface(`corenet_relabelto_ptal_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ptal_server_packets',`
+interface(`corenet_send_mysqld_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet send;
+ allow $1 mysqld_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ptal_server packets.
+## Do not audit attempts to send mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51771,17 +52214,17 @@ interface(`corenet_send_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ptal_server_packets',`
+interface(`corenet_dontaudit_send_mysqld_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type mysqld_server_packet_t;
')
- dontaudit $1 ptal_server_packet_t:packet send;
+ dontaudit $1 mysqld_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ptal_server packets.
+## Receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51790,17 +52233,17 @@ interface(`corenet_dontaudit_send_ptal_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ptal_server_packets',`
+interface(`corenet_receive_mysqld_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet recv;
+ allow $1 mysqld_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ptal_server packets.
+## Do not audit attempts to receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51809,17 +52252,17 @@ interface(`corenet_receive_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ptal_server_packets',`
+interface(`corenet_dontaudit_receive_mysqld_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type mysqld_server_packet_t;
')
- dontaudit $1 ptal_server_packet_t:packet recv;
+ dontaudit $1 mysqld_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ptal_server packets.
+## Send and receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51828,14 +52271,14 @@ interface(`corenet_dontaudit_receive_ptal_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ptal_server_packets',`
- corenet_send_ptal_server_packets($1)
- corenet_receive_ptal_server_packets($1)
+interface(`corenet_sendrecv_mysqld_server_packets',`
+ corenet_send_mysqld_server_packets($1)
+ corenet_receive_mysqld_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ptal_server packets.
+## Do not audit attempts to send and receive mysqld_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -51844,14 +52287,14 @@ interface(`corenet_sendrecv_ptal_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
- corenet_dontaudit_send_ptal_server_packets($1)
- corenet_dontaudit_receive_ptal_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqld_server_packets',`
+ corenet_dontaudit_send_mysqld_server_packets($1)
+ corenet_dontaudit_receive_mysqld_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ptal_server the packet type.
+## Relabel packets to mysqld_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -51859,12 +52302,12 @@ interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ptal_server_packets',`
+interface(`corenet_relabelto_mysqld_server_packets',`
gen_require(`
- type ptal_server_packet_t;
+ type mysqld_server_packet_t;
')
- allow $1 ptal_server_packet_t:packet relabelto;
+ allow $1 mysqld_server_packet_t:packet relabelto;
')
@@ -51872,7 +52315,7 @@ interface(`corenet_relabelto_ptal_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pulseaudio port.
+## Send and receive TCP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51881,17 +52324,17 @@ interface(`corenet_relabelto_ptal_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pulseaudio_port',`
+interface(`corenet_tcp_sendrecv_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 mysqlmanagerd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pulseaudio port.
+## Send UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51900,17 +52343,17 @@ interface(`corenet_tcp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pulseaudio_port',`
+interface(`corenet_udp_send_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket send_msg;
+ allow $1 mysqlmanagerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pulseaudio port.
+## Do not audit attempts to send UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51919,17 +52362,17 @@ interface(`corenet_udp_send_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
+interface(`corenet_dontaudit_udp_send_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- dontaudit $1 pulseaudio_port_t:udp_socket send_msg;
+ dontaudit $1 mysqlmanagerd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pulseaudio port.
+## Receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51938,17 +52381,17 @@ interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pulseaudio_port',`
+interface(`corenet_udp_receive_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket recv_msg;
+ allow $1 mysqlmanagerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pulseaudio port.
+## Do not audit attempts to receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51957,17 +52400,17 @@ interface(`corenet_udp_receive_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
+interface(`corenet_dontaudit_udp_receive_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- dontaudit $1 pulseaudio_port_t:udp_socket recv_msg;
+ dontaudit $1 mysqlmanagerd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pulseaudio port.
+## Send and receive UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51976,15 +52419,15 @@ interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pulseaudio_port',`
- corenet_udp_send_pulseaudio_port($1)
- corenet_udp_receive_pulseaudio_port($1)
+interface(`corenet_udp_sendrecv_mysqlmanagerd_port',`
+ corenet_udp_send_mysqlmanagerd_port($1)
+ corenet_udp_receive_mysqlmanagerd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pulseaudio port.
+## UDP traffic on the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -51993,14 +52436,14 @@ interface(`corenet_udp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
- corenet_dontaudit_udp_send_pulseaudio_port($1)
- corenet_dontaudit_udp_receive_pulseaudio_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_mysqlmanagerd_port',`
+ corenet_dontaudit_udp_send_mysqlmanagerd_port($1)
+ corenet_dontaudit_udp_receive_mysqlmanagerd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pulseaudio port.
+## Bind TCP sockets to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -52009,18 +52452,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pulseaudio_port',`
+interface(`corenet_tcp_bind_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket name_bind;
+ allow $1 mysqlmanagerd_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pulseaudio port.
+## Bind UDP sockets to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -52029,18 +52472,18 @@ interface(`corenet_tcp_bind_pulseaudio_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pulseaudio_port',`
+interface(`corenet_udp_bind_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:udp_socket name_bind;
+ allow $1 mysqlmanagerd_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pulseaudio port.
+## Make a TCP connection to the mysqlmanagerd port.
## </summary>
## <param name="domain">
## <summary>
@@ -52048,18 +52491,18 @@ interface(`corenet_udp_bind_pulseaudio_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pulseaudio_port',`
+interface(`corenet_tcp_connect_mysqlmanagerd_port',`
gen_require(`
- type pulseaudio_port_t;
+ type mysqlmanagerd_port_t;
')
- allow $1 pulseaudio_port_t:tcp_socket name_connect;
+ allow $1 mysqlmanagerd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pulseaudio_client packets.
+## Send mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52068,17 +52511,17 @@ interface(`corenet_tcp_connect_pulseaudio_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pulseaudio_client_packets',`
+interface(`corenet_send_mysqlmanagerd_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet send;
+ allow $1 mysqlmanagerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pulseaudio_client packets.
+## Do not audit attempts to send mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52087,17 +52530,17 @@ interface(`corenet_send_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
+interface(`corenet_dontaudit_send_mysqlmanagerd_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- dontaudit $1 pulseaudio_client_packet_t:packet send;
+ dontaudit $1 mysqlmanagerd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pulseaudio_client packets.
+## Receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52106,17 +52549,17 @@ interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pulseaudio_client_packets',`
+interface(`corenet_receive_mysqlmanagerd_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet recv;
+ allow $1 mysqlmanagerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pulseaudio_client packets.
+## Do not audit attempts to receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52125,17 +52568,17 @@ interface(`corenet_receive_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
+interface(`corenet_dontaudit_receive_mysqlmanagerd_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- dontaudit $1 pulseaudio_client_packet_t:packet recv;
+ dontaudit $1 mysqlmanagerd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pulseaudio_client packets.
+## Send and receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52144,14 +52587,14 @@ interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pulseaudio_client_packets',`
- corenet_send_pulseaudio_client_packets($1)
- corenet_receive_pulseaudio_client_packets($1)
+interface(`corenet_sendrecv_mysqlmanagerd_client_packets',`
+ corenet_send_mysqlmanagerd_client_packets($1)
+ corenet_receive_mysqlmanagerd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pulseaudio_client packets.
+## Do not audit attempts to send and receive mysqlmanagerd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52160,14 +52603,14 @@ interface(`corenet_sendrecv_pulseaudio_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
- corenet_dontaudit_send_pulseaudio_client_packets($1)
- corenet_dontaudit_receive_pulseaudio_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_client_packets',`
+ corenet_dontaudit_send_mysqlmanagerd_client_packets($1)
+ corenet_dontaudit_receive_mysqlmanagerd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pulseaudio_client the packet type.
+## Relabel packets to mysqlmanagerd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52175,18 +52618,18 @@ interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pulseaudio_client_packets',`
+interface(`corenet_relabelto_mysqlmanagerd_client_packets',`
gen_require(`
- type pulseaudio_client_packet_t;
+ type mysqlmanagerd_client_packet_t;
')
- allow $1 pulseaudio_client_packet_t:packet relabelto;
+ allow $1 mysqlmanagerd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pulseaudio_server packets.
+## Send mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52195,17 +52638,17 @@ interface(`corenet_relabelto_pulseaudio_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pulseaudio_server_packets',`
+interface(`corenet_send_mysqlmanagerd_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet send;
+ allow $1 mysqlmanagerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pulseaudio_server packets.
+## Do not audit attempts to send mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52214,17 +52657,17 @@ interface(`corenet_send_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
+interface(`corenet_dontaudit_send_mysqlmanagerd_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- dontaudit $1 pulseaudio_server_packet_t:packet send;
+ dontaudit $1 mysqlmanagerd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pulseaudio_server packets.
+## Receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52233,17 +52676,17 @@ interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pulseaudio_server_packets',`
+interface(`corenet_receive_mysqlmanagerd_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet recv;
+ allow $1 mysqlmanagerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pulseaudio_server packets.
+## Do not audit attempts to receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52252,17 +52695,17 @@ interface(`corenet_receive_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
+interface(`corenet_dontaudit_receive_mysqlmanagerd_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- dontaudit $1 pulseaudio_server_packet_t:packet recv;
+ dontaudit $1 mysqlmanagerd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pulseaudio_server packets.
+## Send and receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52271,14 +52714,14 @@ interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pulseaudio_server_packets',`
- corenet_send_pulseaudio_server_packets($1)
- corenet_receive_pulseaudio_server_packets($1)
+interface(`corenet_sendrecv_mysqlmanagerd_server_packets',`
+ corenet_send_mysqlmanagerd_server_packets($1)
+ corenet_receive_mysqlmanagerd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pulseaudio_server packets.
+## Do not audit attempts to send and receive mysqlmanagerd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52287,14 +52730,14 @@ interface(`corenet_sendrecv_pulseaudio_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
- corenet_dontaudit_send_pulseaudio_server_packets($1)
- corenet_dontaudit_receive_pulseaudio_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_mysqlmanagerd_server_packets',`
+ corenet_dontaudit_send_mysqlmanagerd_server_packets($1)
+ corenet_dontaudit_receive_mysqlmanagerd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pulseaudio_server the packet type.
+## Relabel packets to mysqlmanagerd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52302,12 +52745,12 @@ interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pulseaudio_server_packets',`
+interface(`corenet_relabelto_mysqlmanagerd_server_packets',`
gen_require(`
- type pulseaudio_server_packet_t;
+ type mysqlmanagerd_server_packet_t;
')
- allow $1 pulseaudio_server_packet_t:packet relabelto;
+ allow $1 mysqlmanagerd_server_packet_t:packet relabelto;
')
@@ -52315,7 +52758,7 @@ interface(`corenet_relabelto_pulseaudio_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the puppet port.
+## Send and receive TCP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52324,17 +52767,17 @@ interface(`corenet_relabelto_pulseaudio_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_puppet_port',`
+interface(`corenet_tcp_sendrecv_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 nessus_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the puppet port.
+## Send UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52343,17 +52786,17 @@ interface(`corenet_tcp_sendrecv_puppet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_puppet_port',`
+interface(`corenet_udp_send_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:udp_socket send_msg;
+ allow $1 nessus_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the puppet port.
+## Do not audit attempts to send UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52362,17 +52805,17 @@ interface(`corenet_udp_send_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_puppet_port',`
+interface(`corenet_dontaudit_udp_send_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- dontaudit $1 puppet_port_t:udp_socket send_msg;
+ dontaudit $1 nessus_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the puppet port.
+## Receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52381,17 +52824,17 @@ interface(`corenet_dontaudit_udp_send_puppet_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_puppet_port',`
+interface(`corenet_udp_receive_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:udp_socket recv_msg;
+ allow $1 nessus_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the puppet port.
+## Do not audit attempts to receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52400,17 +52843,17 @@ interface(`corenet_udp_receive_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_puppet_port',`
+interface(`corenet_dontaudit_udp_receive_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- dontaudit $1 puppet_port_t:udp_socket recv_msg;
+ dontaudit $1 nessus_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the puppet port.
+## Send and receive UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52419,15 +52862,15 @@ interface(`corenet_dontaudit_udp_receive_puppet_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_puppet_port',`
- corenet_udp_send_puppet_port($1)
- corenet_udp_receive_puppet_port($1)
+interface(`corenet_udp_sendrecv_nessus_port',`
+ corenet_udp_send_nessus_port($1)
+ corenet_udp_receive_nessus_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the puppet port.
+## UDP traffic on the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52436,14 +52879,14 @@ interface(`corenet_udp_sendrecv_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
- corenet_dontaudit_udp_send_puppet_port($1)
- corenet_dontaudit_udp_receive_puppet_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_nessus_port',`
+ corenet_dontaudit_udp_send_nessus_port($1)
+ corenet_dontaudit_udp_receive_nessus_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the puppet port.
+## Bind TCP sockets to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52452,18 +52895,18 @@ interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_puppet_port',`
+interface(`corenet_tcp_bind_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:tcp_socket name_bind;
+ allow $1 nessus_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the puppet port.
+## Bind UDP sockets to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52472,18 +52915,18 @@ interface(`corenet_tcp_bind_puppet_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_puppet_port',`
+interface(`corenet_udp_bind_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:udp_socket name_bind;
+ allow $1 nessus_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the puppet port.
+## Make a TCP connection to the nessus port.
## </summary>
## <param name="domain">
## <summary>
@@ -52491,18 +52934,18 @@ interface(`corenet_udp_bind_puppet_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_puppet_port',`
+interface(`corenet_tcp_connect_nessus_port',`
gen_require(`
- type puppet_port_t;
+ type nessus_port_t;
')
- allow $1 puppet_port_t:tcp_socket name_connect;
+ allow $1 nessus_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send puppet_client packets.
+## Send nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52511,17 +52954,17 @@ interface(`corenet_tcp_connect_puppet_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppet_client_packets',`
+interface(`corenet_send_nessus_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type nessus_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet send;
+ allow $1 nessus_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppet_client packets.
+## Do not audit attempts to send nessus_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52530,17 +52973,19952 @@ interface(`corenet_send_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppet_client_packets',`
+interface(`corenet_dontaudit_send_nessus_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type nessus_client_packet_t;
')
- dontaudit $1 puppet_client_packet_t:packet send;
+ dontaudit $1 nessus_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppet_client packets.
+## Receive nessus_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nessus_client_packets',`
+ gen_require(`
+ type nessus_client_packet_t;
+ ')
+
+ allow $1 nessus_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nessus_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nessus_client_packets',`
+ gen_require(`
+ type nessus_client_packet_t;
+ ')
+
+ dontaudit $1 nessus_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nessus_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nessus_client_packets',`
+ corenet_send_nessus_client_packets($1)
+ corenet_receive_nessus_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nessus_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nessus_client_packets',`
+ corenet_dontaudit_send_nessus_client_packets($1)
+ corenet_dontaudit_receive_nessus_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nessus_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nessus_client_packets',`
+ gen_require(`
+ type nessus_client_packet_t;
+ ')
+
+ allow $1 nessus_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nessus_server_packets',`
+ gen_require(`
+ type nessus_server_packet_t;
+ ')
+
+ allow $1 nessus_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nessus_server_packets',`
+ gen_require(`
+ type nessus_server_packet_t;
+ ')
+
+ dontaudit $1 nessus_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nessus_server_packets',`
+ gen_require(`
+ type nessus_server_packet_t;
+ ')
+
+ allow $1 nessus_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nessus_server_packets',`
+ gen_require(`
+ type nessus_server_packet_t;
+ ')
+
+ dontaudit $1 nessus_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nessus_server_packets',`
+ corenet_send_nessus_server_packets($1)
+ corenet_receive_nessus_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nessus_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nessus_server_packets',`
+ corenet_dontaudit_send_nessus_server_packets($1)
+ corenet_dontaudit_receive_nessus_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nessus_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nessus_server_packets',`
+ gen_require(`
+ type nessus_server_packet_t;
+ ')
+
+ allow $1 nessus_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ dontaudit $1 netport_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ dontaudit $1 netport_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_netport_port',`
+ corenet_udp_send_netport_port($1)
+ corenet_udp_receive_netport_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_netport_port',`
+ corenet_dontaudit_udp_send_netport_port($1)
+ corenet_dontaudit_udp_receive_netport_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the netport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_netport_port',`
+ gen_require(`
+ type netport_port_t;
+ ')
+
+ allow $1 netport_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_netport_client_packets',`
+ gen_require(`
+ type netport_client_packet_t;
+ ')
+
+ allow $1 netport_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_netport_client_packets',`
+ gen_require(`
+ type netport_client_packet_t;
+ ')
+
+ dontaudit $1 netport_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_netport_client_packets',`
+ gen_require(`
+ type netport_client_packet_t;
+ ')
+
+ allow $1 netport_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_netport_client_packets',`
+ gen_require(`
+ type netport_client_packet_t;
+ ')
+
+ dontaudit $1 netport_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_netport_client_packets',`
+ corenet_send_netport_client_packets($1)
+ corenet_receive_netport_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive netport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_netport_client_packets',`
+ corenet_dontaudit_send_netport_client_packets($1)
+ corenet_dontaudit_receive_netport_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to netport_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_netport_client_packets',`
+ gen_require(`
+ type netport_client_packet_t;
+ ')
+
+ allow $1 netport_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_netport_server_packets',`
+ gen_require(`
+ type netport_server_packet_t;
+ ')
+
+ allow $1 netport_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_netport_server_packets',`
+ gen_require(`
+ type netport_server_packet_t;
+ ')
+
+ dontaudit $1 netport_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_netport_server_packets',`
+ gen_require(`
+ type netport_server_packet_t;
+ ')
+
+ allow $1 netport_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_netport_server_packets',`
+ gen_require(`
+ type netport_server_packet_t;
+ ')
+
+ dontaudit $1 netport_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_netport_server_packets',`
+ corenet_send_netport_server_packets($1)
+ corenet_receive_netport_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive netport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_netport_server_packets',`
+ corenet_dontaudit_send_netport_server_packets($1)
+ corenet_dontaudit_receive_netport_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to netport_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_netport_server_packets',`
+ gen_require(`
+ type netport_server_packet_t;
+ ')
+
+ allow $1 netport_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ dontaudit $1 netsupport_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ dontaudit $1 netsupport_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_netsupport_port',`
+ corenet_udp_send_netsupport_port($1)
+ corenet_udp_receive_netsupport_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_netsupport_port',`
+ corenet_dontaudit_udp_send_netsupport_port($1)
+ corenet_dontaudit_udp_receive_netsupport_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the netsupport port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_netsupport_port',`
+ gen_require(`
+ type netsupport_port_t;
+ ')
+
+ allow $1 netsupport_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_netsupport_client_packets',`
+ gen_require(`
+ type netsupport_client_packet_t;
+ ')
+
+ allow $1 netsupport_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_netsupport_client_packets',`
+ gen_require(`
+ type netsupport_client_packet_t;
+ ')
+
+ dontaudit $1 netsupport_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_netsupport_client_packets',`
+ gen_require(`
+ type netsupport_client_packet_t;
+ ')
+
+ allow $1 netsupport_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_netsupport_client_packets',`
+ gen_require(`
+ type netsupport_client_packet_t;
+ ')
+
+ dontaudit $1 netsupport_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_netsupport_client_packets',`
+ corenet_send_netsupport_client_packets($1)
+ corenet_receive_netsupport_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive netsupport_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_netsupport_client_packets',`
+ corenet_dontaudit_send_netsupport_client_packets($1)
+ corenet_dontaudit_receive_netsupport_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to netsupport_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_netsupport_client_packets',`
+ gen_require(`
+ type netsupport_client_packet_t;
+ ')
+
+ allow $1 netsupport_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_netsupport_server_packets',`
+ gen_require(`
+ type netsupport_server_packet_t;
+ ')
+
+ allow $1 netsupport_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_netsupport_server_packets',`
+ gen_require(`
+ type netsupport_server_packet_t;
+ ')
+
+ dontaudit $1 netsupport_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_netsupport_server_packets',`
+ gen_require(`
+ type netsupport_server_packet_t;
+ ')
+
+ allow $1 netsupport_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_netsupport_server_packets',`
+ gen_require(`
+ type netsupport_server_packet_t;
+ ')
+
+ dontaudit $1 netsupport_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_netsupport_server_packets',`
+ corenet_send_netsupport_server_packets($1)
+ corenet_receive_netsupport_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive netsupport_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_netsupport_server_packets',`
+ corenet_dontaudit_send_netsupport_server_packets($1)
+ corenet_dontaudit_receive_netsupport_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to netsupport_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_netsupport_server_packets',`
+ gen_require(`
+ type netsupport_server_packet_t;
+ ')
+
+ allow $1 netsupport_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ dontaudit $1 nfs_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ dontaudit $1 nfs_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_nfs_port',`
+ corenet_udp_send_nfs_port($1)
+ corenet_udp_receive_nfs_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_nfs_port',`
+ corenet_dontaudit_udp_send_nfs_port($1)
+ corenet_dontaudit_udp_receive_nfs_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the nfs port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_nfs_port',`
+ gen_require(`
+ type nfs_port_t;
+ ')
+
+ allow $1 nfs_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nfs_client_packets',`
+ gen_require(`
+ type nfs_client_packet_t;
+ ')
+
+ allow $1 nfs_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nfs_client_packets',`
+ gen_require(`
+ type nfs_client_packet_t;
+ ')
+
+ dontaudit $1 nfs_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nfs_client_packets',`
+ gen_require(`
+ type nfs_client_packet_t;
+ ')
+
+ allow $1 nfs_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nfs_client_packets',`
+ gen_require(`
+ type nfs_client_packet_t;
+ ')
+
+ dontaudit $1 nfs_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nfs_client_packets',`
+ corenet_send_nfs_client_packets($1)
+ corenet_receive_nfs_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nfs_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nfs_client_packets',`
+ corenet_dontaudit_send_nfs_client_packets($1)
+ corenet_dontaudit_receive_nfs_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nfs_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nfs_client_packets',`
+ gen_require(`
+ type nfs_client_packet_t;
+ ')
+
+ allow $1 nfs_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nfs_server_packets',`
+ gen_require(`
+ type nfs_server_packet_t;
+ ')
+
+ allow $1 nfs_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nfs_server_packets',`
+ gen_require(`
+ type nfs_server_packet_t;
+ ')
+
+ dontaudit $1 nfs_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nfs_server_packets',`
+ gen_require(`
+ type nfs_server_packet_t;
+ ')
+
+ allow $1 nfs_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nfs_server_packets',`
+ gen_require(`
+ type nfs_server_packet_t;
+ ')
+
+ dontaudit $1 nfs_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nfs_server_packets',`
+ corenet_send_nfs_server_packets($1)
+ corenet_receive_nfs_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nfs_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nfs_server_packets',`
+ corenet_dontaudit_send_nfs_server_packets($1)
+ corenet_dontaudit_receive_nfs_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nfs_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nfs_server_packets',`
+ gen_require(`
+ type nfs_server_packet_t;
+ ')
+
+ allow $1 nfs_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ dontaudit $1 nfsrdma_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ dontaudit $1 nfsrdma_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_nfsrdma_port',`
+ corenet_udp_send_nfsrdma_port($1)
+ corenet_udp_receive_nfsrdma_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_nfsrdma_port',`
+ corenet_dontaudit_udp_send_nfsrdma_port($1)
+ corenet_dontaudit_udp_receive_nfsrdma_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the nfsrdma port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_nfsrdma_port',`
+ gen_require(`
+ type nfsrdma_port_t;
+ ')
+
+ allow $1 nfsrdma_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nfsrdma_client_packets',`
+ gen_require(`
+ type nfsrdma_client_packet_t;
+ ')
+
+ allow $1 nfsrdma_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nfsrdma_client_packets',`
+ gen_require(`
+ type nfsrdma_client_packet_t;
+ ')
+
+ dontaudit $1 nfsrdma_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nfsrdma_client_packets',`
+ gen_require(`
+ type nfsrdma_client_packet_t;
+ ')
+
+ allow $1 nfsrdma_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nfsrdma_client_packets',`
+ gen_require(`
+ type nfsrdma_client_packet_t;
+ ')
+
+ dontaudit $1 nfsrdma_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nfsrdma_client_packets',`
+ corenet_send_nfsrdma_client_packets($1)
+ corenet_receive_nfsrdma_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nfsrdma_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nfsrdma_client_packets',`
+ corenet_dontaudit_send_nfsrdma_client_packets($1)
+ corenet_dontaudit_receive_nfsrdma_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nfsrdma_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nfsrdma_client_packets',`
+ gen_require(`
+ type nfsrdma_client_packet_t;
+ ')
+
+ allow $1 nfsrdma_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nfsrdma_server_packets',`
+ gen_require(`
+ type nfsrdma_server_packet_t;
+ ')
+
+ allow $1 nfsrdma_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nfsrdma_server_packets',`
+ gen_require(`
+ type nfsrdma_server_packet_t;
+ ')
+
+ dontaudit $1 nfsrdma_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nfsrdma_server_packets',`
+ gen_require(`
+ type nfsrdma_server_packet_t;
+ ')
+
+ allow $1 nfsrdma_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nfsrdma_server_packets',`
+ gen_require(`
+ type nfsrdma_server_packet_t;
+ ')
+
+ dontaudit $1 nfsrdma_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nfsrdma_server_packets',`
+ corenet_send_nfsrdma_server_packets($1)
+ corenet_receive_nfsrdma_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nfsrdma_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nfsrdma_server_packets',`
+ corenet_dontaudit_send_nfsrdma_server_packets($1)
+ corenet_dontaudit_receive_nfsrdma_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nfsrdma_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nfsrdma_server_packets',`
+ gen_require(`
+ type nfsrdma_server_packet_t;
+ ')
+
+ allow $1 nfsrdma_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ dontaudit $1 nmbd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ dontaudit $1 nmbd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_nmbd_port',`
+ corenet_udp_send_nmbd_port($1)
+ corenet_udp_receive_nmbd_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_nmbd_port',`
+ corenet_dontaudit_udp_send_nmbd_port($1)
+ corenet_dontaudit_udp_receive_nmbd_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the nmbd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_nmbd_port',`
+ gen_require(`
+ type nmbd_port_t;
+ ')
+
+ allow $1 nmbd_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nmbd_client_packets',`
+ gen_require(`
+ type nmbd_client_packet_t;
+ ')
+
+ allow $1 nmbd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nmbd_client_packets',`
+ gen_require(`
+ type nmbd_client_packet_t;
+ ')
+
+ dontaudit $1 nmbd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nmbd_client_packets',`
+ gen_require(`
+ type nmbd_client_packet_t;
+ ')
+
+ allow $1 nmbd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nmbd_client_packets',`
+ gen_require(`
+ type nmbd_client_packet_t;
+ ')
+
+ dontaudit $1 nmbd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nmbd_client_packets',`
+ corenet_send_nmbd_client_packets($1)
+ corenet_receive_nmbd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nmbd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nmbd_client_packets',`
+ corenet_dontaudit_send_nmbd_client_packets($1)
+ corenet_dontaudit_receive_nmbd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nmbd_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nmbd_client_packets',`
+ gen_require(`
+ type nmbd_client_packet_t;
+ ')
+
+ allow $1 nmbd_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_nmbd_server_packets',`
+ gen_require(`
+ type nmbd_server_packet_t;
+ ')
+
+ allow $1 nmbd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_nmbd_server_packets',`
+ gen_require(`
+ type nmbd_server_packet_t;
+ ')
+
+ dontaudit $1 nmbd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_nmbd_server_packets',`
+ gen_require(`
+ type nmbd_server_packet_t;
+ ')
+
+ allow $1 nmbd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_nmbd_server_packets',`
+ gen_require(`
+ type nmbd_server_packet_t;
+ ')
+
+ dontaudit $1 nmbd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_nmbd_server_packets',`
+ corenet_send_nmbd_server_packets($1)
+ corenet_receive_nmbd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive nmbd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_nmbd_server_packets',`
+ corenet_dontaudit_send_nmbd_server_packets($1)
+ corenet_dontaudit_receive_nmbd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to nmbd_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_nmbd_server_packets',`
+ gen_require(`
+ type nmbd_server_packet_t;
+ ')
+
+ allow $1 nmbd_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ dontaudit $1 ntop_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ dontaudit $1 ntop_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ntop_port',`
+ corenet_udp_send_ntop_port($1)
+ corenet_udp_receive_ntop_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ntop_port',`
+ corenet_dontaudit_udp_send_ntop_port($1)
+ corenet_dontaudit_udp_receive_ntop_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ntop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ntop_port',`
+ gen_require(`
+ type ntop_port_t;
+ ')
+
+ allow $1 ntop_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ntop_client_packets',`
+ gen_require(`
+ type ntop_client_packet_t;
+ ')
+
+ allow $1 ntop_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ntop_client_packets',`
+ gen_require(`
+ type ntop_client_packet_t;
+ ')
+
+ dontaudit $1 ntop_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ntop_client_packets',`
+ gen_require(`
+ type ntop_client_packet_t;
+ ')
+
+ allow $1 ntop_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ntop_client_packets',`
+ gen_require(`
+ type ntop_client_packet_t;
+ ')
+
+ dontaudit $1 ntop_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ntop_client_packets',`
+ corenet_send_ntop_client_packets($1)
+ corenet_receive_ntop_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ntop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ntop_client_packets',`
+ corenet_dontaudit_send_ntop_client_packets($1)
+ corenet_dontaudit_receive_ntop_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ntop_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ntop_client_packets',`
+ gen_require(`
+ type ntop_client_packet_t;
+ ')
+
+ allow $1 ntop_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ntop_server_packets',`
+ gen_require(`
+ type ntop_server_packet_t;
+ ')
+
+ allow $1 ntop_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ntop_server_packets',`
+ gen_require(`
+ type ntop_server_packet_t;
+ ')
+
+ dontaudit $1 ntop_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ntop_server_packets',`
+ gen_require(`
+ type ntop_server_packet_t;
+ ')
+
+ allow $1 ntop_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ntop_server_packets',`
+ gen_require(`
+ type ntop_server_packet_t;
+ ')
+
+ dontaudit $1 ntop_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ntop_server_packets',`
+ corenet_send_ntop_server_packets($1)
+ corenet_receive_ntop_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ntop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ntop_server_packets',`
+ corenet_dontaudit_send_ntop_server_packets($1)
+ corenet_dontaudit_receive_ntop_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ntop_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ntop_server_packets',`
+ gen_require(`
+ type ntop_server_packet_t;
+ ')
+
+ allow $1 ntop_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ dontaudit $1 ntp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ dontaudit $1 ntp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ntp_port',`
+ corenet_udp_send_ntp_port($1)
+ corenet_udp_receive_ntp_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ntp_port',`
+ corenet_dontaudit_udp_send_ntp_port($1)
+ corenet_dontaudit_udp_receive_ntp_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ntp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ntp_port',`
+ gen_require(`
+ type ntp_port_t;
+ ')
+
+ allow $1 ntp_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ntp_client_packets',`
+ gen_require(`
+ type ntp_client_packet_t;
+ ')
+
+ allow $1 ntp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ntp_client_packets',`
+ gen_require(`
+ type ntp_client_packet_t;
+ ')
+
+ dontaudit $1 ntp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ntp_client_packets',`
+ gen_require(`
+ type ntp_client_packet_t;
+ ')
+
+ allow $1 ntp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ntp_client_packets',`
+ gen_require(`
+ type ntp_client_packet_t;
+ ')
+
+ dontaudit $1 ntp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ntp_client_packets',`
+ corenet_send_ntp_client_packets($1)
+ corenet_receive_ntp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ntp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ntp_client_packets',`
+ corenet_dontaudit_send_ntp_client_packets($1)
+ corenet_dontaudit_receive_ntp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ntp_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ntp_client_packets',`
+ gen_require(`
+ type ntp_client_packet_t;
+ ')
+
+ allow $1 ntp_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ntp_server_packets',`
+ gen_require(`
+ type ntp_server_packet_t;
+ ')
+
+ allow $1 ntp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ntp_server_packets',`
+ gen_require(`
+ type ntp_server_packet_t;
+ ')
+
+ dontaudit $1 ntp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ntp_server_packets',`
+ gen_require(`
+ type ntp_server_packet_t;
+ ')
+
+ allow $1 ntp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ntp_server_packets',`
+ gen_require(`
+ type ntp_server_packet_t;
+ ')
+
+ dontaudit $1 ntp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ntp_server_packets',`
+ corenet_send_ntp_server_packets($1)
+ corenet_receive_ntp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ntp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ntp_server_packets',`
+ corenet_dontaudit_send_ntp_server_packets($1)
+ corenet_dontaudit_receive_ntp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ntp_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ntp_server_packets',`
+ gen_require(`
+ type ntp_server_packet_t;
+ ')
+
+ allow $1 ntp_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ dontaudit $1 oa_system_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ dontaudit $1 oa_system_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_oa_system_port',`
+ corenet_udp_send_oa_system_port($1)
+ corenet_udp_receive_oa_system_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_oa_system_port',`
+ corenet_dontaudit_udp_send_oa_system_port($1)
+ corenet_dontaudit_udp_receive_oa_system_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the oa_system port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_oa_system_port',`
+ gen_require(`
+ type oa_system_port_t;
+ ')
+
+ allow $1 oa_system_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_oa_system_client_packets',`
+ gen_require(`
+ type oa_system_client_packet_t;
+ ')
+
+ allow $1 oa_system_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_oa_system_client_packets',`
+ gen_require(`
+ type oa_system_client_packet_t;
+ ')
+
+ dontaudit $1 oa_system_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_oa_system_client_packets',`
+ gen_require(`
+ type oa_system_client_packet_t;
+ ')
+
+ allow $1 oa_system_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_oa_system_client_packets',`
+ gen_require(`
+ type oa_system_client_packet_t;
+ ')
+
+ dontaudit $1 oa_system_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_oa_system_client_packets',`
+ corenet_send_oa_system_client_packets($1)
+ corenet_receive_oa_system_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive oa_system_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_oa_system_client_packets',`
+ corenet_dontaudit_send_oa_system_client_packets($1)
+ corenet_dontaudit_receive_oa_system_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to oa_system_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_oa_system_client_packets',`
+ gen_require(`
+ type oa_system_client_packet_t;
+ ')
+
+ allow $1 oa_system_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_oa_system_server_packets',`
+ gen_require(`
+ type oa_system_server_packet_t;
+ ')
+
+ allow $1 oa_system_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_oa_system_server_packets',`
+ gen_require(`
+ type oa_system_server_packet_t;
+ ')
+
+ dontaudit $1 oa_system_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_oa_system_server_packets',`
+ gen_require(`
+ type oa_system_server_packet_t;
+ ')
+
+ allow $1 oa_system_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_oa_system_server_packets',`
+ gen_require(`
+ type oa_system_server_packet_t;
+ ')
+
+ dontaudit $1 oa_system_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_oa_system_server_packets',`
+ corenet_send_oa_system_server_packets($1)
+ corenet_receive_oa_system_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive oa_system_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_oa_system_server_packets',`
+ corenet_dontaudit_send_oa_system_server_packets($1)
+ corenet_dontaudit_receive_oa_system_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to oa_system_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_oa_system_server_packets',`
+ gen_require(`
+ type oa_system_server_packet_t;
+ ')
+
+ allow $1 oa_system_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ dontaudit $1 oracledb_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ dontaudit $1 oracledb_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_oracledb_port',`
+ corenet_udp_send_oracledb_port($1)
+ corenet_udp_receive_oracledb_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_oracledb_port',`
+ corenet_dontaudit_udp_send_oracledb_port($1)
+ corenet_dontaudit_udp_receive_oracledb_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the oracledb port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_oracledb_port',`
+ gen_require(`
+ type oracledb_port_t;
+ ')
+
+ allow $1 oracledb_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_oracledb_client_packets',`
+ gen_require(`
+ type oracledb_client_packet_t;
+ ')
+
+ allow $1 oracledb_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_oracledb_client_packets',`
+ gen_require(`
+ type oracledb_client_packet_t;
+ ')
+
+ dontaudit $1 oracledb_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_oracledb_client_packets',`
+ gen_require(`
+ type oracledb_client_packet_t;
+ ')
+
+ allow $1 oracledb_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_oracledb_client_packets',`
+ gen_require(`
+ type oracledb_client_packet_t;
+ ')
+
+ dontaudit $1 oracledb_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_oracledb_client_packets',`
+ corenet_send_oracledb_client_packets($1)
+ corenet_receive_oracledb_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive oracledb_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_oracledb_client_packets',`
+ corenet_dontaudit_send_oracledb_client_packets($1)
+ corenet_dontaudit_receive_oracledb_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to oracledb_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_oracledb_client_packets',`
+ gen_require(`
+ type oracledb_client_packet_t;
+ ')
+
+ allow $1 oracledb_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_oracledb_server_packets',`
+ gen_require(`
+ type oracledb_server_packet_t;
+ ')
+
+ allow $1 oracledb_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_oracledb_server_packets',`
+ gen_require(`
+ type oracledb_server_packet_t;
+ ')
+
+ dontaudit $1 oracledb_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_oracledb_server_packets',`
+ gen_require(`
+ type oracledb_server_packet_t;
+ ')
+
+ allow $1 oracledb_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_oracledb_server_packets',`
+ gen_require(`
+ type oracledb_server_packet_t;
+ ')
+
+ dontaudit $1 oracledb_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_oracledb_server_packets',`
+ corenet_send_oracledb_server_packets($1)
+ corenet_receive_oracledb_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive oracledb_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_oracledb_server_packets',`
+ corenet_dontaudit_send_oracledb_server_packets($1)
+ corenet_dontaudit_receive_oracledb_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to oracledb_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_oracledb_server_packets',`
+ gen_require(`
+ type oracledb_server_packet_t;
+ ')
+
+ allow $1 oracledb_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ dontaudit $1 ocsp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ dontaudit $1 ocsp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ocsp_port',`
+ corenet_udp_send_ocsp_port($1)
+ corenet_udp_receive_ocsp_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ocsp_port',`
+ corenet_dontaudit_udp_send_ocsp_port($1)
+ corenet_dontaudit_udp_receive_ocsp_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ocsp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ocsp_port',`
+ gen_require(`
+ type ocsp_port_t;
+ ')
+
+ allow $1 ocsp_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ocsp_client_packets',`
+ gen_require(`
+ type ocsp_client_packet_t;
+ ')
+
+ allow $1 ocsp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ocsp_client_packets',`
+ gen_require(`
+ type ocsp_client_packet_t;
+ ')
+
+ dontaudit $1 ocsp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ocsp_client_packets',`
+ gen_require(`
+ type ocsp_client_packet_t;
+ ')
+
+ allow $1 ocsp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ocsp_client_packets',`
+ gen_require(`
+ type ocsp_client_packet_t;
+ ')
+
+ dontaudit $1 ocsp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ocsp_client_packets',`
+ corenet_send_ocsp_client_packets($1)
+ corenet_receive_ocsp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ocsp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ocsp_client_packets',`
+ corenet_dontaudit_send_ocsp_client_packets($1)
+ corenet_dontaudit_receive_ocsp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ocsp_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ocsp_client_packets',`
+ gen_require(`
+ type ocsp_client_packet_t;
+ ')
+
+ allow $1 ocsp_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ocsp_server_packets',`
+ gen_require(`
+ type ocsp_server_packet_t;
+ ')
+
+ allow $1 ocsp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ocsp_server_packets',`
+ gen_require(`
+ type ocsp_server_packet_t;
+ ')
+
+ dontaudit $1 ocsp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ocsp_server_packets',`
+ gen_require(`
+ type ocsp_server_packet_t;
+ ')
+
+ allow $1 ocsp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ocsp_server_packets',`
+ gen_require(`
+ type ocsp_server_packet_t;
+ ')
+
+ dontaudit $1 ocsp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ocsp_server_packets',`
+ corenet_send_ocsp_server_packets($1)
+ corenet_receive_ocsp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ocsp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ocsp_server_packets',`
+ corenet_dontaudit_send_ocsp_server_packets($1)
+ corenet_dontaudit_receive_ocsp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ocsp_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ocsp_server_packets',`
+ gen_require(`
+ type ocsp_server_packet_t;
+ ')
+
+ allow $1 ocsp_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ dontaudit $1 openhpid_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ dontaudit $1 openhpid_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_openhpid_port',`
+ corenet_udp_send_openhpid_port($1)
+ corenet_udp_receive_openhpid_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_openhpid_port',`
+ corenet_dontaudit_udp_send_openhpid_port($1)
+ corenet_dontaudit_udp_receive_openhpid_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the openhpid port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_openhpid_port',`
+ gen_require(`
+ type openhpid_port_t;
+ ')
+
+ allow $1 openhpid_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_openhpid_client_packets',`
+ gen_require(`
+ type openhpid_client_packet_t;
+ ')
+
+ allow $1 openhpid_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_openhpid_client_packets',`
+ gen_require(`
+ type openhpid_client_packet_t;
+ ')
+
+ dontaudit $1 openhpid_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_openhpid_client_packets',`
+ gen_require(`
+ type openhpid_client_packet_t;
+ ')
+
+ allow $1 openhpid_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_openhpid_client_packets',`
+ gen_require(`
+ type openhpid_client_packet_t;
+ ')
+
+ dontaudit $1 openhpid_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_openhpid_client_packets',`
+ corenet_send_openhpid_client_packets($1)
+ corenet_receive_openhpid_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive openhpid_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_openhpid_client_packets',`
+ corenet_dontaudit_send_openhpid_client_packets($1)
+ corenet_dontaudit_receive_openhpid_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to openhpid_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_openhpid_client_packets',`
+ gen_require(`
+ type openhpid_client_packet_t;
+ ')
+
+ allow $1 openhpid_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_openhpid_server_packets',`
+ gen_require(`
+ type openhpid_server_packet_t;
+ ')
+
+ allow $1 openhpid_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_openhpid_server_packets',`
+ gen_require(`
+ type openhpid_server_packet_t;
+ ')
+
+ dontaudit $1 openhpid_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_openhpid_server_packets',`
+ gen_require(`
+ type openhpid_server_packet_t;
+ ')
+
+ allow $1 openhpid_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_openhpid_server_packets',`
+ gen_require(`
+ type openhpid_server_packet_t;
+ ')
+
+ dontaudit $1 openhpid_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_openhpid_server_packets',`
+ corenet_send_openhpid_server_packets($1)
+ corenet_receive_openhpid_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive openhpid_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_openhpid_server_packets',`
+ corenet_dontaudit_send_openhpid_server_packets($1)
+ corenet_dontaudit_receive_openhpid_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to openhpid_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_openhpid_server_packets',`
+ gen_require(`
+ type openhpid_server_packet_t;
+ ')
+
+ allow $1 openhpid_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ dontaudit $1 openvpn_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ dontaudit $1 openvpn_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_openvpn_port',`
+ corenet_udp_send_openvpn_port($1)
+ corenet_udp_receive_openvpn_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_openvpn_port',`
+ corenet_dontaudit_udp_send_openvpn_port($1)
+ corenet_dontaudit_udp_receive_openvpn_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the openvpn port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_openvpn_port',`
+ gen_require(`
+ type openvpn_port_t;
+ ')
+
+ allow $1 openvpn_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_openvpn_client_packets',`
+ gen_require(`
+ type openvpn_client_packet_t;
+ ')
+
+ allow $1 openvpn_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_openvpn_client_packets',`
+ gen_require(`
+ type openvpn_client_packet_t;
+ ')
+
+ dontaudit $1 openvpn_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_openvpn_client_packets',`
+ gen_require(`
+ type openvpn_client_packet_t;
+ ')
+
+ allow $1 openvpn_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_openvpn_client_packets',`
+ gen_require(`
+ type openvpn_client_packet_t;
+ ')
+
+ dontaudit $1 openvpn_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_openvpn_client_packets',`
+ corenet_send_openvpn_client_packets($1)
+ corenet_receive_openvpn_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive openvpn_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_openvpn_client_packets',`
+ corenet_dontaudit_send_openvpn_client_packets($1)
+ corenet_dontaudit_receive_openvpn_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to openvpn_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_openvpn_client_packets',`
+ gen_require(`
+ type openvpn_client_packet_t;
+ ')
+
+ allow $1 openvpn_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_openvpn_server_packets',`
+ gen_require(`
+ type openvpn_server_packet_t;
+ ')
+
+ allow $1 openvpn_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_openvpn_server_packets',`
+ gen_require(`
+ type openvpn_server_packet_t;
+ ')
+
+ dontaudit $1 openvpn_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_openvpn_server_packets',`
+ gen_require(`
+ type openvpn_server_packet_t;
+ ')
+
+ allow $1 openvpn_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_openvpn_server_packets',`
+ gen_require(`
+ type openvpn_server_packet_t;
+ ')
+
+ dontaudit $1 openvpn_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_openvpn_server_packets',`
+ corenet_send_openvpn_server_packets($1)
+ corenet_receive_openvpn_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive openvpn_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_openvpn_server_packets',`
+ corenet_dontaudit_send_openvpn_server_packets($1)
+ corenet_dontaudit_receive_openvpn_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to openvpn_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_openvpn_server_packets',`
+ gen_require(`
+ type openvpn_server_packet_t;
+ ')
+
+ allow $1 openvpn_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ dontaudit $1 pdps_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ dontaudit $1 pdps_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pdps_port',`
+ corenet_udp_send_pdps_port($1)
+ corenet_udp_receive_pdps_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pdps_port',`
+ corenet_dontaudit_udp_send_pdps_port($1)
+ corenet_dontaudit_udp_receive_pdps_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pdps port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pdps_port',`
+ gen_require(`
+ type pdps_port_t;
+ ')
+
+ allow $1 pdps_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pdps_client_packets',`
+ gen_require(`
+ type pdps_client_packet_t;
+ ')
+
+ allow $1 pdps_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pdps_client_packets',`
+ gen_require(`
+ type pdps_client_packet_t;
+ ')
+
+ dontaudit $1 pdps_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pdps_client_packets',`
+ gen_require(`
+ type pdps_client_packet_t;
+ ')
+
+ allow $1 pdps_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pdps_client_packets',`
+ gen_require(`
+ type pdps_client_packet_t;
+ ')
+
+ dontaudit $1 pdps_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pdps_client_packets',`
+ corenet_send_pdps_client_packets($1)
+ corenet_receive_pdps_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pdps_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pdps_client_packets',`
+ corenet_dontaudit_send_pdps_client_packets($1)
+ corenet_dontaudit_receive_pdps_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pdps_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pdps_client_packets',`
+ gen_require(`
+ type pdps_client_packet_t;
+ ')
+
+ allow $1 pdps_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pdps_server_packets',`
+ gen_require(`
+ type pdps_server_packet_t;
+ ')
+
+ allow $1 pdps_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pdps_server_packets',`
+ gen_require(`
+ type pdps_server_packet_t;
+ ')
+
+ dontaudit $1 pdps_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pdps_server_packets',`
+ gen_require(`
+ type pdps_server_packet_t;
+ ')
+
+ allow $1 pdps_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pdps_server_packets',`
+ gen_require(`
+ type pdps_server_packet_t;
+ ')
+
+ dontaudit $1 pdps_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pdps_server_packets',`
+ corenet_send_pdps_server_packets($1)
+ corenet_receive_pdps_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pdps_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pdps_server_packets',`
+ corenet_dontaudit_send_pdps_server_packets($1)
+ corenet_dontaudit_receive_pdps_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pdps_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pdps_server_packets',`
+ gen_require(`
+ type pdps_server_packet_t;
+ ')
+
+ allow $1 pdps_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ dontaudit $1 pegasus_http_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ dontaudit $1 pegasus_http_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pegasus_http_port',`
+ corenet_udp_send_pegasus_http_port($1)
+ corenet_udp_receive_pegasus_http_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pegasus_http_port',`
+ corenet_dontaudit_udp_send_pegasus_http_port($1)
+ corenet_dontaudit_udp_receive_pegasus_http_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pegasus_http port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pegasus_http_port',`
+ gen_require(`
+ type pegasus_http_port_t;
+ ')
+
+ allow $1 pegasus_http_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pegasus_http_client_packets',`
+ gen_require(`
+ type pegasus_http_client_packet_t;
+ ')
+
+ allow $1 pegasus_http_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pegasus_http_client_packets',`
+ gen_require(`
+ type pegasus_http_client_packet_t;
+ ')
+
+ dontaudit $1 pegasus_http_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pegasus_http_client_packets',`
+ gen_require(`
+ type pegasus_http_client_packet_t;
+ ')
+
+ allow $1 pegasus_http_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pegasus_http_client_packets',`
+ gen_require(`
+ type pegasus_http_client_packet_t;
+ ')
+
+ dontaudit $1 pegasus_http_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pegasus_http_client_packets',`
+ corenet_send_pegasus_http_client_packets($1)
+ corenet_receive_pegasus_http_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pegasus_http_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pegasus_http_client_packets',`
+ corenet_dontaudit_send_pegasus_http_client_packets($1)
+ corenet_dontaudit_receive_pegasus_http_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pegasus_http_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pegasus_http_client_packets',`
+ gen_require(`
+ type pegasus_http_client_packet_t;
+ ')
+
+ allow $1 pegasus_http_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pegasus_http_server_packets',`
+ gen_require(`
+ type pegasus_http_server_packet_t;
+ ')
+
+ allow $1 pegasus_http_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pegasus_http_server_packets',`
+ gen_require(`
+ type pegasus_http_server_packet_t;
+ ')
+
+ dontaudit $1 pegasus_http_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pegasus_http_server_packets',`
+ gen_require(`
+ type pegasus_http_server_packet_t;
+ ')
+
+ allow $1 pegasus_http_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pegasus_http_server_packets',`
+ gen_require(`
+ type pegasus_http_server_packet_t;
+ ')
+
+ dontaudit $1 pegasus_http_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pegasus_http_server_packets',`
+ corenet_send_pegasus_http_server_packets($1)
+ corenet_receive_pegasus_http_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pegasus_http_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pegasus_http_server_packets',`
+ corenet_dontaudit_send_pegasus_http_server_packets($1)
+ corenet_dontaudit_receive_pegasus_http_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pegasus_http_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pegasus_http_server_packets',`
+ gen_require(`
+ type pegasus_http_server_packet_t;
+ ')
+
+ allow $1 pegasus_http_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ dontaudit $1 pegasus_https_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ dontaudit $1 pegasus_https_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pegasus_https_port',`
+ corenet_udp_send_pegasus_https_port($1)
+ corenet_udp_receive_pegasus_https_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pegasus_https_port',`
+ corenet_dontaudit_udp_send_pegasus_https_port($1)
+ corenet_dontaudit_udp_receive_pegasus_https_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pegasus_https port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pegasus_https_port',`
+ gen_require(`
+ type pegasus_https_port_t;
+ ')
+
+ allow $1 pegasus_https_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pegasus_https_client_packets',`
+ gen_require(`
+ type pegasus_https_client_packet_t;
+ ')
+
+ allow $1 pegasus_https_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pegasus_https_client_packets',`
+ gen_require(`
+ type pegasus_https_client_packet_t;
+ ')
+
+ dontaudit $1 pegasus_https_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pegasus_https_client_packets',`
+ gen_require(`
+ type pegasus_https_client_packet_t;
+ ')
+
+ allow $1 pegasus_https_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pegasus_https_client_packets',`
+ gen_require(`
+ type pegasus_https_client_packet_t;
+ ')
+
+ dontaudit $1 pegasus_https_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pegasus_https_client_packets',`
+ corenet_send_pegasus_https_client_packets($1)
+ corenet_receive_pegasus_https_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pegasus_https_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pegasus_https_client_packets',`
+ corenet_dontaudit_send_pegasus_https_client_packets($1)
+ corenet_dontaudit_receive_pegasus_https_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pegasus_https_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pegasus_https_client_packets',`
+ gen_require(`
+ type pegasus_https_client_packet_t;
+ ')
+
+ allow $1 pegasus_https_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pegasus_https_server_packets',`
+ gen_require(`
+ type pegasus_https_server_packet_t;
+ ')
+
+ allow $1 pegasus_https_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pegasus_https_server_packets',`
+ gen_require(`
+ type pegasus_https_server_packet_t;
+ ')
+
+ dontaudit $1 pegasus_https_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pegasus_https_server_packets',`
+ gen_require(`
+ type pegasus_https_server_packet_t;
+ ')
+
+ allow $1 pegasus_https_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pegasus_https_server_packets',`
+ gen_require(`
+ type pegasus_https_server_packet_t;
+ ')
+
+ dontaudit $1 pegasus_https_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pegasus_https_server_packets',`
+ corenet_send_pegasus_https_server_packets($1)
+ corenet_receive_pegasus_https_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pegasus_https_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pegasus_https_server_packets',`
+ corenet_dontaudit_send_pegasus_https_server_packets($1)
+ corenet_dontaudit_receive_pegasus_https_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pegasus_https_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pegasus_https_server_packets',`
+ gen_require(`
+ type pegasus_https_server_packet_t;
+ ')
+
+ allow $1 pegasus_https_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pgpkeyserver_port',`
+ corenet_udp_send_pgpkeyserver_port($1)
+ corenet_udp_receive_pgpkeyserver_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pgpkeyserver_port',`
+ corenet_dontaudit_udp_send_pgpkeyserver_port($1)
+ corenet_dontaudit_udp_receive_pgpkeyserver_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pgpkeyserver port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pgpkeyserver_port',`
+ gen_require(`
+ type pgpkeyserver_port_t;
+ ')
+
+ allow $1 pgpkeyserver_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pgpkeyserver_client_packets',`
+ gen_require(`
+ type pgpkeyserver_client_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pgpkeyserver_client_packets',`
+ gen_require(`
+ type pgpkeyserver_client_packet_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pgpkeyserver_client_packets',`
+ gen_require(`
+ type pgpkeyserver_client_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pgpkeyserver_client_packets',`
+ gen_require(`
+ type pgpkeyserver_client_packet_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pgpkeyserver_client_packets',`
+ corenet_send_pgpkeyserver_client_packets($1)
+ corenet_receive_pgpkeyserver_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pgpkeyserver_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pgpkeyserver_client_packets',`
+ corenet_dontaudit_send_pgpkeyserver_client_packets($1)
+ corenet_dontaudit_receive_pgpkeyserver_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pgpkeyserver_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pgpkeyserver_client_packets',`
+ gen_require(`
+ type pgpkeyserver_client_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pgpkeyserver_server_packets',`
+ gen_require(`
+ type pgpkeyserver_server_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pgpkeyserver_server_packets',`
+ gen_require(`
+ type pgpkeyserver_server_packet_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pgpkeyserver_server_packets',`
+ gen_require(`
+ type pgpkeyserver_server_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pgpkeyserver_server_packets',`
+ gen_require(`
+ type pgpkeyserver_server_packet_t;
+ ')
+
+ dontaudit $1 pgpkeyserver_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pgpkeyserver_server_packets',`
+ corenet_send_pgpkeyserver_server_packets($1)
+ corenet_receive_pgpkeyserver_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pgpkeyserver_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pgpkeyserver_server_packets',`
+ corenet_dontaudit_send_pgpkeyserver_server_packets($1)
+ corenet_dontaudit_receive_pgpkeyserver_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pgpkeyserver_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pgpkeyserver_server_packets',`
+ gen_require(`
+ type pgpkeyserver_server_packet_t;
+ ')
+
+ allow $1 pgpkeyserver_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ dontaudit $1 pingd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ dontaudit $1 pingd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pingd_port',`
+ corenet_udp_send_pingd_port($1)
+ corenet_udp_receive_pingd_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pingd_port',`
+ corenet_dontaudit_udp_send_pingd_port($1)
+ corenet_dontaudit_udp_receive_pingd_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pingd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pingd_port',`
+ gen_require(`
+ type pingd_port_t;
+ ')
+
+ allow $1 pingd_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pingd_client_packets',`
+ gen_require(`
+ type pingd_client_packet_t;
+ ')
+
+ allow $1 pingd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pingd_client_packets',`
+ gen_require(`
+ type pingd_client_packet_t;
+ ')
+
+ dontaudit $1 pingd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pingd_client_packets',`
+ gen_require(`
+ type pingd_client_packet_t;
+ ')
+
+ allow $1 pingd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pingd_client_packets',`
+ gen_require(`
+ type pingd_client_packet_t;
+ ')
+
+ dontaudit $1 pingd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pingd_client_packets',`
+ corenet_send_pingd_client_packets($1)
+ corenet_receive_pingd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pingd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pingd_client_packets',`
+ corenet_dontaudit_send_pingd_client_packets($1)
+ corenet_dontaudit_receive_pingd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pingd_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pingd_client_packets',`
+ gen_require(`
+ type pingd_client_packet_t;
+ ')
+
+ allow $1 pingd_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pingd_server_packets',`
+ gen_require(`
+ type pingd_server_packet_t;
+ ')
+
+ allow $1 pingd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pingd_server_packets',`
+ gen_require(`
+ type pingd_server_packet_t;
+ ')
+
+ dontaudit $1 pingd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pingd_server_packets',`
+ gen_require(`
+ type pingd_server_packet_t;
+ ')
+
+ allow $1 pingd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pingd_server_packets',`
+ gen_require(`
+ type pingd_server_packet_t;
+ ')
+
+ dontaudit $1 pingd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pingd_server_packets',`
+ corenet_send_pingd_server_packets($1)
+ corenet_receive_pingd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pingd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pingd_server_packets',`
+ corenet_dontaudit_send_pingd_server_packets($1)
+ corenet_dontaudit_receive_pingd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pingd_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pingd_server_packets',`
+ gen_require(`
+ type pingd_server_packet_t;
+ ')
+
+ allow $1 pingd_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ dontaudit $1 pktcable_cops_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ dontaudit $1 pktcable_cops_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pktcable_cops_port',`
+ corenet_udp_send_pktcable_cops_port($1)
+ corenet_udp_receive_pktcable_cops_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pktcable_cops_port',`
+ corenet_dontaudit_udp_send_pktcable_cops_port($1)
+ corenet_dontaudit_udp_receive_pktcable_cops_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pktcable_cops port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pktcable_cops_port',`
+ gen_require(`
+ type pktcable_cops_port_t;
+ ')
+
+ allow $1 pktcable_cops_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pktcable_cops_client_packets',`
+ gen_require(`
+ type pktcable_cops_client_packet_t;
+ ')
+
+ allow $1 pktcable_cops_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pktcable_cops_client_packets',`
+ gen_require(`
+ type pktcable_cops_client_packet_t;
+ ')
+
+ dontaudit $1 pktcable_cops_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pktcable_cops_client_packets',`
+ gen_require(`
+ type pktcable_cops_client_packet_t;
+ ')
+
+ allow $1 pktcable_cops_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pktcable_cops_client_packets',`
+ gen_require(`
+ type pktcable_cops_client_packet_t;
+ ')
+
+ dontaudit $1 pktcable_cops_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pktcable_cops_client_packets',`
+ corenet_send_pktcable_cops_client_packets($1)
+ corenet_receive_pktcable_cops_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pktcable_cops_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pktcable_cops_client_packets',`
+ corenet_dontaudit_send_pktcable_cops_client_packets($1)
+ corenet_dontaudit_receive_pktcable_cops_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pktcable_cops_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pktcable_cops_client_packets',`
+ gen_require(`
+ type pktcable_cops_client_packet_t;
+ ')
+
+ allow $1 pktcable_cops_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pktcable_cops_server_packets',`
+ gen_require(`
+ type pktcable_cops_server_packet_t;
+ ')
+
+ allow $1 pktcable_cops_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pktcable_cops_server_packets',`
+ gen_require(`
+ type pktcable_cops_server_packet_t;
+ ')
+
+ dontaudit $1 pktcable_cops_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pktcable_cops_server_packets',`
+ gen_require(`
+ type pktcable_cops_server_packet_t;
+ ')
+
+ allow $1 pktcable_cops_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pktcable_cops_server_packets',`
+ gen_require(`
+ type pktcable_cops_server_packet_t;
+ ')
+
+ dontaudit $1 pktcable_cops_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pktcable_cops_server_packets',`
+ corenet_send_pktcable_cops_server_packets($1)
+ corenet_receive_pktcable_cops_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pktcable_cops_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pktcable_cops_server_packets',`
+ corenet_dontaudit_send_pktcable_cops_server_packets($1)
+ corenet_dontaudit_receive_pktcable_cops_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pktcable_cops_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pktcable_cops_server_packets',`
+ gen_require(`
+ type pktcable_cops_server_packet_t;
+ ')
+
+ allow $1 pktcable_cops_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ dontaudit $1 pop_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ dontaudit $1 pop_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pop_port',`
+ corenet_udp_send_pop_port($1)
+ corenet_udp_receive_pop_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pop_port',`
+ corenet_dontaudit_udp_send_pop_port($1)
+ corenet_dontaudit_udp_receive_pop_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pop port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pop_port',`
+ gen_require(`
+ type pop_port_t;
+ ')
+
+ allow $1 pop_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pop_client_packets',`
+ gen_require(`
+ type pop_client_packet_t;
+ ')
+
+ allow $1 pop_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pop_client_packets',`
+ gen_require(`
+ type pop_client_packet_t;
+ ')
+
+ dontaudit $1 pop_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pop_client_packets',`
+ gen_require(`
+ type pop_client_packet_t;
+ ')
+
+ allow $1 pop_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pop_client_packets',`
+ gen_require(`
+ type pop_client_packet_t;
+ ')
+
+ dontaudit $1 pop_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pop_client_packets',`
+ corenet_send_pop_client_packets($1)
+ corenet_receive_pop_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pop_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pop_client_packets',`
+ corenet_dontaudit_send_pop_client_packets($1)
+ corenet_dontaudit_receive_pop_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pop_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pop_client_packets',`
+ gen_require(`
+ type pop_client_packet_t;
+ ')
+
+ allow $1 pop_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pop_server_packets',`
+ gen_require(`
+ type pop_server_packet_t;
+ ')
+
+ allow $1 pop_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pop_server_packets',`
+ gen_require(`
+ type pop_server_packet_t;
+ ')
+
+ dontaudit $1 pop_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pop_server_packets',`
+ gen_require(`
+ type pop_server_packet_t;
+ ')
+
+ allow $1 pop_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pop_server_packets',`
+ gen_require(`
+ type pop_server_packet_t;
+ ')
+
+ dontaudit $1 pop_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pop_server_packets',`
+ corenet_send_pop_server_packets($1)
+ corenet_receive_pop_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pop_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pop_server_packets',`
+ corenet_dontaudit_send_pop_server_packets($1)
+ corenet_dontaudit_receive_pop_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pop_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pop_server_packets',`
+ gen_require(`
+ type pop_server_packet_t;
+ ')
+
+ allow $1 pop_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ dontaudit $1 portmap_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ dontaudit $1 portmap_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_portmap_port',`
+ corenet_udp_send_portmap_port($1)
+ corenet_udp_receive_portmap_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_portmap_port',`
+ corenet_dontaudit_udp_send_portmap_port($1)
+ corenet_dontaudit_udp_receive_portmap_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the portmap port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_portmap_port',`
+ gen_require(`
+ type portmap_port_t;
+ ')
+
+ allow $1 portmap_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_portmap_client_packets',`
+ gen_require(`
+ type portmap_client_packet_t;
+ ')
+
+ allow $1 portmap_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_portmap_client_packets',`
+ gen_require(`
+ type portmap_client_packet_t;
+ ')
+
+ dontaudit $1 portmap_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_portmap_client_packets',`
+ gen_require(`
+ type portmap_client_packet_t;
+ ')
+
+ allow $1 portmap_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_portmap_client_packets',`
+ gen_require(`
+ type portmap_client_packet_t;
+ ')
+
+ dontaudit $1 portmap_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_portmap_client_packets',`
+ corenet_send_portmap_client_packets($1)
+ corenet_receive_portmap_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive portmap_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_portmap_client_packets',`
+ corenet_dontaudit_send_portmap_client_packets($1)
+ corenet_dontaudit_receive_portmap_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to portmap_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_portmap_client_packets',`
+ gen_require(`
+ type portmap_client_packet_t;
+ ')
+
+ allow $1 portmap_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_portmap_server_packets',`
+ gen_require(`
+ type portmap_server_packet_t;
+ ')
+
+ allow $1 portmap_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_portmap_server_packets',`
+ gen_require(`
+ type portmap_server_packet_t;
+ ')
+
+ dontaudit $1 portmap_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_portmap_server_packets',`
+ gen_require(`
+ type portmap_server_packet_t;
+ ')
+
+ allow $1 portmap_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_portmap_server_packets',`
+ gen_require(`
+ type portmap_server_packet_t;
+ ')
+
+ dontaudit $1 portmap_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_portmap_server_packets',`
+ corenet_send_portmap_server_packets($1)
+ corenet_receive_portmap_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive portmap_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_portmap_server_packets',`
+ corenet_dontaudit_send_portmap_server_packets($1)
+ corenet_dontaudit_receive_portmap_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to portmap_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_portmap_server_packets',`
+ gen_require(`
+ type portmap_server_packet_t;
+ ')
+
+ allow $1 portmap_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ dontaudit $1 postfix_policyd_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ dontaudit $1 postfix_policyd_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_postfix_policyd_port',`
+ corenet_udp_send_postfix_policyd_port($1)
+ corenet_udp_receive_postfix_policyd_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_postfix_policyd_port',`
+ corenet_dontaudit_udp_send_postfix_policyd_port($1)
+ corenet_dontaudit_udp_receive_postfix_policyd_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the postfix_policyd port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_postfix_policyd_port',`
+ gen_require(`
+ type postfix_policyd_port_t;
+ ')
+
+ allow $1 postfix_policyd_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postfix_policyd_client_packets',`
+ gen_require(`
+ type postfix_policyd_client_packet_t;
+ ')
+
+ allow $1 postfix_policyd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postfix_policyd_client_packets',`
+ gen_require(`
+ type postfix_policyd_client_packet_t;
+ ')
+
+ dontaudit $1 postfix_policyd_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postfix_policyd_client_packets',`
+ gen_require(`
+ type postfix_policyd_client_packet_t;
+ ')
+
+ allow $1 postfix_policyd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postfix_policyd_client_packets',`
+ gen_require(`
+ type postfix_policyd_client_packet_t;
+ ')
+
+ dontaudit $1 postfix_policyd_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postfix_policyd_client_packets',`
+ corenet_send_postfix_policyd_client_packets($1)
+ corenet_receive_postfix_policyd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postfix_policyd_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postfix_policyd_client_packets',`
+ corenet_dontaudit_send_postfix_policyd_client_packets($1)
+ corenet_dontaudit_receive_postfix_policyd_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postfix_policyd_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postfix_policyd_client_packets',`
+ gen_require(`
+ type postfix_policyd_client_packet_t;
+ ')
+
+ allow $1 postfix_policyd_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postfix_policyd_server_packets',`
+ gen_require(`
+ type postfix_policyd_server_packet_t;
+ ')
+
+ allow $1 postfix_policyd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postfix_policyd_server_packets',`
+ gen_require(`
+ type postfix_policyd_server_packet_t;
+ ')
+
+ dontaudit $1 postfix_policyd_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postfix_policyd_server_packets',`
+ gen_require(`
+ type postfix_policyd_server_packet_t;
+ ')
+
+ allow $1 postfix_policyd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postfix_policyd_server_packets',`
+ gen_require(`
+ type postfix_policyd_server_packet_t;
+ ')
+
+ dontaudit $1 postfix_policyd_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postfix_policyd_server_packets',`
+ corenet_send_postfix_policyd_server_packets($1)
+ corenet_receive_postfix_policyd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postfix_policyd_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postfix_policyd_server_packets',`
+ corenet_dontaudit_send_postfix_policyd_server_packets($1)
+ corenet_dontaudit_receive_postfix_policyd_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postfix_policyd_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postfix_policyd_server_packets',`
+ gen_require(`
+ type postfix_policyd_server_packet_t;
+ ')
+
+ allow $1 postfix_policyd_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ dontaudit $1 postgresql_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ dontaudit $1 postgresql_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_postgresql_port',`
+ corenet_udp_send_postgresql_port($1)
+ corenet_udp_receive_postgresql_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_postgresql_port',`
+ corenet_dontaudit_udp_send_postgresql_port($1)
+ corenet_dontaudit_udp_receive_postgresql_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the postgresql port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_postgresql_port',`
+ gen_require(`
+ type postgresql_port_t;
+ ')
+
+ allow $1 postgresql_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postgresql_client_packets',`
+ gen_require(`
+ type postgresql_client_packet_t;
+ ')
+
+ allow $1 postgresql_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postgresql_client_packets',`
+ gen_require(`
+ type postgresql_client_packet_t;
+ ')
+
+ dontaudit $1 postgresql_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postgresql_client_packets',`
+ gen_require(`
+ type postgresql_client_packet_t;
+ ')
+
+ allow $1 postgresql_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postgresql_client_packets',`
+ gen_require(`
+ type postgresql_client_packet_t;
+ ')
+
+ dontaudit $1 postgresql_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postgresql_client_packets',`
+ corenet_send_postgresql_client_packets($1)
+ corenet_receive_postgresql_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postgresql_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postgresql_client_packets',`
+ corenet_dontaudit_send_postgresql_client_packets($1)
+ corenet_dontaudit_receive_postgresql_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postgresql_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postgresql_client_packets',`
+ gen_require(`
+ type postgresql_client_packet_t;
+ ')
+
+ allow $1 postgresql_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postgresql_server_packets',`
+ gen_require(`
+ type postgresql_server_packet_t;
+ ')
+
+ allow $1 postgresql_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postgresql_server_packets',`
+ gen_require(`
+ type postgresql_server_packet_t;
+ ')
+
+ dontaudit $1 postgresql_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postgresql_server_packets',`
+ gen_require(`
+ type postgresql_server_packet_t;
+ ')
+
+ allow $1 postgresql_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postgresql_server_packets',`
+ gen_require(`
+ type postgresql_server_packet_t;
+ ')
+
+ dontaudit $1 postgresql_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postgresql_server_packets',`
+ corenet_send_postgresql_server_packets($1)
+ corenet_receive_postgresql_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postgresql_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postgresql_server_packets',`
+ corenet_dontaudit_send_postgresql_server_packets($1)
+ corenet_dontaudit_receive_postgresql_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postgresql_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postgresql_server_packets',`
+ gen_require(`
+ type postgresql_server_packet_t;
+ ')
+
+ allow $1 postgresql_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ dontaudit $1 postgrey_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ dontaudit $1 postgrey_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_postgrey_port',`
+ corenet_udp_send_postgrey_port($1)
+ corenet_udp_receive_postgrey_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_postgrey_port',`
+ corenet_dontaudit_udp_send_postgrey_port($1)
+ corenet_dontaudit_udp_receive_postgrey_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the postgrey port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_postgrey_port',`
+ gen_require(`
+ type postgrey_port_t;
+ ')
+
+ allow $1 postgrey_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postgrey_client_packets',`
+ gen_require(`
+ type postgrey_client_packet_t;
+ ')
+
+ allow $1 postgrey_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postgrey_client_packets',`
+ gen_require(`
+ type postgrey_client_packet_t;
+ ')
+
+ dontaudit $1 postgrey_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postgrey_client_packets',`
+ gen_require(`
+ type postgrey_client_packet_t;
+ ')
+
+ allow $1 postgrey_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postgrey_client_packets',`
+ gen_require(`
+ type postgrey_client_packet_t;
+ ')
+
+ dontaudit $1 postgrey_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postgrey_client_packets',`
+ corenet_send_postgrey_client_packets($1)
+ corenet_receive_postgrey_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postgrey_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postgrey_client_packets',`
+ corenet_dontaudit_send_postgrey_client_packets($1)
+ corenet_dontaudit_receive_postgrey_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postgrey_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postgrey_client_packets',`
+ gen_require(`
+ type postgrey_client_packet_t;
+ ')
+
+ allow $1 postgrey_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_postgrey_server_packets',`
+ gen_require(`
+ type postgrey_server_packet_t;
+ ')
+
+ allow $1 postgrey_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_postgrey_server_packets',`
+ gen_require(`
+ type postgrey_server_packet_t;
+ ')
+
+ dontaudit $1 postgrey_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_postgrey_server_packets',`
+ gen_require(`
+ type postgrey_server_packet_t;
+ ')
+
+ allow $1 postgrey_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_postgrey_server_packets',`
+ gen_require(`
+ type postgrey_server_packet_t;
+ ')
+
+ dontaudit $1 postgrey_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_postgrey_server_packets',`
+ corenet_send_postgrey_server_packets($1)
+ corenet_receive_postgrey_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive postgrey_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_postgrey_server_packets',`
+ corenet_dontaudit_send_postgrey_server_packets($1)
+ corenet_dontaudit_receive_postgrey_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to postgrey_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_postgrey_server_packets',`
+ gen_require(`
+ type postgrey_server_packet_t;
+ ')
+
+ allow $1 postgrey_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ dontaudit $1 pptp_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ dontaudit $1 pptp_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pptp_port',`
+ corenet_udp_send_pptp_port($1)
+ corenet_udp_receive_pptp_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pptp_port',`
+ corenet_dontaudit_udp_send_pptp_port($1)
+ corenet_dontaudit_udp_receive_pptp_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pptp port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pptp_port',`
+ gen_require(`
+ type pptp_port_t;
+ ')
+
+ allow $1 pptp_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ dontaudit $1 pptp_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ dontaudit $1 pptp_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pptp_client_packets',`
+ corenet_send_pptp_client_packets($1)
+ corenet_receive_pptp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pptp_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pptp_client_packets',`
+ corenet_dontaudit_send_pptp_client_packets($1)
+ corenet_dontaudit_receive_pptp_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pptp_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pptp_client_packets',`
+ gen_require(`
+ type pptp_client_packet_t;
+ ')
+
+ allow $1 pptp_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ dontaudit $1 pptp_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ dontaudit $1 pptp_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pptp_server_packets',`
+ corenet_send_pptp_server_packets($1)
+ corenet_receive_pptp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pptp_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pptp_server_packets',`
+ corenet_dontaudit_send_pptp_server_packets($1)
+ corenet_dontaudit_receive_pptp_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pptp_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pptp_server_packets',`
+ gen_require(`
+ type pptp_server_packet_t;
+ ')
+
+ allow $1 pptp_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ dontaudit $1 prelude_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ dontaudit $1 prelude_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_prelude_port',`
+ corenet_udp_send_prelude_port($1)
+ corenet_udp_receive_prelude_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_prelude_port',`
+ corenet_dontaudit_udp_send_prelude_port($1)
+ corenet_dontaudit_udp_receive_prelude_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the prelude port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_prelude_port',`
+ gen_require(`
+ type prelude_port_t;
+ ')
+
+ allow $1 prelude_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ dontaudit $1 prelude_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ dontaudit $1 prelude_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_prelude_client_packets',`
+ corenet_send_prelude_client_packets($1)
+ corenet_receive_prelude_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive prelude_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_prelude_client_packets',`
+ corenet_dontaudit_send_prelude_client_packets($1)
+ corenet_dontaudit_receive_prelude_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to prelude_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_prelude_client_packets',`
+ gen_require(`
+ type prelude_client_packet_t;
+ ')
+
+ allow $1 prelude_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ dontaudit $1 prelude_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ dontaudit $1 prelude_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_prelude_server_packets',`
+ corenet_send_prelude_server_packets($1)
+ corenet_receive_prelude_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive prelude_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_prelude_server_packets',`
+ corenet_dontaudit_send_prelude_server_packets($1)
+ corenet_dontaudit_receive_prelude_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to prelude_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_prelude_server_packets',`
+ gen_require(`
+ type prelude_server_packet_t;
+ ')
+
+ allow $1 prelude_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ dontaudit $1 presence_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ dontaudit $1 presence_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_presence_port',`
+ corenet_udp_send_presence_port($1)
+ corenet_udp_receive_presence_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_presence_port',`
+ corenet_dontaudit_udp_send_presence_port($1)
+ corenet_dontaudit_udp_receive_presence_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the presence port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_presence_port',`
+ gen_require(`
+ type presence_port_t;
+ ')
+
+ allow $1 presence_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ dontaudit $1 presence_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ dontaudit $1 presence_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_presence_client_packets',`
+ corenet_send_presence_client_packets($1)
+ corenet_receive_presence_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive presence_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_presence_client_packets',`
+ corenet_dontaudit_send_presence_client_packets($1)
+ corenet_dontaudit_receive_presence_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to presence_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_presence_client_packets',`
+ gen_require(`
+ type presence_client_packet_t;
+ ')
+
+ allow $1 presence_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ dontaudit $1 presence_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ dontaudit $1 presence_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_presence_server_packets',`
+ corenet_send_presence_server_packets($1)
+ corenet_receive_presence_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive presence_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_presence_server_packets',`
+ corenet_dontaudit_send_presence_server_packets($1)
+ corenet_dontaudit_receive_presence_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to presence_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_presence_server_packets',`
+ gen_require(`
+ type presence_server_packet_t;
+ ')
+
+ allow $1 presence_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ dontaudit $1 printer_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ dontaudit $1 printer_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_printer_port',`
+ corenet_udp_send_printer_port($1)
+ corenet_udp_receive_printer_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_printer_port',`
+ corenet_dontaudit_udp_send_printer_port($1)
+ corenet_dontaudit_udp_receive_printer_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the printer port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_printer_port',`
+ gen_require(`
+ type printer_port_t;
+ ')
+
+ allow $1 printer_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ dontaudit $1 printer_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ dontaudit $1 printer_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_printer_client_packets',`
+ corenet_send_printer_client_packets($1)
+ corenet_receive_printer_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive printer_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_printer_client_packets',`
+ corenet_dontaudit_send_printer_client_packets($1)
+ corenet_dontaudit_receive_printer_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to printer_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_printer_client_packets',`
+ gen_require(`
+ type printer_client_packet_t;
+ ')
+
+ allow $1 printer_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ dontaudit $1 printer_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ dontaudit $1 printer_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_printer_server_packets',`
+ corenet_send_printer_server_packets($1)
+ corenet_receive_printer_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive printer_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_printer_server_packets',`
+ corenet_dontaudit_send_printer_server_packets($1)
+ corenet_dontaudit_receive_printer_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to printer_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_printer_server_packets',`
+ gen_require(`
+ type printer_server_packet_t;
+ ')
+
+ allow $1 printer_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ dontaudit $1 ptal_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ dontaudit $1 ptal_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ptal_port',`
+ corenet_udp_send_ptal_port($1)
+ corenet_udp_receive_ptal_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ptal_port',`
+ corenet_dontaudit_udp_send_ptal_port($1)
+ corenet_dontaudit_udp_receive_ptal_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ptal port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ptal_port',`
+ gen_require(`
+ type ptal_port_t;
+ ')
+
+ allow $1 ptal_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ dontaudit $1 ptal_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ dontaudit $1 ptal_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ptal_client_packets',`
+ corenet_send_ptal_client_packets($1)
+ corenet_receive_ptal_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ptal_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ptal_client_packets',`
+ corenet_dontaudit_send_ptal_client_packets($1)
+ corenet_dontaudit_receive_ptal_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ptal_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ptal_client_packets',`
+ gen_require(`
+ type ptal_client_packet_t;
+ ')
+
+ allow $1 ptal_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ dontaudit $1 ptal_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ dontaudit $1 ptal_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ptal_server_packets',`
+ corenet_send_ptal_server_packets($1)
+ corenet_receive_ptal_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ptal_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ptal_server_packets',`
+ corenet_dontaudit_send_ptal_server_packets($1)
+ corenet_dontaudit_receive_ptal_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ptal_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ptal_server_packets',`
+ gen_require(`
+ type ptal_server_packet_t;
+ ')
+
+ allow $1 ptal_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ dontaudit $1 pulseaudio_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ dontaudit $1 pulseaudio_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pulseaudio_port',`
+ corenet_udp_send_pulseaudio_port($1)
+ corenet_udp_receive_pulseaudio_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pulseaudio_port',`
+ corenet_dontaudit_udp_send_pulseaudio_port($1)
+ corenet_dontaudit_udp_receive_pulseaudio_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pulseaudio port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pulseaudio_port',`
+ gen_require(`
+ type pulseaudio_port_t;
+ ')
+
+ allow $1 pulseaudio_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pulseaudio_client_packets',`
+ gen_require(`
+ type pulseaudio_client_packet_t;
+ ')
+
+ allow $1 pulseaudio_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pulseaudio_client_packets',`
+ gen_require(`
+ type pulseaudio_client_packet_t;
+ ')
+
+ dontaudit $1 pulseaudio_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pulseaudio_client_packets',`
+ gen_require(`
+ type pulseaudio_client_packet_t;
+ ')
+
+ allow $1 pulseaudio_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pulseaudio_client_packets',`
+ gen_require(`
+ type pulseaudio_client_packet_t;
+ ')
+
+ dontaudit $1 pulseaudio_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pulseaudio_client_packets',`
+ corenet_send_pulseaudio_client_packets($1)
+ corenet_receive_pulseaudio_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pulseaudio_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pulseaudio_client_packets',`
+ corenet_dontaudit_send_pulseaudio_client_packets($1)
+ corenet_dontaudit_receive_pulseaudio_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pulseaudio_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pulseaudio_client_packets',`
+ gen_require(`
+ type pulseaudio_client_packet_t;
+ ')
+
+ allow $1 pulseaudio_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pulseaudio_server_packets',`
+ gen_require(`
+ type pulseaudio_server_packet_t;
+ ')
+
+ allow $1 pulseaudio_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pulseaudio_server_packets',`
+ gen_require(`
+ type pulseaudio_server_packet_t;
+ ')
+
+ dontaudit $1 pulseaudio_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pulseaudio_server_packets',`
+ gen_require(`
+ type pulseaudio_server_packet_t;
+ ')
+
+ allow $1 pulseaudio_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pulseaudio_server_packets',`
+ gen_require(`
+ type pulseaudio_server_packet_t;
+ ')
+
+ dontaudit $1 pulseaudio_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pulseaudio_server_packets',`
+ corenet_send_pulseaudio_server_packets($1)
+ corenet_receive_pulseaudio_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pulseaudio_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pulseaudio_server_packets',`
+ corenet_dontaudit_send_pulseaudio_server_packets($1)
+ corenet_dontaudit_receive_pulseaudio_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pulseaudio_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pulseaudio_server_packets',`
+ gen_require(`
+ type pulseaudio_server_packet_t;
+ ')
+
+ allow $1 pulseaudio_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ dontaudit $1 puppet_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ dontaudit $1 puppet_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_puppet_port',`
+ corenet_udp_send_puppet_port($1)
+ corenet_udp_receive_puppet_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_puppet_port',`
+ corenet_dontaudit_udp_send_puppet_port($1)
+ corenet_dontaudit_udp_receive_puppet_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the puppet port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_puppet_port',`
+ gen_require(`
+ type puppet_port_t;
+ ')
+
+ allow $1 puppet_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_puppet_client_packets',`
+ gen_require(`
+ type puppet_client_packet_t;
+ ')
+
+ allow $1 puppet_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_puppet_client_packets',`
+ gen_require(`
+ type puppet_client_packet_t;
+ ')
+
+ dontaudit $1 puppet_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_puppet_client_packets',`
+ gen_require(`
+ type puppet_client_packet_t;
+ ')
+
+ allow $1 puppet_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_puppet_client_packets',`
+ gen_require(`
+ type puppet_client_packet_t;
+ ')
+
+ dontaudit $1 puppet_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_puppet_client_packets',`
+ corenet_send_puppet_client_packets($1)
+ corenet_receive_puppet_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive puppet_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
+ corenet_dontaudit_send_puppet_client_packets($1)
+ corenet_dontaudit_receive_puppet_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to puppet_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_puppet_client_packets',`
+ gen_require(`
+ type puppet_client_packet_t;
+ ')
+
+ allow $1 puppet_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_puppet_server_packets',`
+ gen_require(`
+ type puppet_server_packet_t;
+ ')
+
+ allow $1 puppet_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_puppet_server_packets',`
+ gen_require(`
+ type puppet_server_packet_t;
+ ')
+
+ dontaudit $1 puppet_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_puppet_server_packets',`
+ gen_require(`
+ type puppet_server_packet_t;
+ ')
+
+ allow $1 puppet_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_puppet_server_packets',`
+ gen_require(`
+ type puppet_server_packet_t;
+ ')
+
+ dontaudit $1 puppet_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_puppet_server_packets',`
+ corenet_send_puppet_server_packets($1)
+ corenet_receive_puppet_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive puppet_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
+ corenet_dontaudit_send_puppet_server_packets($1)
+ corenet_dontaudit_receive_puppet_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to puppet_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_puppet_server_packets',`
+ gen_require(`
+ type puppet_server_packet_t;
+ ')
+
+ allow $1 puppet_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ dontaudit $1 puppetclient_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ dontaudit $1 puppetclient_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_puppetclient_port',`
+ corenet_udp_send_puppetclient_port($1)
+ corenet_udp_receive_puppetclient_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_puppetclient_port',`
+ corenet_dontaudit_udp_send_puppetclient_port($1)
+ corenet_dontaudit_udp_receive_puppetclient_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the puppetclient port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_puppetclient_port',`
+ gen_require(`
+ type puppetclient_port_t;
+ ')
+
+ allow $1 puppetclient_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_puppetclient_client_packets',`
+ gen_require(`
+ type puppetclient_client_packet_t;
+ ')
+
+ allow $1 puppetclient_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_puppetclient_client_packets',`
+ gen_require(`
+ type puppetclient_client_packet_t;
+ ')
+
+ dontaudit $1 puppetclient_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_puppetclient_client_packets',`
+ gen_require(`
+ type puppetclient_client_packet_t;
+ ')
+
+ allow $1 puppetclient_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_puppetclient_client_packets',`
+ gen_require(`
+ type puppetclient_client_packet_t;
+ ')
+
+ dontaudit $1 puppetclient_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_puppetclient_client_packets',`
+ corenet_send_puppetclient_client_packets($1)
+ corenet_receive_puppetclient_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive puppetclient_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_puppetclient_client_packets',`
+ corenet_dontaudit_send_puppetclient_client_packets($1)
+ corenet_dontaudit_receive_puppetclient_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to puppetclient_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_puppetclient_client_packets',`
+ gen_require(`
+ type puppetclient_client_packet_t;
+ ')
+
+ allow $1 puppetclient_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_puppetclient_server_packets',`
+ gen_require(`
+ type puppetclient_server_packet_t;
+ ')
+
+ allow $1 puppetclient_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_puppetclient_server_packets',`
+ gen_require(`
+ type puppetclient_server_packet_t;
+ ')
+
+ dontaudit $1 puppetclient_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_puppetclient_server_packets',`
+ gen_require(`
+ type puppetclient_server_packet_t;
+ ')
+
+ allow $1 puppetclient_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_puppetclient_server_packets',`
+ gen_require(`
+ type puppetclient_server_packet_t;
+ ')
+
+ dontaudit $1 puppetclient_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_puppetclient_server_packets',`
+ corenet_send_puppetclient_server_packets($1)
+ corenet_receive_puppetclient_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive puppetclient_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_puppetclient_server_packets',`
+ corenet_dontaudit_send_puppetclient_server_packets($1)
+ corenet_dontaudit_receive_puppetclient_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to puppetclient_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_puppetclient_server_packets',`
+ gen_require(`
+ type puppetclient_server_packet_t;
+ ')
+
+ allow $1 puppetclient_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ dontaudit $1 pxe_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ dontaudit $1 pxe_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pxe_port',`
+ corenet_udp_send_pxe_port($1)
+ corenet_udp_receive_pxe_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
+ corenet_dontaudit_udp_send_pxe_port($1)
+ corenet_dontaudit_udp_receive_pxe_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pxe port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pxe_port',`
+ gen_require(`
+ type pxe_port_t;
+ ')
+
+ allow $1 pxe_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pxe_client_packets',`
+ gen_require(`
+ type pxe_client_packet_t;
+ ')
+
+ allow $1 pxe_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pxe_client_packets',`
+ gen_require(`
+ type pxe_client_packet_t;
+ ')
+
+ dontaudit $1 pxe_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pxe_client_packets',`
+ gen_require(`
+ type pxe_client_packet_t;
+ ')
+
+ allow $1 pxe_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pxe_client_packets',`
+ gen_require(`
+ type pxe_client_packet_t;
+ ')
+
+ dontaudit $1 pxe_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pxe_client_packets',`
+ corenet_send_pxe_client_packets($1)
+ corenet_receive_pxe_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pxe_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
+ corenet_dontaudit_send_pxe_client_packets($1)
+ corenet_dontaudit_receive_pxe_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pxe_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pxe_client_packets',`
+ gen_require(`
+ type pxe_client_packet_t;
+ ')
+
+ allow $1 pxe_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pxe_server_packets',`
+ gen_require(`
+ type pxe_server_packet_t;
+ ')
+
+ allow $1 pxe_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pxe_server_packets',`
+ gen_require(`
+ type pxe_server_packet_t;
+ ')
+
+ dontaudit $1 pxe_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pxe_server_packets',`
+ gen_require(`
+ type pxe_server_packet_t;
+ ')
+
+ allow $1 pxe_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pxe_server_packets',`
+ gen_require(`
+ type pxe_server_packet_t;
+ ')
+
+ dontaudit $1 pxe_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pxe_server_packets',`
+ corenet_send_pxe_server_packets($1)
+ corenet_receive_pxe_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pxe_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
+ corenet_dontaudit_send_pxe_server_packets($1)
+ corenet_dontaudit_receive_pxe_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pxe_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pxe_server_packets',`
+ gen_require(`
+ type pxe_server_packet_t;
+ ')
+
+ allow $1 pxe_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ dontaudit $1 pyzor_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ dontaudit $1 pyzor_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_pyzor_port',`
+ corenet_udp_send_pyzor_port($1)
+ corenet_udp_receive_pyzor_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
+ corenet_dontaudit_udp_send_pyzor_port($1)
+ corenet_dontaudit_udp_receive_pyzor_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the pyzor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_pyzor_port',`
+ gen_require(`
+ type pyzor_port_t;
+ ')
+
+ allow $1 pyzor_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pyzor_client_packets',`
+ gen_require(`
+ type pyzor_client_packet_t;
+ ')
+
+ allow $1 pyzor_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pyzor_client_packets',`
+ gen_require(`
+ type pyzor_client_packet_t;
+ ')
+
+ dontaudit $1 pyzor_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pyzor_client_packets',`
+ gen_require(`
+ type pyzor_client_packet_t;
+ ')
+
+ allow $1 pyzor_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pyzor_client_packets',`
+ gen_require(`
+ type pyzor_client_packet_t;
+ ')
+
+ dontaudit $1 pyzor_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pyzor_client_packets',`
+ corenet_send_pyzor_client_packets($1)
+ corenet_receive_pyzor_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pyzor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
+ corenet_dontaudit_send_pyzor_client_packets($1)
+ corenet_dontaudit_receive_pyzor_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pyzor_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pyzor_client_packets',`
+ gen_require(`
+ type pyzor_client_packet_t;
+ ')
+
+ allow $1 pyzor_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_pyzor_server_packets',`
+ gen_require(`
+ type pyzor_server_packet_t;
+ ')
+
+ allow $1 pyzor_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_pyzor_server_packets',`
+ gen_require(`
+ type pyzor_server_packet_t;
+ ')
+
+ dontaudit $1 pyzor_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_pyzor_server_packets',`
+ gen_require(`
+ type pyzor_server_packet_t;
+ ')
+
+ allow $1 pyzor_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_pyzor_server_packets',`
+ gen_require(`
+ type pyzor_server_packet_t;
+ ')
+
+ dontaudit $1 pyzor_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_pyzor_server_packets',`
+ corenet_send_pyzor_server_packets($1)
+ corenet_receive_pyzor_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive pyzor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
+ corenet_dontaudit_send_pyzor_server_packets($1)
+ corenet_dontaudit_receive_pyzor_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to pyzor_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_pyzor_server_packets',`
+ gen_require(`
+ type pyzor_server_packet_t;
+ ')
+
+ allow $1 pyzor_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ dontaudit $1 radacct_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ dontaudit $1 radacct_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_radacct_port',`
+ corenet_udp_send_radacct_port($1)
+ corenet_udp_receive_radacct_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
+ corenet_dontaudit_udp_send_radacct_port($1)
+ corenet_dontaudit_udp_receive_radacct_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the radacct port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_radacct_port',`
+ gen_require(`
+ type radacct_port_t;
+ ')
+
+ allow $1 radacct_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radacct_client_packets',`
+ gen_require(`
+ type radacct_client_packet_t;
+ ')
+
+ allow $1 radacct_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radacct_client_packets',`
+ gen_require(`
+ type radacct_client_packet_t;
+ ')
+
+ dontaudit $1 radacct_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radacct_client_packets',`
+ gen_require(`
+ type radacct_client_packet_t;
+ ')
+
+ allow $1 radacct_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radacct_client_packets',`
+ gen_require(`
+ type radacct_client_packet_t;
+ ')
+
+ dontaudit $1 radacct_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radacct_client_packets',`
+ corenet_send_radacct_client_packets($1)
+ corenet_receive_radacct_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radacct_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
+ corenet_dontaudit_send_radacct_client_packets($1)
+ corenet_dontaudit_receive_radacct_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radacct_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radacct_client_packets',`
+ gen_require(`
+ type radacct_client_packet_t;
+ ')
+
+ allow $1 radacct_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radacct_server_packets',`
+ gen_require(`
+ type radacct_server_packet_t;
+ ')
+
+ allow $1 radacct_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radacct_server_packets',`
+ gen_require(`
+ type radacct_server_packet_t;
+ ')
+
+ dontaudit $1 radacct_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radacct_server_packets',`
+ gen_require(`
+ type radacct_server_packet_t;
+ ')
+
+ allow $1 radacct_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radacct_server_packets',`
+ gen_require(`
+ type radacct_server_packet_t;
+ ')
+
+ dontaudit $1 radacct_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radacct_server_packets',`
+ corenet_send_radacct_server_packets($1)
+ corenet_receive_radacct_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radacct_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
+ corenet_dontaudit_send_radacct_server_packets($1)
+ corenet_dontaudit_receive_radacct_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radacct_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radacct_server_packets',`
+ gen_require(`
+ type radacct_server_packet_t;
+ ')
+
+ allow $1 radacct_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ dontaudit $1 radius_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ dontaudit $1 radius_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_radius_port',`
+ corenet_udp_send_radius_port($1)
+ corenet_udp_receive_radius_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
+ corenet_dontaudit_udp_send_radius_port($1)
+ corenet_dontaudit_udp_receive_radius_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the radius port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_radius_port',`
+ gen_require(`
+ type radius_port_t;
+ ')
+
+ allow $1 radius_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radius_client_packets',`
+ gen_require(`
+ type radius_client_packet_t;
+ ')
+
+ allow $1 radius_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radius_client_packets',`
+ gen_require(`
+ type radius_client_packet_t;
+ ')
+
+ dontaudit $1 radius_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radius_client_packets',`
+ gen_require(`
+ type radius_client_packet_t;
+ ')
+
+ allow $1 radius_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radius_client_packets',`
+ gen_require(`
+ type radius_client_packet_t;
+ ')
+
+ dontaudit $1 radius_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radius_client_packets',`
+ corenet_send_radius_client_packets($1)
+ corenet_receive_radius_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radius_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
+ corenet_dontaudit_send_radius_client_packets($1)
+ corenet_dontaudit_receive_radius_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radius_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radius_client_packets',`
+ gen_require(`
+ type radius_client_packet_t;
+ ')
+
+ allow $1 radius_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radius_server_packets',`
+ gen_require(`
+ type radius_server_packet_t;
+ ')
+
+ allow $1 radius_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radius_server_packets',`
+ gen_require(`
+ type radius_server_packet_t;
+ ')
+
+ dontaudit $1 radius_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radius_server_packets',`
+ gen_require(`
+ type radius_server_packet_t;
+ ')
+
+ allow $1 radius_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radius_server_packets',`
+ gen_require(`
+ type radius_server_packet_t;
+ ')
+
+ dontaudit $1 radius_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radius_server_packets',`
+ corenet_send_radius_server_packets($1)
+ corenet_receive_radius_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radius_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
+ corenet_dontaudit_send_radius_server_packets($1)
+ corenet_dontaudit_receive_radius_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radius_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radius_server_packets',`
+ gen_require(`
+ type radius_server_packet_t;
+ ')
+
+ allow $1 radius_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ dontaudit $1 radsec_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ dontaudit $1 radsec_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_radsec_port',`
+ corenet_udp_send_radsec_port($1)
+ corenet_udp_receive_radsec_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
+ corenet_dontaudit_udp_send_radsec_port($1)
+ corenet_dontaudit_udp_receive_radsec_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the radsec port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_radsec_port',`
+ gen_require(`
+ type radsec_port_t;
+ ')
+
+ allow $1 radsec_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radsec_client_packets',`
+ gen_require(`
+ type radsec_client_packet_t;
+ ')
+
+ allow $1 radsec_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radsec_client_packets',`
+ gen_require(`
+ type radsec_client_packet_t;
+ ')
+
+ dontaudit $1 radsec_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radsec_client_packets',`
+ gen_require(`
+ type radsec_client_packet_t;
+ ')
+
+ allow $1 radsec_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radsec_client_packets',`
+ gen_require(`
+ type radsec_client_packet_t;
+ ')
+
+ dontaudit $1 radsec_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radsec_client_packets',`
+ corenet_send_radsec_client_packets($1)
+ corenet_receive_radsec_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radsec_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
+ corenet_dontaudit_send_radsec_client_packets($1)
+ corenet_dontaudit_receive_radsec_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radsec_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radsec_client_packets',`
+ gen_require(`
+ type radsec_client_packet_t;
+ ')
+
+ allow $1 radsec_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_radsec_server_packets',`
+ gen_require(`
+ type radsec_server_packet_t;
+ ')
+
+ allow $1 radsec_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_radsec_server_packets',`
+ gen_require(`
+ type radsec_server_packet_t;
+ ')
+
+ dontaudit $1 radsec_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_radsec_server_packets',`
+ gen_require(`
+ type radsec_server_packet_t;
+ ')
+
+ allow $1 radsec_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_radsec_server_packets',`
+ gen_require(`
+ type radsec_server_packet_t;
+ ')
+
+ dontaudit $1 radsec_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_radsec_server_packets',`
+ corenet_send_radsec_server_packets($1)
+ corenet_receive_radsec_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive radsec_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
+ corenet_dontaudit_send_radsec_server_packets($1)
+ corenet_dontaudit_receive_radsec_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to radsec_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_radsec_server_packets',`
+ gen_require(`
+ type radsec_server_packet_t;
+ ')
+
+ allow $1 radsec_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ dontaudit $1 razor_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ dontaudit $1 razor_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_razor_port',`
+ corenet_udp_send_razor_port($1)
+ corenet_udp_receive_razor_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
+ corenet_dontaudit_udp_send_razor_port($1)
+ corenet_dontaudit_udp_receive_razor_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the razor port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_razor_port',`
+ gen_require(`
+ type razor_port_t;
+ ')
+
+ allow $1 razor_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_razor_client_packets',`
+ gen_require(`
+ type razor_client_packet_t;
+ ')
+
+ allow $1 razor_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_razor_client_packets',`
+ gen_require(`
+ type razor_client_packet_t;
+ ')
+
+ dontaudit $1 razor_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_razor_client_packets',`
+ gen_require(`
+ type razor_client_packet_t;
+ ')
+
+ allow $1 razor_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_razor_client_packets',`
+ gen_require(`
+ type razor_client_packet_t;
+ ')
+
+ dontaudit $1 razor_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_razor_client_packets',`
+ corenet_send_razor_client_packets($1)
+ corenet_receive_razor_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive razor_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
+ corenet_dontaudit_send_razor_client_packets($1)
+ corenet_dontaudit_receive_razor_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to razor_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_razor_client_packets',`
+ gen_require(`
+ type razor_client_packet_t;
+ ')
+
+ allow $1 razor_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_razor_server_packets',`
+ gen_require(`
+ type razor_server_packet_t;
+ ')
+
+ allow $1 razor_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_razor_server_packets',`
+ gen_require(`
+ type razor_server_packet_t;
+ ')
+
+ dontaudit $1 razor_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_razor_server_packets',`
+ gen_require(`
+ type razor_server_packet_t;
+ ')
+
+ allow $1 razor_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_razor_server_packets',`
+ gen_require(`
+ type razor_server_packet_t;
+ ')
+
+ dontaudit $1 razor_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_razor_server_packets',`
+ corenet_send_razor_server_packets($1)
+ corenet_receive_razor_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive razor_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
+ corenet_dontaudit_send_razor_server_packets($1)
+ corenet_dontaudit_receive_razor_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to razor_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_razor_server_packets',`
+ gen_require(`
+ type razor_server_packet_t;
+ ')
+
+ allow $1 razor_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ dontaudit $1 repository_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ dontaudit $1 repository_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_repository_port',`
+ corenet_udp_send_repository_port($1)
+ corenet_udp_receive_repository_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
+ corenet_dontaudit_udp_send_repository_port($1)
+ corenet_dontaudit_udp_receive_repository_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the repository port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_repository_port',`
+ gen_require(`
+ type repository_port_t;
+ ')
+
+ allow $1 repository_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_repository_client_packets',`
+ gen_require(`
+ type repository_client_packet_t;
+ ')
+
+ allow $1 repository_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_repository_client_packets',`
+ gen_require(`
+ type repository_client_packet_t;
+ ')
+
+ dontaudit $1 repository_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_repository_client_packets',`
+ gen_require(`
+ type repository_client_packet_t;
+ ')
+
+ allow $1 repository_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_repository_client_packets',`
+ gen_require(`
+ type repository_client_packet_t;
+ ')
+
+ dontaudit $1 repository_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_repository_client_packets',`
+ corenet_send_repository_client_packets($1)
+ corenet_receive_repository_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive repository_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
+ corenet_dontaudit_send_repository_client_packets($1)
+ corenet_dontaudit_receive_repository_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to repository_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_repository_client_packets',`
+ gen_require(`
+ type repository_client_packet_t;
+ ')
+
+ allow $1 repository_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_repository_server_packets',`
+ gen_require(`
+ type repository_server_packet_t;
+ ')
+
+ allow $1 repository_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_repository_server_packets',`
+ gen_require(`
+ type repository_server_packet_t;
+ ')
+
+ dontaudit $1 repository_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_repository_server_packets',`
+ gen_require(`
+ type repository_server_packet_t;
+ ')
+
+ allow $1 repository_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_repository_server_packets',`
+ gen_require(`
+ type repository_server_packet_t;
+ ')
+
+ dontaudit $1 repository_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_repository_server_packets',`
+ corenet_send_repository_server_packets($1)
+ corenet_receive_repository_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive repository_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
+ corenet_dontaudit_send_repository_server_packets($1)
+ corenet_dontaudit_receive_repository_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to repository_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_repository_server_packets',`
+ gen_require(`
+ type repository_server_packet_t;
+ ')
+
+ allow $1 repository_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ dontaudit $1 ricci_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ dontaudit $1 ricci_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ricci_port',`
+ corenet_udp_send_ricci_port($1)
+ corenet_udp_receive_ricci_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
+ corenet_dontaudit_udp_send_ricci_port($1)
+ corenet_dontaudit_udp_receive_ricci_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ricci port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ricci_port',`
+ gen_require(`
+ type ricci_port_t;
+ ')
+
+ allow $1 ricci_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ricci_client_packets',`
+ gen_require(`
+ type ricci_client_packet_t;
+ ')
+
+ allow $1 ricci_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ricci_client_packets',`
+ gen_require(`
+ type ricci_client_packet_t;
+ ')
+
+ dontaudit $1 ricci_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ricci_client_packets',`
+ gen_require(`
+ type ricci_client_packet_t;
+ ')
+
+ allow $1 ricci_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ricci_client_packets',`
+ gen_require(`
+ type ricci_client_packet_t;
+ ')
+
+ dontaudit $1 ricci_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ricci_client_packets',`
+ corenet_send_ricci_client_packets($1)
+ corenet_receive_ricci_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ricci_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
+ corenet_dontaudit_send_ricci_client_packets($1)
+ corenet_dontaudit_receive_ricci_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ricci_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ricci_client_packets',`
+ gen_require(`
+ type ricci_client_packet_t;
+ ')
+
+ allow $1 ricci_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ricci_server_packets',`
+ gen_require(`
+ type ricci_server_packet_t;
+ ')
+
+ allow $1 ricci_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ricci_server_packets',`
+ gen_require(`
+ type ricci_server_packet_t;
+ ')
+
+ dontaudit $1 ricci_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ricci_server_packets',`
+ gen_require(`
+ type ricci_server_packet_t;
+ ')
+
+ allow $1 ricci_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ricci_server_packets',`
+ gen_require(`
+ type ricci_server_packet_t;
+ ')
+
+ dontaudit $1 ricci_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ricci_server_packets',`
+ corenet_send_ricci_server_packets($1)
+ corenet_receive_ricci_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ricci_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
+ corenet_dontaudit_send_ricci_server_packets($1)
+ corenet_dontaudit_receive_ricci_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ricci_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ricci_server_packets',`
+ gen_require(`
+ type ricci_server_packet_t;
+ ')
+
+ allow $1 ricci_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
+ corenet_udp_send_ricci_modcluster_port($1)
+ corenet_udp_receive_ricci_modcluster_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
+ corenet_dontaudit_udp_send_ricci_modcluster_port($1)
+ corenet_dontaudit_udp_receive_ricci_modcluster_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the ricci_modcluster port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_ricci_modcluster_port',`
+ gen_require(`
+ type ricci_modcluster_port_t;
+ ')
+
+ allow $1 ricci_modcluster_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ricci_modcluster_client_packets',`
+ gen_require(`
+ type ricci_modcluster_client_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
+ gen_require(`
+ type ricci_modcluster_client_packet_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ricci_modcluster_client_packets',`
+ gen_require(`
+ type ricci_modcluster_client_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
+ gen_require(`
+ type ricci_modcluster_client_packet_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
+ corenet_send_ricci_modcluster_client_packets($1)
+ corenet_receive_ricci_modcluster_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ricci_modcluster_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
+ corenet_dontaudit_send_ricci_modcluster_client_packets($1)
+ corenet_dontaudit_receive_ricci_modcluster_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ricci_modcluster_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ricci_modcluster_client_packets',`
+ gen_require(`
+ type ricci_modcluster_client_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_ricci_modcluster_server_packets',`
+ gen_require(`
+ type ricci_modcluster_server_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
+ gen_require(`
+ type ricci_modcluster_server_packet_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_ricci_modcluster_server_packets',`
+ gen_require(`
+ type ricci_modcluster_server_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
+ gen_require(`
+ type ricci_modcluster_server_packet_t;
+ ')
+
+ dontaudit $1 ricci_modcluster_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
+ corenet_send_ricci_modcluster_server_packets($1)
+ corenet_receive_ricci_modcluster_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive ricci_modcluster_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
+ corenet_dontaudit_send_ricci_modcluster_server_packets($1)
+ corenet_dontaudit_receive_ricci_modcluster_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to ricci_modcluster_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_ricci_modcluster_server_packets',`
+ gen_require(`
+ type ricci_modcluster_server_packet_t;
+ ')
+
+ allow $1 ricci_modcluster_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ dontaudit $1 rlogind_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ dontaudit $1 rlogind_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_rlogind_port',`
+ corenet_udp_send_rlogind_port($1)
+ corenet_udp_receive_rlogind_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
+ corenet_dontaudit_udp_send_rlogind_port($1)
+ corenet_dontaudit_udp_receive_rlogind_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the rlogind port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_rlogind_port',`
+ gen_require(`
+ type rlogind_port_t;
+ ')
+
+ allow $1 rlogind_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rlogind_client_packets',`
+ gen_require(`
+ type rlogind_client_packet_t;
+ ')
+
+ allow $1 rlogind_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rlogind_client_packets',`
+ gen_require(`
+ type rlogind_client_packet_t;
+ ')
+
+ dontaudit $1 rlogind_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rlogind_client_packets',`
+ gen_require(`
+ type rlogind_client_packet_t;
+ ')
+
+ allow $1 rlogind_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rlogind_client_packets',`
+ gen_require(`
+ type rlogind_client_packet_t;
+ ')
+
+ dontaudit $1 rlogind_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rlogind_client_packets',`
+ corenet_send_rlogind_client_packets($1)
+ corenet_receive_rlogind_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rlogind_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
+ corenet_dontaudit_send_rlogind_client_packets($1)
+ corenet_dontaudit_receive_rlogind_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rlogind_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rlogind_client_packets',`
+ gen_require(`
+ type rlogind_client_packet_t;
+ ')
+
+ allow $1 rlogind_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rlogind_server_packets',`
+ gen_require(`
+ type rlogind_server_packet_t;
+ ')
+
+ allow $1 rlogind_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rlogind_server_packets',`
+ gen_require(`
+ type rlogind_server_packet_t;
+ ')
+
+ dontaudit $1 rlogind_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rlogind_server_packets',`
+ gen_require(`
+ type rlogind_server_packet_t;
+ ')
+
+ allow $1 rlogind_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rlogind_server_packets',`
+ gen_require(`
+ type rlogind_server_packet_t;
+ ')
+
+ dontaudit $1 rlogind_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rlogind_server_packets',`
+ corenet_send_rlogind_server_packets($1)
+ corenet_receive_rlogind_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rlogind_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
+ corenet_dontaudit_send_rlogind_server_packets($1)
+ corenet_dontaudit_receive_rlogind_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rlogind_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rlogind_server_packets',`
+ gen_require(`
+ type rlogind_server_packet_t;
+ ')
+
+ allow $1 rlogind_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ dontaudit $1 rndc_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ dontaudit $1 rndc_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_rndc_port',`
+ corenet_udp_send_rndc_port($1)
+ corenet_udp_receive_rndc_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
+ corenet_dontaudit_udp_send_rndc_port($1)
+ corenet_dontaudit_udp_receive_rndc_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the rndc port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_rndc_port',`
+ gen_require(`
+ type rndc_port_t;
+ ')
+
+ allow $1 rndc_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rndc_client_packets',`
+ gen_require(`
+ type rndc_client_packet_t;
+ ')
+
+ allow $1 rndc_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rndc_client_packets',`
+ gen_require(`
+ type rndc_client_packet_t;
+ ')
+
+ dontaudit $1 rndc_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rndc_client_packets',`
+ gen_require(`
+ type rndc_client_packet_t;
+ ')
+
+ allow $1 rndc_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rndc_client_packets',`
+ gen_require(`
+ type rndc_client_packet_t;
+ ')
+
+ dontaudit $1 rndc_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rndc_client_packets',`
+ corenet_send_rndc_client_packets($1)
+ corenet_receive_rndc_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rndc_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
+ corenet_dontaudit_send_rndc_client_packets($1)
+ corenet_dontaudit_receive_rndc_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rndc_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rndc_client_packets',`
+ gen_require(`
+ type rndc_client_packet_t;
+ ')
+
+ allow $1 rndc_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rndc_server_packets',`
+ gen_require(`
+ type rndc_server_packet_t;
+ ')
+
+ allow $1 rndc_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rndc_server_packets',`
+ gen_require(`
+ type rndc_server_packet_t;
+ ')
+
+ dontaudit $1 rndc_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rndc_server_packets',`
+ gen_require(`
+ type rndc_server_packet_t;
+ ')
+
+ allow $1 rndc_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rndc_server_packets',`
+ gen_require(`
+ type rndc_server_packet_t;
+ ')
+
+ dontaudit $1 rndc_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rndc_server_packets',`
+ corenet_send_rndc_server_packets($1)
+ corenet_receive_rndc_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rndc_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
+ corenet_dontaudit_send_rndc_server_packets($1)
+ corenet_dontaudit_receive_rndc_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rndc_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rndc_server_packets',`
+ gen_require(`
+ type rndc_server_packet_t;
+ ')
+
+ allow $1 rndc_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ dontaudit $1 router_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ dontaudit $1 router_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_router_port',`
+ corenet_udp_send_router_port($1)
+ corenet_udp_receive_router_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_router_port',`
+ corenet_dontaudit_udp_send_router_port($1)
+ corenet_dontaudit_udp_receive_router_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the router port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_router_port',`
+ gen_require(`
+ type router_port_t;
+ ')
+
+ allow $1 router_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_router_client_packets',`
+ gen_require(`
+ type router_client_packet_t;
+ ')
+
+ allow $1 router_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_router_client_packets',`
+ gen_require(`
+ type router_client_packet_t;
+ ')
+
+ dontaudit $1 router_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_router_client_packets',`
+ gen_require(`
+ type router_client_packet_t;
+ ')
+
+ allow $1 router_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_router_client_packets',`
+ gen_require(`
+ type router_client_packet_t;
+ ')
+
+ dontaudit $1 router_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_router_client_packets',`
+ corenet_send_router_client_packets($1)
+ corenet_receive_router_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive router_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_router_client_packets',`
+ corenet_dontaudit_send_router_client_packets($1)
+ corenet_dontaudit_receive_router_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to router_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_router_client_packets',`
+ gen_require(`
+ type router_client_packet_t;
+ ')
+
+ allow $1 router_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_router_server_packets',`
+ gen_require(`
+ type router_server_packet_t;
+ ')
+
+ allow $1 router_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_router_server_packets',`
+ gen_require(`
+ type router_server_packet_t;
+ ')
+
+ dontaudit $1 router_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_router_server_packets',`
+ gen_require(`
+ type router_server_packet_t;
+ ')
+
+ allow $1 router_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_router_server_packets',`
+ gen_require(`
+ type router_server_packet_t;
+ ')
+
+ dontaudit $1 router_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_router_server_packets',`
+ corenet_send_router_server_packets($1)
+ corenet_receive_router_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive router_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_router_server_packets',`
+ corenet_dontaudit_send_router_server_packets($1)
+ corenet_dontaudit_receive_router_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to router_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_router_server_packets',`
+ gen_require(`
+ type router_server_packet_t;
+ ')
+
+ allow $1 router_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ dontaudit $1 rsh_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ dontaudit $1 rsh_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_rsh_port',`
+ corenet_udp_send_rsh_port($1)
+ corenet_udp_receive_rsh_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
+ corenet_dontaudit_udp_send_rsh_port($1)
+ corenet_dontaudit_udp_receive_rsh_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the rsh port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_rsh_port',`
+ gen_require(`
+ type rsh_port_t;
+ ')
+
+ allow $1 rsh_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rsh_client_packets',`
+ gen_require(`
+ type rsh_client_packet_t;
+ ')
+
+ allow $1 rsh_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rsh_client_packets',`
+ gen_require(`
+ type rsh_client_packet_t;
+ ')
+
+ dontaudit $1 rsh_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rsh_client_packets',`
+ gen_require(`
+ type rsh_client_packet_t;
+ ')
+
+ allow $1 rsh_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rsh_client_packets',`
+ gen_require(`
+ type rsh_client_packet_t;
+ ')
+
+ dontaudit $1 rsh_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rsh_client_packets',`
+ corenet_send_rsh_client_packets($1)
+ corenet_receive_rsh_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rsh_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
+ corenet_dontaudit_send_rsh_client_packets($1)
+ corenet_dontaudit_receive_rsh_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rsh_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rsh_client_packets',`
+ gen_require(`
+ type rsh_client_packet_t;
+ ')
+
+ allow $1 rsh_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rsh_server_packets',`
+ gen_require(`
+ type rsh_server_packet_t;
+ ')
+
+ allow $1 rsh_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rsh_server_packets',`
+ gen_require(`
+ type rsh_server_packet_t;
+ ')
+
+ dontaudit $1 rsh_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_rsh_server_packets',`
+ gen_require(`
+ type rsh_server_packet_t;
+ ')
+
+ allow $1 rsh_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_rsh_server_packets',`
+ gen_require(`
+ type rsh_server_packet_t;
+ ')
+
+ dontaudit $1 rsh_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_rsh_server_packets',`
+ corenet_send_rsh_server_packets($1)
+ corenet_receive_rsh_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive rsh_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
+ corenet_dontaudit_send_rsh_server_packets($1)
+ corenet_dontaudit_receive_rsh_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to rsh_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_rsh_server_packets',`
+ gen_require(`
+ type rsh_server_packet_t;
+ ')
+
+ allow $1 rsh_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
+## Send and receive TCP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ dontaudit $1 rsync_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ dontaudit $1 rsync_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_rsync_port',`
+ corenet_udp_send_rsync_port($1)
+ corenet_udp_receive_rsync_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
+ corenet_dontaudit_udp_send_rsync_port($1)
+ corenet_dontaudit_udp_receive_rsync_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the rsync port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_rsync_port',`
+ gen_require(`
+ type rsync_port_t;
+ ')
+
+ allow $1 rsync_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send rsync_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_rsync_client_packets',`
+ gen_require(`
+ type rsync_client_packet_t;
+ ')
+
+ allow $1 rsync_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send rsync_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_rsync_client_packets',`
+ gen_require(`
+ type rsync_client_packet_t;
+ ')
+
+ dontaudit $1 rsync_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52549,17 +72927,17 @@ interface(`corenet_dontaudit_send_puppet_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppet_client_packets',`
+interface(`corenet_receive_rsync_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type rsync_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet recv;
+ allow $1 rsync_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppet_client packets.
+## Do not audit attempts to receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52568,17 +72946,17 @@ interface(`corenet_receive_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppet_client_packets',`
+interface(`corenet_dontaudit_receive_rsync_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type rsync_client_packet_t;
')
- dontaudit $1 puppet_client_packet_t:packet recv;
+ dontaudit $1 rsync_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppet_client packets.
+## Send and receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52587,14 +72965,14 @@ interface(`corenet_dontaudit_receive_puppet_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppet_client_packets',`
- corenet_send_puppet_client_packets($1)
- corenet_receive_puppet_client_packets($1)
+interface(`corenet_sendrecv_rsync_client_packets',`
+ corenet_send_rsync_client_packets($1)
+ corenet_receive_rsync_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppet_client packets.
+## Do not audit attempts to send and receive rsync_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52603,14 +72981,14 @@ interface(`corenet_sendrecv_puppet_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
- corenet_dontaudit_send_puppet_client_packets($1)
- corenet_dontaudit_receive_puppet_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
+ corenet_dontaudit_send_rsync_client_packets($1)
+ corenet_dontaudit_receive_rsync_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppet_client the packet type.
+## Relabel packets to rsync_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52618,18 +72996,18 @@ interface(`corenet_dontaudit_sendrecv_puppet_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppet_client_packets',`
+interface(`corenet_relabelto_rsync_client_packets',`
gen_require(`
- type puppet_client_packet_t;
+ type rsync_client_packet_t;
')
- allow $1 puppet_client_packet_t:packet relabelto;
+ allow $1 rsync_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send puppet_server packets.
+## Send rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52638,17 +73016,17 @@ interface(`corenet_relabelto_puppet_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_puppet_server_packets',`
+interface(`corenet_send_rsync_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet send;
+ allow $1 rsync_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send puppet_server packets.
+## Do not audit attempts to send rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52657,17 +73035,17 @@ interface(`corenet_send_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_puppet_server_packets',`
+interface(`corenet_dontaudit_send_rsync_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type rsync_server_packet_t;
')
- dontaudit $1 puppet_server_packet_t:packet send;
+ dontaudit $1 rsync_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive puppet_server packets.
+## Receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52676,17 +73054,17 @@ interface(`corenet_dontaudit_send_puppet_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_puppet_server_packets',`
+interface(`corenet_receive_rsync_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet recv;
+ allow $1 rsync_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive puppet_server packets.
+## Do not audit attempts to receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52695,17 +73073,17 @@ interface(`corenet_receive_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_puppet_server_packets',`
+interface(`corenet_dontaudit_receive_rsync_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type rsync_server_packet_t;
')
- dontaudit $1 puppet_server_packet_t:packet recv;
+ dontaudit $1 rsync_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive puppet_server packets.
+## Send and receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52714,14 +73092,14 @@ interface(`corenet_dontaudit_receive_puppet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_puppet_server_packets',`
- corenet_send_puppet_server_packets($1)
- corenet_receive_puppet_server_packets($1)
+interface(`corenet_sendrecv_rsync_server_packets',`
+ corenet_send_rsync_server_packets($1)
+ corenet_receive_rsync_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive puppet_server packets.
+## Do not audit attempts to send and receive rsync_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52730,14 +73108,14 @@ interface(`corenet_sendrecv_puppet_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
- corenet_dontaudit_send_puppet_server_packets($1)
- corenet_dontaudit_receive_puppet_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
+ corenet_dontaudit_send_rsync_server_packets($1)
+ corenet_dontaudit_receive_rsync_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to puppet_server the packet type.
+## Relabel packets to rsync_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -52745,12 +73123,12 @@ interface(`corenet_dontaudit_sendrecv_puppet_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_puppet_server_packets',`
+interface(`corenet_relabelto_rsync_server_packets',`
gen_require(`
- type puppet_server_packet_t;
+ type rsync_server_packet_t;
')
- allow $1 puppet_server_packet_t:packet relabelto;
+ allow $1 rsync_server_packet_t:packet relabelto;
')
@@ -52758,7 +73136,7 @@ interface(`corenet_relabelto_puppet_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pxe port.
+## Send and receive TCP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52767,17 +73145,17 @@ interface(`corenet_relabelto_puppet_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pxe_port',`
+interface(`corenet_tcp_sendrecv_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rtorrent_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pxe port.
+## Send UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52786,17 +73164,17 @@ interface(`corenet_tcp_sendrecv_pxe_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pxe_port',`
+interface(`corenet_udp_send_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:udp_socket send_msg;
+ allow $1 rtorrent_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pxe port.
+## Do not audit attempts to send UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52805,17 +73183,17 @@ interface(`corenet_udp_send_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pxe_port',`
+interface(`corenet_dontaudit_udp_send_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- dontaudit $1 pxe_port_t:udp_socket send_msg;
+ dontaudit $1 rtorrent_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pxe port.
+## Receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52824,17 +73202,17 @@ interface(`corenet_dontaudit_udp_send_pxe_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pxe_port',`
+interface(`corenet_udp_receive_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:udp_socket recv_msg;
+ allow $1 rtorrent_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pxe port.
+## Do not audit attempts to receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52843,17 +73221,17 @@ interface(`corenet_udp_receive_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pxe_port',`
+interface(`corenet_dontaudit_udp_receive_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- dontaudit $1 pxe_port_t:udp_socket recv_msg;
+ dontaudit $1 rtorrent_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pxe port.
+## Send and receive UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52862,15 +73240,15 @@ interface(`corenet_dontaudit_udp_receive_pxe_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pxe_port',`
- corenet_udp_send_pxe_port($1)
- corenet_udp_receive_pxe_port($1)
+interface(`corenet_udp_sendrecv_rtorrent_port',`
+ corenet_udp_send_rtorrent_port($1)
+ corenet_udp_receive_rtorrent_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pxe port.
+## UDP traffic on the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52879,14 +73257,14 @@ interface(`corenet_udp_sendrecv_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
- corenet_dontaudit_udp_send_pxe_port($1)
- corenet_dontaudit_udp_receive_pxe_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rtorrent_port',`
+ corenet_dontaudit_udp_send_rtorrent_port($1)
+ corenet_dontaudit_udp_receive_rtorrent_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pxe port.
+## Bind TCP sockets to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52895,18 +73273,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pxe_port',`
+interface(`corenet_tcp_bind_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:tcp_socket name_bind;
+ allow $1 rtorrent_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the pxe port.
+## Bind UDP sockets to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52915,18 +73293,18 @@ interface(`corenet_tcp_bind_pxe_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pxe_port',`
+interface(`corenet_udp_bind_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:udp_socket name_bind;
+ allow $1 rtorrent_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the pxe port.
+## Make a TCP connection to the rtorrent port.
## </summary>
## <param name="domain">
## <summary>
@@ -52934,18 +73312,18 @@ interface(`corenet_udp_bind_pxe_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pxe_port',`
+interface(`corenet_tcp_connect_rtorrent_port',`
gen_require(`
- type pxe_port_t;
+ type rtorrent_port_t;
')
- allow $1 pxe_port_t:tcp_socket name_connect;
+ allow $1 rtorrent_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pxe_client packets.
+## Send rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52954,17 +73332,17 @@ interface(`corenet_tcp_connect_pxe_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pxe_client_packets',`
+interface(`corenet_send_rtorrent_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet send;
+ allow $1 rtorrent_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pxe_client packets.
+## Do not audit attempts to send rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52973,17 +73351,17 @@ interface(`corenet_send_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pxe_client_packets',`
+interface(`corenet_dontaudit_send_rtorrent_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type rtorrent_client_packet_t;
')
- dontaudit $1 pxe_client_packet_t:packet send;
+ dontaudit $1 rtorrent_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pxe_client packets.
+## Receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -52992,17 +73370,17 @@ interface(`corenet_dontaudit_send_pxe_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pxe_client_packets',`
+interface(`corenet_receive_rtorrent_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet recv;
+ allow $1 rtorrent_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pxe_client packets.
+## Do not audit attempts to receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53011,17 +73389,17 @@ interface(`corenet_receive_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pxe_client_packets',`
+interface(`corenet_dontaudit_receive_rtorrent_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type rtorrent_client_packet_t;
')
- dontaudit $1 pxe_client_packet_t:packet recv;
+ dontaudit $1 rtorrent_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pxe_client packets.
+## Send and receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53030,14 +73408,14 @@ interface(`corenet_dontaudit_receive_pxe_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pxe_client_packets',`
- corenet_send_pxe_client_packets($1)
- corenet_receive_pxe_client_packets($1)
+interface(`corenet_sendrecv_rtorrent_client_packets',`
+ corenet_send_rtorrent_client_packets($1)
+ corenet_receive_rtorrent_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pxe_client packets.
+## Do not audit attempts to send and receive rtorrent_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53046,14 +73424,14 @@ interface(`corenet_sendrecv_pxe_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
- corenet_dontaudit_send_pxe_client_packets($1)
- corenet_dontaudit_receive_pxe_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtorrent_client_packets',`
+ corenet_dontaudit_send_rtorrent_client_packets($1)
+ corenet_dontaudit_receive_rtorrent_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pxe_client the packet type.
+## Relabel packets to rtorrent_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53061,18 +73439,18 @@ interface(`corenet_dontaudit_sendrecv_pxe_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pxe_client_packets',`
+interface(`corenet_relabelto_rtorrent_client_packets',`
gen_require(`
- type pxe_client_packet_t;
+ type rtorrent_client_packet_t;
')
- allow $1 pxe_client_packet_t:packet relabelto;
+ allow $1 rtorrent_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pxe_server packets.
+## Send rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53081,17 +73459,17 @@ interface(`corenet_relabelto_pxe_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pxe_server_packets',`
+interface(`corenet_send_rtorrent_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet send;
+ allow $1 rtorrent_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pxe_server packets.
+## Do not audit attempts to send rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53100,17 +73478,17 @@ interface(`corenet_send_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pxe_server_packets',`
+interface(`corenet_dontaudit_send_rtorrent_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type rtorrent_server_packet_t;
')
- dontaudit $1 pxe_server_packet_t:packet send;
+ dontaudit $1 rtorrent_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pxe_server packets.
+## Receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53119,17 +73497,17 @@ interface(`corenet_dontaudit_send_pxe_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pxe_server_packets',`
+interface(`corenet_receive_rtorrent_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet recv;
+ allow $1 rtorrent_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pxe_server packets.
+## Do not audit attempts to receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53138,17 +73516,17 @@ interface(`corenet_receive_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pxe_server_packets',`
+interface(`corenet_dontaudit_receive_rtorrent_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type rtorrent_server_packet_t;
')
- dontaudit $1 pxe_server_packet_t:packet recv;
+ dontaudit $1 rtorrent_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pxe_server packets.
+## Send and receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53157,14 +73535,14 @@ interface(`corenet_dontaudit_receive_pxe_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pxe_server_packets',`
- corenet_send_pxe_server_packets($1)
- corenet_receive_pxe_server_packets($1)
+interface(`corenet_sendrecv_rtorrent_server_packets',`
+ corenet_send_rtorrent_server_packets($1)
+ corenet_receive_rtorrent_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pxe_server packets.
+## Do not audit attempts to send and receive rtorrent_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53173,14 +73551,14 @@ interface(`corenet_sendrecv_pxe_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
- corenet_dontaudit_send_pxe_server_packets($1)
- corenet_dontaudit_receive_pxe_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtorrent_server_packets',`
+ corenet_dontaudit_send_rtorrent_server_packets($1)
+ corenet_dontaudit_receive_rtorrent_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pxe_server the packet type.
+## Relabel packets to rtorrent_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53188,12 +73566,12 @@ interface(`corenet_dontaudit_sendrecv_pxe_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pxe_server_packets',`
+interface(`corenet_relabelto_rtorrent_server_packets',`
gen_require(`
- type pxe_server_packet_t;
+ type rtorrent_server_packet_t;
')
- allow $1 pxe_server_packet_t:packet relabelto;
+ allow $1 rtorrent_server_packet_t:packet relabelto;
')
@@ -53201,7 +73579,7 @@ interface(`corenet_relabelto_pxe_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the pyzor port.
+## Send and receive TCP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53210,17 +73588,17 @@ interface(`corenet_relabelto_pxe_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_pyzor_port',`
+interface(`corenet_tcp_sendrecv_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rtsp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the pyzor port.
+## Send UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53229,17 +73607,17 @@ interface(`corenet_tcp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_pyzor_port',`
+interface(`corenet_udp_send_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:udp_socket send_msg;
+ allow $1 rtsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the pyzor port.
+## Do not audit attempts to send UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53248,17 +73626,17 @@ interface(`corenet_udp_send_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_pyzor_port',`
+interface(`corenet_dontaudit_udp_send_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- dontaudit $1 pyzor_port_t:udp_socket send_msg;
+ dontaudit $1 rtsp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the pyzor port.
+## Receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53267,17 +73645,17 @@ interface(`corenet_dontaudit_udp_send_pyzor_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_pyzor_port',`
+interface(`corenet_udp_receive_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:udp_socket recv_msg;
+ allow $1 rtsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the pyzor port.
+## Do not audit attempts to receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53286,17 +73664,17 @@ interface(`corenet_udp_receive_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_pyzor_port',`
+interface(`corenet_dontaudit_udp_receive_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- dontaudit $1 pyzor_port_t:udp_socket recv_msg;
+ dontaudit $1 rtsp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the pyzor port.
+## Send and receive UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53305,15 +73683,15 @@ interface(`corenet_dontaudit_udp_receive_pyzor_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_pyzor_port',`
- corenet_udp_send_pyzor_port($1)
- corenet_udp_receive_pyzor_port($1)
+interface(`corenet_udp_sendrecv_rtsp_port',`
+ corenet_udp_send_rtsp_port($1)
+ corenet_udp_receive_rtsp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the pyzor port.
+## UDP traffic on the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53322,14 +73700,14 @@ interface(`corenet_udp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
- corenet_dontaudit_udp_send_pyzor_port($1)
- corenet_dontaudit_udp_receive_pyzor_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rtsp_port',`
+ corenet_dontaudit_udp_send_rtsp_port($1)
+ corenet_dontaudit_udp_receive_rtsp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the pyzor port.
+## Bind TCP sockets to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53338,18 +73716,18 @@ interface(`corenet_dontaudit_udp_sendrecv_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_pyzor_port',`
+interface(`corenet_tcp_bind_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:tcp_socket name_bind;
-
+ allow $1 rtsp_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the pyzor port.
+## Bind UDP sockets to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53358,18 +73736,18 @@ interface(`corenet_tcp_bind_pyzor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_pyzor_port',`
+interface(`corenet_udp_bind_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:udp_socket name_bind;
-
+ allow $1 rtsp_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the pyzor port.
+## Make a TCP connection to the rtsp port.
## </summary>
## <param name="domain">
## <summary>
@@ -53377,18 +73755,18 @@ interface(`corenet_udp_bind_pyzor_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_pyzor_port',`
+interface(`corenet_tcp_connect_rtsp_port',`
gen_require(`
- type pyzor_port_t;
+ type rtsp_port_t;
')
- allow $1 pyzor_port_t:tcp_socket name_connect;
+ allow $1 rtsp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send pyzor_client packets.
+## Send rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53397,17 +73775,17 @@ interface(`corenet_tcp_connect_pyzor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pyzor_client_packets',`
+interface(`corenet_send_rtsp_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet send;
+ allow $1 rtsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pyzor_client packets.
+## Do not audit attempts to send rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53416,17 +73794,17 @@ interface(`corenet_send_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pyzor_client_packets',`
+interface(`corenet_dontaudit_send_rtsp_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type rtsp_client_packet_t;
')
- dontaudit $1 pyzor_client_packet_t:packet send;
+ dontaudit $1 rtsp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive pyzor_client packets.
+## Receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53435,17 +73813,17 @@ interface(`corenet_dontaudit_send_pyzor_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pyzor_client_packets',`
+interface(`corenet_receive_rtsp_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet recv;
+ allow $1 rtsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pyzor_client packets.
+## Do not audit attempts to receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53454,17 +73832,17 @@ interface(`corenet_receive_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pyzor_client_packets',`
+interface(`corenet_dontaudit_receive_rtsp_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type rtsp_client_packet_t;
')
- dontaudit $1 pyzor_client_packet_t:packet recv;
+ dontaudit $1 rtsp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pyzor_client packets.
+## Send and receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53473,14 +73851,14 @@ interface(`corenet_dontaudit_receive_pyzor_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pyzor_client_packets',`
- corenet_send_pyzor_client_packets($1)
- corenet_receive_pyzor_client_packets($1)
+interface(`corenet_sendrecv_rtsp_client_packets',`
+ corenet_send_rtsp_client_packets($1)
+ corenet_receive_rtsp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pyzor_client packets.
+## Do not audit attempts to send and receive rtsp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53489,14 +73867,14 @@ interface(`corenet_sendrecv_pyzor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
- corenet_dontaudit_send_pyzor_client_packets($1)
- corenet_dontaudit_receive_pyzor_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtsp_client_packets',`
+ corenet_dontaudit_send_rtsp_client_packets($1)
+ corenet_dontaudit_receive_rtsp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to pyzor_client the packet type.
+## Relabel packets to rtsp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53504,18 +73882,18 @@ interface(`corenet_dontaudit_sendrecv_pyzor_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pyzor_client_packets',`
+interface(`corenet_relabelto_rtsp_client_packets',`
gen_require(`
- type pyzor_client_packet_t;
+ type rtsp_client_packet_t;
')
- allow $1 pyzor_client_packet_t:packet relabelto;
+ allow $1 rtsp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send pyzor_server packets.
+## Send rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53524,17 +73902,17 @@ interface(`corenet_relabelto_pyzor_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_pyzor_server_packets',`
+interface(`corenet_send_rtsp_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet send;
+ allow $1 rtsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send pyzor_server packets.
+## Do not audit attempts to send rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53543,17 +73921,17 @@ interface(`corenet_send_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_pyzor_server_packets',`
+interface(`corenet_dontaudit_send_rtsp_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type rtsp_server_packet_t;
')
- dontaudit $1 pyzor_server_packet_t:packet send;
+ dontaudit $1 rtsp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive pyzor_server packets.
+## Receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53562,17 +73940,17 @@ interface(`corenet_dontaudit_send_pyzor_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_pyzor_server_packets',`
+interface(`corenet_receive_rtsp_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet recv;
+ allow $1 rtsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive pyzor_server packets.
+## Do not audit attempts to receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53581,17 +73959,17 @@ interface(`corenet_receive_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_pyzor_server_packets',`
+interface(`corenet_dontaudit_receive_rtsp_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type rtsp_server_packet_t;
')
- dontaudit $1 pyzor_server_packet_t:packet recv;
+ dontaudit $1 rtsp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive pyzor_server packets.
+## Send and receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53600,14 +73978,14 @@ interface(`corenet_dontaudit_receive_pyzor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_pyzor_server_packets',`
- corenet_send_pyzor_server_packets($1)
- corenet_receive_pyzor_server_packets($1)
+interface(`corenet_sendrecv_rtsp_server_packets',`
+ corenet_send_rtsp_server_packets($1)
+ corenet_receive_rtsp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive pyzor_server packets.
+## Do not audit attempts to send and receive rtsp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53616,14 +73994,14 @@ interface(`corenet_sendrecv_pyzor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
- corenet_dontaudit_send_pyzor_server_packets($1)
- corenet_dontaudit_receive_pyzor_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rtsp_server_packets',`
+ corenet_dontaudit_send_rtsp_server_packets($1)
+ corenet_dontaudit_receive_rtsp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to pyzor_server the packet type.
+## Relabel packets to rtsp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53631,12 +74009,12 @@ interface(`corenet_dontaudit_sendrecv_pyzor_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_pyzor_server_packets',`
+interface(`corenet_relabelto_rtsp_server_packets',`
gen_require(`
- type pyzor_server_packet_t;
+ type rtsp_server_packet_t;
')
- allow $1 pyzor_server_packet_t:packet relabelto;
+ allow $1 rtsp_server_packet_t:packet relabelto;
')
@@ -53644,7 +74022,7 @@ interface(`corenet_relabelto_pyzor_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radacct port.
+## Send and receive TCP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53653,17 +74031,17 @@ interface(`corenet_relabelto_pyzor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radacct_port',`
+interface(`corenet_tcp_sendrecv_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 rwho_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radacct port.
+## Send UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53672,17 +74050,17 @@ interface(`corenet_tcp_sendrecv_radacct_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radacct_port',`
+interface(`corenet_udp_send_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:udp_socket send_msg;
+ allow $1 rwho_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radacct port.
+## Do not audit attempts to send UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53691,17 +74069,17 @@ interface(`corenet_udp_send_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radacct_port',`
+interface(`corenet_dontaudit_udp_send_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- dontaudit $1 radacct_port_t:udp_socket send_msg;
+ dontaudit $1 rwho_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radacct port.
+## Receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53710,17 +74088,17 @@ interface(`corenet_dontaudit_udp_send_radacct_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radacct_port',`
+interface(`corenet_udp_receive_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:udp_socket recv_msg;
+ allow $1 rwho_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radacct port.
+## Do not audit attempts to receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53729,17 +74107,17 @@ interface(`corenet_udp_receive_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radacct_port',`
+interface(`corenet_dontaudit_udp_receive_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- dontaudit $1 radacct_port_t:udp_socket recv_msg;
+ dontaudit $1 rwho_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radacct port.
+## Send and receive UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53748,15 +74126,15 @@ interface(`corenet_dontaudit_udp_receive_radacct_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radacct_port',`
- corenet_udp_send_radacct_port($1)
- corenet_udp_receive_radacct_port($1)
+interface(`corenet_udp_sendrecv_rwho_port',`
+ corenet_udp_send_rwho_port($1)
+ corenet_udp_receive_rwho_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radacct port.
+## UDP traffic on the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53765,14 +74143,14 @@ interface(`corenet_udp_sendrecv_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
- corenet_dontaudit_udp_send_radacct_port($1)
- corenet_dontaudit_udp_receive_radacct_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
+ corenet_dontaudit_udp_send_rwho_port($1)
+ corenet_dontaudit_udp_receive_rwho_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radacct port.
+## Bind TCP sockets to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53781,18 +74159,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radacct_port',`
+interface(`corenet_tcp_bind_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:tcp_socket name_bind;
-
+ allow $1 rwho_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the radacct port.
+## Bind UDP sockets to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53801,18 +74179,18 @@ interface(`corenet_tcp_bind_radacct_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radacct_port',`
+interface(`corenet_udp_bind_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:udp_socket name_bind;
-
+ allow $1 rwho_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the radacct port.
+## Make a TCP connection to the rwho port.
## </summary>
## <param name="domain">
## <summary>
@@ -53820,18 +74198,18 @@ interface(`corenet_udp_bind_radacct_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radacct_port',`
+interface(`corenet_tcp_connect_rwho_port',`
gen_require(`
- type radacct_port_t;
+ type rwho_port_t;
')
- allow $1 radacct_port_t:tcp_socket name_connect;
+ allow $1 rwho_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radacct_client packets.
+## Send rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53840,17 +74218,17 @@ interface(`corenet_tcp_connect_radacct_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radacct_client_packets',`
+interface(`corenet_send_rwho_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet send;
+ allow $1 rwho_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radacct_client packets.
+## Do not audit attempts to send rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53859,17 +74237,17 @@ interface(`corenet_send_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radacct_client_packets',`
+interface(`corenet_dontaudit_send_rwho_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type rwho_client_packet_t;
')
- dontaudit $1 radacct_client_packet_t:packet send;
+ dontaudit $1 rwho_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radacct_client packets.
+## Receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53878,17 +74256,17 @@ interface(`corenet_dontaudit_send_radacct_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radacct_client_packets',`
+interface(`corenet_receive_rwho_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet recv;
+ allow $1 rwho_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radacct_client packets.
+## Do not audit attempts to receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53897,17 +74275,17 @@ interface(`corenet_receive_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radacct_client_packets',`
+interface(`corenet_dontaudit_receive_rwho_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type rwho_client_packet_t;
')
- dontaudit $1 radacct_client_packet_t:packet recv;
+ dontaudit $1 rwho_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radacct_client packets.
+## Send and receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53916,14 +74294,14 @@ interface(`corenet_dontaudit_receive_radacct_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radacct_client_packets',`
- corenet_send_radacct_client_packets($1)
- corenet_receive_radacct_client_packets($1)
+interface(`corenet_sendrecv_rwho_client_packets',`
+ corenet_send_rwho_client_packets($1)
+ corenet_receive_rwho_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radacct_client packets.
+## Do not audit attempts to send and receive rwho_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53932,14 +74310,14 @@ interface(`corenet_sendrecv_radacct_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
- corenet_dontaudit_send_radacct_client_packets($1)
- corenet_dontaudit_receive_radacct_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
+ corenet_dontaudit_send_rwho_client_packets($1)
+ corenet_dontaudit_receive_rwho_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radacct_client the packet type.
+## Relabel packets to rwho_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -53947,18 +74325,18 @@ interface(`corenet_dontaudit_sendrecv_radacct_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radacct_client_packets',`
+interface(`corenet_relabelto_rwho_client_packets',`
gen_require(`
- type radacct_client_packet_t;
+ type rwho_client_packet_t;
')
- allow $1 radacct_client_packet_t:packet relabelto;
+ allow $1 rwho_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radacct_server packets.
+## Send rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53967,17 +74345,17 @@ interface(`corenet_relabelto_radacct_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radacct_server_packets',`
+interface(`corenet_send_rwho_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet send;
+ allow $1 rwho_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radacct_server packets.
+## Do not audit attempts to send rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -53986,17 +74364,17 @@ interface(`corenet_send_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radacct_server_packets',`
+interface(`corenet_dontaudit_send_rwho_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type rwho_server_packet_t;
')
- dontaudit $1 radacct_server_packet_t:packet send;
+ dontaudit $1 rwho_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radacct_server packets.
+## Receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54005,17 +74383,17 @@ interface(`corenet_dontaudit_send_radacct_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radacct_server_packets',`
+interface(`corenet_receive_rwho_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet recv;
+ allow $1 rwho_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radacct_server packets.
+## Do not audit attempts to receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54024,17 +74402,17 @@ interface(`corenet_receive_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radacct_server_packets',`
+interface(`corenet_dontaudit_receive_rwho_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type rwho_server_packet_t;
')
- dontaudit $1 radacct_server_packet_t:packet recv;
+ dontaudit $1 rwho_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radacct_server packets.
+## Send and receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54043,14 +74421,14 @@ interface(`corenet_dontaudit_receive_radacct_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radacct_server_packets',`
- corenet_send_radacct_server_packets($1)
- corenet_receive_radacct_server_packets($1)
+interface(`corenet_sendrecv_rwho_server_packets',`
+ corenet_send_rwho_server_packets($1)
+ corenet_receive_rwho_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radacct_server packets.
+## Do not audit attempts to send and receive rwho_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54059,14 +74437,14 @@ interface(`corenet_sendrecv_radacct_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
- corenet_dontaudit_send_radacct_server_packets($1)
- corenet_dontaudit_receive_radacct_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
+ corenet_dontaudit_send_rwho_server_packets($1)
+ corenet_dontaudit_receive_rwho_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radacct_server the packet type.
+## Relabel packets to rwho_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54074,12 +74452,12 @@ interface(`corenet_dontaudit_sendrecv_radacct_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radacct_server_packets',`
+interface(`corenet_relabelto_rwho_server_packets',`
gen_require(`
- type radacct_server_packet_t;
+ type rwho_server_packet_t;
')
- allow $1 radacct_server_packet_t:packet relabelto;
+ allow $1 rwho_server_packet_t:packet relabelto;
')
@@ -54087,7 +74465,7 @@ interface(`corenet_relabelto_radacct_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radius port.
+## Send and receive TCP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54096,17 +74474,17 @@ interface(`corenet_relabelto_radacct_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radius_port',`
+interface(`corenet_tcp_sendrecv_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radius port.
+## Send UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54115,17 +74493,17 @@ interface(`corenet_tcp_sendrecv_radius_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radius_port',`
+interface(`corenet_udp_send_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:udp_socket send_msg;
+ allow $1 sap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radius port.
+## Do not audit attempts to send UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54134,17 +74512,17 @@ interface(`corenet_udp_send_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radius_port',`
+interface(`corenet_dontaudit_udp_send_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- dontaudit $1 radius_port_t:udp_socket send_msg;
+ dontaudit $1 sap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radius port.
+## Receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54153,17 +74531,17 @@ interface(`corenet_dontaudit_udp_send_radius_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radius_port',`
+interface(`corenet_udp_receive_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:udp_socket recv_msg;
+ allow $1 sap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radius port.
+## Do not audit attempts to receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54172,17 +74550,17 @@ interface(`corenet_udp_receive_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radius_port',`
+interface(`corenet_dontaudit_udp_receive_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- dontaudit $1 radius_port_t:udp_socket recv_msg;
+ dontaudit $1 sap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radius port.
+## Send and receive UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54191,15 +74569,15 @@ interface(`corenet_dontaudit_udp_receive_radius_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radius_port',`
- corenet_udp_send_radius_port($1)
- corenet_udp_receive_radius_port($1)
+interface(`corenet_udp_sendrecv_sap_port',`
+ corenet_udp_send_sap_port($1)
+ corenet_udp_receive_sap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radius port.
+## UDP traffic on the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54208,14 +74586,14 @@ interface(`corenet_udp_sendrecv_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
- corenet_dontaudit_udp_send_radius_port($1)
- corenet_dontaudit_udp_receive_radius_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
+ corenet_dontaudit_udp_send_sap_port($1)
+ corenet_dontaudit_udp_receive_sap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radius port.
+## Bind TCP sockets to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54224,18 +74602,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radius_port',`
+interface(`corenet_tcp_bind_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:tcp_socket name_bind;
+ allow $1 sap_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the radius port.
+## Bind UDP sockets to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54244,18 +74622,18 @@ interface(`corenet_tcp_bind_radius_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radius_port',`
+interface(`corenet_udp_bind_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:udp_socket name_bind;
+ allow $1 sap_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the radius port.
+## Make a TCP connection to the sap port.
## </summary>
## <param name="domain">
## <summary>
@@ -54263,18 +74641,18 @@ interface(`corenet_udp_bind_radius_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radius_port',`
+interface(`corenet_tcp_connect_sap_port',`
gen_require(`
- type radius_port_t;
+ type sap_port_t;
')
- allow $1 radius_port_t:tcp_socket name_connect;
+ allow $1 sap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radius_client packets.
+## Send sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54283,17 +74661,17 @@ interface(`corenet_tcp_connect_radius_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radius_client_packets',`
+interface(`corenet_send_sap_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 radius_client_packet_t:packet send;
+ allow $1 sap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radius_client packets.
+## Do not audit attempts to send sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54302,17 +74680,17 @@ interface(`corenet_send_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radius_client_packets',`
+interface(`corenet_dontaudit_send_sap_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type sap_client_packet_t;
')
- dontaudit $1 radius_client_packet_t:packet send;
+ dontaudit $1 sap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radius_client packets.
+## Receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54321,17 +74699,17 @@ interface(`corenet_dontaudit_send_radius_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radius_client_packets',`
+interface(`corenet_receive_sap_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 radius_client_packet_t:packet recv;
+ allow $1 sap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radius_client packets.
+## Do not audit attempts to receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54340,17 +74718,17 @@ interface(`corenet_receive_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radius_client_packets',`
+interface(`corenet_dontaudit_receive_sap_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type sap_client_packet_t;
')
- dontaudit $1 radius_client_packet_t:packet recv;
+ dontaudit $1 sap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radius_client packets.
+## Send and receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54359,14 +74737,14 @@ interface(`corenet_dontaudit_receive_radius_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radius_client_packets',`
- corenet_send_radius_client_packets($1)
- corenet_receive_radius_client_packets($1)
+interface(`corenet_sendrecv_sap_client_packets',`
+ corenet_send_sap_client_packets($1)
+ corenet_receive_sap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radius_client packets.
+## Do not audit attempts to send and receive sap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54375,14 +74753,14 @@ interface(`corenet_sendrecv_radius_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
- corenet_dontaudit_send_radius_client_packets($1)
- corenet_dontaudit_receive_radius_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
+ corenet_dontaudit_send_sap_client_packets($1)
+ corenet_dontaudit_receive_sap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radius_client the packet type.
+## Relabel packets to sap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54390,18 +74768,18 @@ interface(`corenet_dontaudit_sendrecv_radius_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radius_client_packets',`
+interface(`corenet_relabelto_sap_client_packets',`
gen_require(`
- type radius_client_packet_t;
+ type sap_client_packet_t;
')
- allow $1 radius_client_packet_t:packet relabelto;
+ allow $1 sap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radius_server packets.
+## Send sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54410,17 +74788,17 @@ interface(`corenet_relabelto_radius_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radius_server_packets',`
+interface(`corenet_send_sap_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 radius_server_packet_t:packet send;
+ allow $1 sap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radius_server packets.
+## Do not audit attempts to send sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54429,17 +74807,17 @@ interface(`corenet_send_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radius_server_packets',`
+interface(`corenet_dontaudit_send_sap_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type sap_server_packet_t;
')
- dontaudit $1 radius_server_packet_t:packet send;
+ dontaudit $1 sap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radius_server packets.
+## Receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54448,17 +74826,17 @@ interface(`corenet_dontaudit_send_radius_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radius_server_packets',`
+interface(`corenet_receive_sap_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 radius_server_packet_t:packet recv;
+ allow $1 sap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radius_server packets.
+## Do not audit attempts to receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54467,17 +74845,17 @@ interface(`corenet_receive_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radius_server_packets',`
+interface(`corenet_dontaudit_receive_sap_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type sap_server_packet_t;
')
- dontaudit $1 radius_server_packet_t:packet recv;
+ dontaudit $1 sap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radius_server packets.
+## Send and receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54486,14 +74864,14 @@ interface(`corenet_dontaudit_receive_radius_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radius_server_packets',`
- corenet_send_radius_server_packets($1)
- corenet_receive_radius_server_packets($1)
+interface(`corenet_sendrecv_sap_server_packets',`
+ corenet_send_sap_server_packets($1)
+ corenet_receive_sap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radius_server packets.
+## Do not audit attempts to send and receive sap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54502,14 +74880,14 @@ interface(`corenet_sendrecv_radius_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
- corenet_dontaudit_send_radius_server_packets($1)
- corenet_dontaudit_receive_radius_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
+ corenet_dontaudit_send_sap_server_packets($1)
+ corenet_dontaudit_receive_sap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radius_server the packet type.
+## Relabel packets to sap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54517,12 +74895,12 @@ interface(`corenet_dontaudit_sendrecv_radius_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radius_server_packets',`
+interface(`corenet_relabelto_sap_server_packets',`
gen_require(`
- type radius_server_packet_t;
+ type sap_server_packet_t;
')
- allow $1 radius_server_packet_t:packet relabelto;
+ allow $1 sap_server_packet_t:packet relabelto;
')
@@ -54530,7 +74908,7 @@ interface(`corenet_relabelto_radius_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the radsec port.
+## Send and receive TCP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54539,17 +74917,17 @@ interface(`corenet_relabelto_radius_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_radsec_port',`
+interface(`corenet_tcp_sendrecv_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 servistaitsm_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the radsec port.
+## Send UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54558,17 +74936,17 @@ interface(`corenet_tcp_sendrecv_radsec_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_radsec_port',`
+interface(`corenet_udp_send_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:udp_socket send_msg;
+ allow $1 servistaitsm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the radsec port.
+## Do not audit attempts to send UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54577,17 +74955,17 @@ interface(`corenet_udp_send_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_radsec_port',`
+interface(`corenet_dontaudit_udp_send_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- dontaudit $1 radsec_port_t:udp_socket send_msg;
+ dontaudit $1 servistaitsm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the radsec port.
+## Receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54596,17 +74974,17 @@ interface(`corenet_dontaudit_udp_send_radsec_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_radsec_port',`
+interface(`corenet_udp_receive_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:udp_socket recv_msg;
+ allow $1 servistaitsm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the radsec port.
+## Do not audit attempts to receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54615,17 +74993,17 @@ interface(`corenet_udp_receive_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_radsec_port',`
+interface(`corenet_dontaudit_udp_receive_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- dontaudit $1 radsec_port_t:udp_socket recv_msg;
+ dontaudit $1 servistaitsm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the radsec port.
+## Send and receive UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54634,15 +75012,15 @@ interface(`corenet_dontaudit_udp_receive_radsec_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_radsec_port',`
- corenet_udp_send_radsec_port($1)
- corenet_udp_receive_radsec_port($1)
+interface(`corenet_udp_sendrecv_servistaitsm_port',`
+ corenet_udp_send_servistaitsm_port($1)
+ corenet_udp_receive_servistaitsm_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the radsec port.
+## UDP traffic on the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54651,14 +75029,14 @@ interface(`corenet_udp_sendrecv_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
- corenet_dontaudit_udp_send_radsec_port($1)
- corenet_dontaudit_udp_receive_radsec_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_servistaitsm_port',`
+ corenet_dontaudit_udp_send_servistaitsm_port($1)
+ corenet_dontaudit_udp_receive_servistaitsm_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the radsec port.
+## Bind TCP sockets to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54667,18 +75045,18 @@ interface(`corenet_dontaudit_udp_sendrecv_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_radsec_port',`
+interface(`corenet_tcp_bind_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:tcp_socket name_bind;
+ allow $1 servistaitsm_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the radsec port.
+## Bind UDP sockets to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54687,18 +75065,18 @@ interface(`corenet_tcp_bind_radsec_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_radsec_port',`
+interface(`corenet_udp_bind_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:udp_socket name_bind;
+ allow $1 servistaitsm_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the radsec port.
+## Make a TCP connection to the servistaitsm port.
## </summary>
## <param name="domain">
## <summary>
@@ -54706,18 +75084,18 @@ interface(`corenet_udp_bind_radsec_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_radsec_port',`
+interface(`corenet_tcp_connect_servistaitsm_port',`
gen_require(`
- type radsec_port_t;
+ type servistaitsm_port_t;
')
- allow $1 radsec_port_t:tcp_socket name_connect;
+ allow $1 servistaitsm_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send radsec_client packets.
+## Send servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54726,17 +75104,17 @@ interface(`corenet_tcp_connect_radsec_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radsec_client_packets',`
+interface(`corenet_send_servistaitsm_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet send;
+ allow $1 servistaitsm_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radsec_client packets.
+## Do not audit attempts to send servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54745,17 +75123,17 @@ interface(`corenet_send_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radsec_client_packets',`
+interface(`corenet_dontaudit_send_servistaitsm_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- dontaudit $1 radsec_client_packet_t:packet send;
+ dontaudit $1 servistaitsm_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive radsec_client packets.
+## Receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54764,17 +75142,17 @@ interface(`corenet_dontaudit_send_radsec_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radsec_client_packets',`
+interface(`corenet_receive_servistaitsm_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet recv;
+ allow $1 servistaitsm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radsec_client packets.
+## Do not audit attempts to receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54783,17 +75161,17 @@ interface(`corenet_receive_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radsec_client_packets',`
+interface(`corenet_dontaudit_receive_servistaitsm_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- dontaudit $1 radsec_client_packet_t:packet recv;
+ dontaudit $1 servistaitsm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radsec_client packets.
+## Send and receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54802,14 +75180,14 @@ interface(`corenet_dontaudit_receive_radsec_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radsec_client_packets',`
- corenet_send_radsec_client_packets($1)
- corenet_receive_radsec_client_packets($1)
+interface(`corenet_sendrecv_servistaitsm_client_packets',`
+ corenet_send_servistaitsm_client_packets($1)
+ corenet_receive_servistaitsm_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radsec_client packets.
+## Do not audit attempts to send and receive servistaitsm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54818,14 +75196,14 @@ interface(`corenet_sendrecv_radsec_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
- corenet_dontaudit_send_radsec_client_packets($1)
- corenet_dontaudit_receive_radsec_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_servistaitsm_client_packets',`
+ corenet_dontaudit_send_servistaitsm_client_packets($1)
+ corenet_dontaudit_receive_servistaitsm_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to radsec_client the packet type.
+## Relabel packets to servistaitsm_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54833,18 +75211,18 @@ interface(`corenet_dontaudit_sendrecv_radsec_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radsec_client_packets',`
+interface(`corenet_relabelto_servistaitsm_client_packets',`
gen_require(`
- type radsec_client_packet_t;
+ type servistaitsm_client_packet_t;
')
- allow $1 radsec_client_packet_t:packet relabelto;
+ allow $1 servistaitsm_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send radsec_server packets.
+## Send servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54853,17 +75231,17 @@ interface(`corenet_relabelto_radsec_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_radsec_server_packets',`
+interface(`corenet_send_servistaitsm_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet send;
+ allow $1 servistaitsm_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send radsec_server packets.
+## Do not audit attempts to send servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54872,17 +75250,17 @@ interface(`corenet_send_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_radsec_server_packets',`
+interface(`corenet_dontaudit_send_servistaitsm_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- dontaudit $1 radsec_server_packet_t:packet send;
+ dontaudit $1 servistaitsm_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive radsec_server packets.
+## Receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54891,17 +75269,17 @@ interface(`corenet_dontaudit_send_radsec_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_radsec_server_packets',`
+interface(`corenet_receive_servistaitsm_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet recv;
+ allow $1 servistaitsm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive radsec_server packets.
+## Do not audit attempts to receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54910,17 +75288,17 @@ interface(`corenet_receive_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_radsec_server_packets',`
+interface(`corenet_dontaudit_receive_servistaitsm_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- dontaudit $1 radsec_server_packet_t:packet recv;
+ dontaudit $1 servistaitsm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive radsec_server packets.
+## Send and receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54929,14 +75307,14 @@ interface(`corenet_dontaudit_receive_radsec_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_radsec_server_packets',`
- corenet_send_radsec_server_packets($1)
- corenet_receive_radsec_server_packets($1)
+interface(`corenet_sendrecv_servistaitsm_server_packets',`
+ corenet_send_servistaitsm_server_packets($1)
+ corenet_receive_servistaitsm_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive radsec_server packets.
+## Do not audit attempts to send and receive servistaitsm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -54945,14 +75323,14 @@ interface(`corenet_sendrecv_radsec_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
- corenet_dontaudit_send_radsec_server_packets($1)
- corenet_dontaudit_receive_radsec_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_servistaitsm_server_packets',`
+ corenet_dontaudit_send_servistaitsm_server_packets($1)
+ corenet_dontaudit_receive_servistaitsm_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to radsec_server the packet type.
+## Relabel packets to servistaitsm_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -54960,12 +75338,12 @@ interface(`corenet_dontaudit_sendrecv_radsec_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_radsec_server_packets',`
+interface(`corenet_relabelto_servistaitsm_server_packets',`
gen_require(`
- type radsec_server_packet_t;
+ type servistaitsm_server_packet_t;
')
- allow $1 radsec_server_packet_t:packet relabelto;
+ allow $1 servistaitsm_server_packet_t:packet relabelto;
')
@@ -54973,7 +75351,7 @@ interface(`corenet_relabelto_radsec_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the razor port.
+## Send and receive TCP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -54982,17 +75360,17 @@ interface(`corenet_relabelto_radsec_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_razor_port',`
+interface(`corenet_tcp_sendrecv_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sieve_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the razor port.
+## Send UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55001,17 +75379,17 @@ interface(`corenet_tcp_sendrecv_razor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_razor_port',`
+interface(`corenet_udp_send_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:udp_socket send_msg;
+ allow $1 sieve_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the razor port.
+## Do not audit attempts to send UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55020,17 +75398,17 @@ interface(`corenet_udp_send_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_razor_port',`
+interface(`corenet_dontaudit_udp_send_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- dontaudit $1 razor_port_t:udp_socket send_msg;
+ dontaudit $1 sieve_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the razor port.
+## Receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55039,17 +75417,17 @@ interface(`corenet_dontaudit_udp_send_razor_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_razor_port',`
+interface(`corenet_udp_receive_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:udp_socket recv_msg;
+ allow $1 sieve_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the razor port.
+## Do not audit attempts to receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55058,17 +75436,17 @@ interface(`corenet_udp_receive_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_razor_port',`
+interface(`corenet_dontaudit_udp_receive_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- dontaudit $1 razor_port_t:udp_socket recv_msg;
+ dontaudit $1 sieve_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the razor port.
+## Send and receive UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55077,15 +75455,15 @@ interface(`corenet_dontaudit_udp_receive_razor_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_razor_port',`
- corenet_udp_send_razor_port($1)
- corenet_udp_receive_razor_port($1)
+interface(`corenet_udp_sendrecv_sieve_port',`
+ corenet_udp_send_sieve_port($1)
+ corenet_udp_receive_sieve_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the razor port.
+## UDP traffic on the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55094,14 +75472,14 @@ interface(`corenet_udp_sendrecv_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
- corenet_dontaudit_udp_send_razor_port($1)
- corenet_dontaudit_udp_receive_razor_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
+ corenet_dontaudit_udp_send_sieve_port($1)
+ corenet_dontaudit_udp_receive_sieve_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the razor port.
+## Bind TCP sockets to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55110,18 +75488,18 @@ interface(`corenet_dontaudit_udp_sendrecv_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_razor_port',`
+interface(`corenet_tcp_bind_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:tcp_socket name_bind;
+ allow $1 sieve_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the razor port.
+## Bind UDP sockets to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55130,18 +75508,18 @@ interface(`corenet_tcp_bind_razor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_razor_port',`
+interface(`corenet_udp_bind_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:udp_socket name_bind;
+ allow $1 sieve_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the razor port.
+## Make a TCP connection to the sieve port.
## </summary>
## <param name="domain">
## <summary>
@@ -55149,18 +75527,18 @@ interface(`corenet_udp_bind_razor_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_razor_port',`
+interface(`corenet_tcp_connect_sieve_port',`
gen_require(`
- type razor_port_t;
+ type sieve_port_t;
')
- allow $1 razor_port_t:tcp_socket name_connect;
+ allow $1 sieve_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send razor_client packets.
+## Send sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55169,17 +75547,17 @@ interface(`corenet_tcp_connect_razor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_razor_client_packets',`
+interface(`corenet_send_sieve_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 razor_client_packet_t:packet send;
+ allow $1 sieve_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send razor_client packets.
+## Do not audit attempts to send sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55188,17 +75566,17 @@ interface(`corenet_send_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_razor_client_packets',`
+interface(`corenet_dontaudit_send_sieve_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type sieve_client_packet_t;
')
- dontaudit $1 razor_client_packet_t:packet send;
+ dontaudit $1 sieve_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive razor_client packets.
+## Receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55207,17 +75585,17 @@ interface(`corenet_dontaudit_send_razor_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_razor_client_packets',`
+interface(`corenet_receive_sieve_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 razor_client_packet_t:packet recv;
+ allow $1 sieve_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive razor_client packets.
+## Do not audit attempts to receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55226,17 +75604,17 @@ interface(`corenet_receive_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_razor_client_packets',`
+interface(`corenet_dontaudit_receive_sieve_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type sieve_client_packet_t;
')
- dontaudit $1 razor_client_packet_t:packet recv;
+ dontaudit $1 sieve_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive razor_client packets.
+## Send and receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55245,14 +75623,14 @@ interface(`corenet_dontaudit_receive_razor_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_razor_client_packets',`
- corenet_send_razor_client_packets($1)
- corenet_receive_razor_client_packets($1)
+interface(`corenet_sendrecv_sieve_client_packets',`
+ corenet_send_sieve_client_packets($1)
+ corenet_receive_sieve_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive razor_client packets.
+## Do not audit attempts to send and receive sieve_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55261,14 +75639,14 @@ interface(`corenet_sendrecv_razor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
- corenet_dontaudit_send_razor_client_packets($1)
- corenet_dontaudit_receive_razor_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
+ corenet_dontaudit_send_sieve_client_packets($1)
+ corenet_dontaudit_receive_sieve_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to razor_client the packet type.
+## Relabel packets to sieve_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55276,18 +75654,18 @@ interface(`corenet_dontaudit_sendrecv_razor_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_razor_client_packets',`
+interface(`corenet_relabelto_sieve_client_packets',`
gen_require(`
- type razor_client_packet_t;
+ type sieve_client_packet_t;
')
- allow $1 razor_client_packet_t:packet relabelto;
+ allow $1 sieve_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send razor_server packets.
+## Send sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55296,17 +75674,17 @@ interface(`corenet_relabelto_razor_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_razor_server_packets',`
+interface(`corenet_send_sieve_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 razor_server_packet_t:packet send;
+ allow $1 sieve_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send razor_server packets.
+## Do not audit attempts to send sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55315,17 +75693,17 @@ interface(`corenet_send_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_razor_server_packets',`
+interface(`corenet_dontaudit_send_sieve_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type sieve_server_packet_t;
')
- dontaudit $1 razor_server_packet_t:packet send;
+ dontaudit $1 sieve_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive razor_server packets.
+## Receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55334,17 +75712,17 @@ interface(`corenet_dontaudit_send_razor_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_razor_server_packets',`
+interface(`corenet_receive_sieve_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 razor_server_packet_t:packet recv;
+ allow $1 sieve_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive razor_server packets.
+## Do not audit attempts to receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55353,17 +75731,17 @@ interface(`corenet_receive_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_razor_server_packets',`
+interface(`corenet_dontaudit_receive_sieve_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type sieve_server_packet_t;
')
- dontaudit $1 razor_server_packet_t:packet recv;
+ dontaudit $1 sieve_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive razor_server packets.
+## Send and receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55372,14 +75750,14 @@ interface(`corenet_dontaudit_receive_razor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_razor_server_packets',`
- corenet_send_razor_server_packets($1)
- corenet_receive_razor_server_packets($1)
+interface(`corenet_sendrecv_sieve_server_packets',`
+ corenet_send_sieve_server_packets($1)
+ corenet_receive_sieve_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive razor_server packets.
+## Do not audit attempts to send and receive sieve_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55388,14 +75766,14 @@ interface(`corenet_sendrecv_razor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
- corenet_dontaudit_send_razor_server_packets($1)
- corenet_dontaudit_receive_razor_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
+ corenet_dontaudit_send_sieve_server_packets($1)
+ corenet_dontaudit_receive_sieve_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to razor_server the packet type.
+## Relabel packets to sieve_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55403,12 +75781,12 @@ interface(`corenet_dontaudit_sendrecv_razor_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_razor_server_packets',`
+interface(`corenet_relabelto_sieve_server_packets',`
gen_require(`
- type razor_server_packet_t;
+ type sieve_server_packet_t;
')
- allow $1 razor_server_packet_t:packet relabelto;
+ allow $1 sieve_server_packet_t:packet relabelto;
')
@@ -55416,7 +75794,7 @@ interface(`corenet_relabelto_razor_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the repository port.
+## Send and receive TCP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55425,17 +75803,17 @@ interface(`corenet_relabelto_razor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_repository_port',`
+interface(`corenet_tcp_sendrecv_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sip_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the repository port.
+## Send UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55444,17 +75822,17 @@ interface(`corenet_tcp_sendrecv_repository_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_repository_port',`
+interface(`corenet_udp_send_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:udp_socket send_msg;
+ allow $1 sip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the repository port.
+## Do not audit attempts to send UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55463,17 +75841,17 @@ interface(`corenet_udp_send_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_repository_port',`
+interface(`corenet_dontaudit_udp_send_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- dontaudit $1 repository_port_t:udp_socket send_msg;
+ dontaudit $1 sip_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the repository port.
+## Receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55482,17 +75860,17 @@ interface(`corenet_dontaudit_udp_send_repository_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_repository_port',`
+interface(`corenet_udp_receive_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:udp_socket recv_msg;
+ allow $1 sip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the repository port.
+## Do not audit attempts to receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55501,17 +75879,17 @@ interface(`corenet_udp_receive_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_repository_port',`
+interface(`corenet_dontaudit_udp_receive_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- dontaudit $1 repository_port_t:udp_socket recv_msg;
+ dontaudit $1 sip_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the repository port.
+## Send and receive UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55520,15 +75898,15 @@ interface(`corenet_dontaudit_udp_receive_repository_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_repository_port',`
- corenet_udp_send_repository_port($1)
- corenet_udp_receive_repository_port($1)
+interface(`corenet_udp_sendrecv_sip_port',`
+ corenet_udp_send_sip_port($1)
+ corenet_udp_receive_sip_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the repository port.
+## UDP traffic on the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55537,14 +75915,14 @@ interface(`corenet_udp_sendrecv_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
- corenet_dontaudit_udp_send_repository_port($1)
- corenet_dontaudit_udp_receive_repository_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
+ corenet_dontaudit_udp_send_sip_port($1)
+ corenet_dontaudit_udp_receive_sip_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the repository port.
+## Bind TCP sockets to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55553,18 +75931,18 @@ interface(`corenet_dontaudit_udp_sendrecv_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_repository_port',`
+interface(`corenet_tcp_bind_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:tcp_socket name_bind;
+ allow $1 sip_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the repository port.
+## Bind UDP sockets to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55573,18 +75951,18 @@ interface(`corenet_tcp_bind_repository_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_repository_port',`
+interface(`corenet_udp_bind_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:udp_socket name_bind;
+ allow $1 sip_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the repository port.
+## Make a TCP connection to the sip port.
## </summary>
## <param name="domain">
## <summary>
@@ -55592,18 +75970,18 @@ interface(`corenet_udp_bind_repository_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_repository_port',`
+interface(`corenet_tcp_connect_sip_port',`
gen_require(`
- type repository_port_t;
+ type sip_port_t;
')
- allow $1 repository_port_t:tcp_socket name_connect;
+ allow $1 sip_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send repository_client packets.
+## Send sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55612,17 +75990,17 @@ interface(`corenet_tcp_connect_repository_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_repository_client_packets',`
+interface(`corenet_send_sip_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 repository_client_packet_t:packet send;
+ allow $1 sip_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send repository_client packets.
+## Do not audit attempts to send sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55631,17 +76009,17 @@ interface(`corenet_send_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_repository_client_packets',`
+interface(`corenet_dontaudit_send_sip_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type sip_client_packet_t;
')
- dontaudit $1 repository_client_packet_t:packet send;
+ dontaudit $1 sip_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive repository_client packets.
+## Receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55650,17 +76028,17 @@ interface(`corenet_dontaudit_send_repository_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_repository_client_packets',`
+interface(`corenet_receive_sip_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 repository_client_packet_t:packet recv;
+ allow $1 sip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive repository_client packets.
+## Do not audit attempts to receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55669,17 +76047,17 @@ interface(`corenet_receive_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_repository_client_packets',`
+interface(`corenet_dontaudit_receive_sip_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type sip_client_packet_t;
')
- dontaudit $1 repository_client_packet_t:packet recv;
+ dontaudit $1 sip_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive repository_client packets.
+## Send and receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55688,14 +76066,14 @@ interface(`corenet_dontaudit_receive_repository_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_repository_client_packets',`
- corenet_send_repository_client_packets($1)
- corenet_receive_repository_client_packets($1)
+interface(`corenet_sendrecv_sip_client_packets',`
+ corenet_send_sip_client_packets($1)
+ corenet_receive_sip_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive repository_client packets.
+## Do not audit attempts to send and receive sip_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55704,14 +76082,14 @@ interface(`corenet_sendrecv_repository_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
- corenet_dontaudit_send_repository_client_packets($1)
- corenet_dontaudit_receive_repository_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
+ corenet_dontaudit_send_sip_client_packets($1)
+ corenet_dontaudit_receive_sip_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to repository_client the packet type.
+## Relabel packets to sip_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55719,18 +76097,18 @@ interface(`corenet_dontaudit_sendrecv_repository_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_repository_client_packets',`
+interface(`corenet_relabelto_sip_client_packets',`
gen_require(`
- type repository_client_packet_t;
+ type sip_client_packet_t;
')
- allow $1 repository_client_packet_t:packet relabelto;
+ allow $1 sip_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send repository_server packets.
+## Send sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55739,17 +76117,17 @@ interface(`corenet_relabelto_repository_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_repository_server_packets',`
+interface(`corenet_send_sip_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 repository_server_packet_t:packet send;
+ allow $1 sip_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send repository_server packets.
+## Do not audit attempts to send sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55758,17 +76136,17 @@ interface(`corenet_send_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_repository_server_packets',`
+interface(`corenet_dontaudit_send_sip_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type sip_server_packet_t;
')
- dontaudit $1 repository_server_packet_t:packet send;
+ dontaudit $1 sip_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive repository_server packets.
+## Receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55777,17 +76155,17 @@ interface(`corenet_dontaudit_send_repository_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_repository_server_packets',`
+interface(`corenet_receive_sip_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 repository_server_packet_t:packet recv;
+ allow $1 sip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive repository_server packets.
+## Do not audit attempts to receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55796,17 +76174,17 @@ interface(`corenet_receive_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_repository_server_packets',`
+interface(`corenet_dontaudit_receive_sip_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type sip_server_packet_t;
')
- dontaudit $1 repository_server_packet_t:packet recv;
+ dontaudit $1 sip_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive repository_server packets.
+## Send and receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55815,14 +76193,14 @@ interface(`corenet_dontaudit_receive_repository_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_repository_server_packets',`
- corenet_send_repository_server_packets($1)
- corenet_receive_repository_server_packets($1)
+interface(`corenet_sendrecv_sip_server_packets',`
+ corenet_send_sip_server_packets($1)
+ corenet_receive_sip_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive repository_server packets.
+## Do not audit attempts to send and receive sip_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -55831,14 +76209,14 @@ interface(`corenet_sendrecv_repository_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
- corenet_dontaudit_send_repository_server_packets($1)
- corenet_dontaudit_receive_repository_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
+ corenet_dontaudit_send_sip_server_packets($1)
+ corenet_dontaudit_receive_sip_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to repository_server the packet type.
+## Relabel packets to sip_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -55846,12 +76224,12 @@ interface(`corenet_dontaudit_sendrecv_repository_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_repository_server_packets',`
+interface(`corenet_relabelto_sip_server_packets',`
gen_require(`
- type repository_server_packet_t;
+ type sip_server_packet_t;
')
- allow $1 repository_server_packet_t:packet relabelto;
+ allow $1 sip_server_packet_t:packet relabelto;
')
@@ -55859,7 +76237,7 @@ interface(`corenet_relabelto_repository_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ricci port.
+## Send and receive TCP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55868,17 +76246,17 @@ interface(`corenet_relabelto_repository_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ricci_port',`
+interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sixxsconfig_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ricci port.
+## Send UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55887,17 +76265,17 @@ interface(`corenet_tcp_sendrecv_ricci_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ricci_port',`
+interface(`corenet_udp_send_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:udp_socket send_msg;
+ allow $1 sixxsconfig_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ricci port.
+## Do not audit attempts to send UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55906,17 +76284,17 @@ interface(`corenet_udp_send_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ricci_port',`
+interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- dontaudit $1 ricci_port_t:udp_socket send_msg;
+ dontaudit $1 sixxsconfig_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ricci port.
+## Receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55925,17 +76303,17 @@ interface(`corenet_dontaudit_udp_send_ricci_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ricci_port',`
+interface(`corenet_udp_receive_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:udp_socket recv_msg;
+ allow $1 sixxsconfig_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ricci port.
+## Do not audit attempts to receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55944,17 +76322,17 @@ interface(`corenet_udp_receive_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ricci_port',`
+interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- dontaudit $1 ricci_port_t:udp_socket recv_msg;
+ dontaudit $1 sixxsconfig_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ricci port.
+## Send and receive UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55963,15 +76341,15 @@ interface(`corenet_dontaudit_udp_receive_ricci_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ricci_port',`
- corenet_udp_send_ricci_port($1)
- corenet_udp_receive_ricci_port($1)
+interface(`corenet_udp_sendrecv_sixxsconfig_port',`
+ corenet_udp_send_sixxsconfig_port($1)
+ corenet_udp_receive_sixxsconfig_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ricci port.
+## UDP traffic on the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55980,14 +76358,14 @@ interface(`corenet_udp_sendrecv_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
- corenet_dontaudit_udp_send_ricci_port($1)
- corenet_dontaudit_udp_receive_ricci_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
+ corenet_dontaudit_udp_send_sixxsconfig_port($1)
+ corenet_dontaudit_udp_receive_sixxsconfig_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ricci port.
+## Bind TCP sockets to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -55996,18 +76374,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ricci_port',`
+interface(`corenet_tcp_bind_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:tcp_socket name_bind;
+ allow $1 sixxsconfig_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ricci port.
+## Bind UDP sockets to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -56016,18 +76394,18 @@ interface(`corenet_tcp_bind_ricci_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ricci_port',`
+interface(`corenet_udp_bind_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:udp_socket name_bind;
+ allow $1 sixxsconfig_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ricci port.
+## Make a TCP connection to the sixxsconfig port.
## </summary>
## <param name="domain">
## <summary>
@@ -56035,18 +76413,18 @@ interface(`corenet_udp_bind_ricci_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ricci_port',`
+interface(`corenet_tcp_connect_sixxsconfig_port',`
gen_require(`
- type ricci_port_t;
+ type sixxsconfig_port_t;
')
- allow $1 ricci_port_t:tcp_socket name_connect;
+ allow $1 sixxsconfig_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ricci_client packets.
+## Send sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56055,17 +76433,17 @@ interface(`corenet_tcp_connect_ricci_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_client_packets',`
+interface(`corenet_send_sixxsconfig_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet send;
+ allow $1 sixxsconfig_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_client packets.
+## Do not audit attempts to send sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56074,17 +76452,17 @@ interface(`corenet_send_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_client_packets',`
+interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- dontaudit $1 ricci_client_packet_t:packet send;
+ dontaudit $1 sixxsconfig_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_client packets.
+## Receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56093,17 +76471,17 @@ interface(`corenet_dontaudit_send_ricci_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_client_packets',`
+interface(`corenet_receive_sixxsconfig_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet recv;
+ allow $1 sixxsconfig_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_client packets.
+## Do not audit attempts to receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56112,17 +76490,17 @@ interface(`corenet_receive_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_client_packets',`
+interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- dontaudit $1 ricci_client_packet_t:packet recv;
+ dontaudit $1 sixxsconfig_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_client packets.
+## Send and receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56131,14 +76509,14 @@ interface(`corenet_dontaudit_receive_ricci_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_client_packets',`
- corenet_send_ricci_client_packets($1)
- corenet_receive_ricci_client_packets($1)
+interface(`corenet_sendrecv_sixxsconfig_client_packets',`
+ corenet_send_sixxsconfig_client_packets($1)
+ corenet_receive_sixxsconfig_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_client packets.
+## Do not audit attempts to send and receive sixxsconfig_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56147,14 +76525,14 @@ interface(`corenet_sendrecv_ricci_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
- corenet_dontaudit_send_ricci_client_packets($1)
- corenet_dontaudit_receive_ricci_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
+ corenet_dontaudit_send_sixxsconfig_client_packets($1)
+ corenet_dontaudit_receive_sixxsconfig_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_client the packet type.
+## Relabel packets to sixxsconfig_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56162,18 +76540,18 @@ interface(`corenet_dontaudit_sendrecv_ricci_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_client_packets',`
+interface(`corenet_relabelto_sixxsconfig_client_packets',`
gen_require(`
- type ricci_client_packet_t;
+ type sixxsconfig_client_packet_t;
')
- allow $1 ricci_client_packet_t:packet relabelto;
+ allow $1 sixxsconfig_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ricci_server packets.
+## Send sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56182,17 +76560,17 @@ interface(`corenet_relabelto_ricci_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_server_packets',`
+interface(`corenet_send_sixxsconfig_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet send;
+ allow $1 sixxsconfig_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_server packets.
+## Do not audit attempts to send sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56201,17 +76579,17 @@ interface(`corenet_send_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_server_packets',`
+interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- dontaudit $1 ricci_server_packet_t:packet send;
+ dontaudit $1 sixxsconfig_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_server packets.
+## Receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56220,17 +76598,17 @@ interface(`corenet_dontaudit_send_ricci_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_server_packets',`
+interface(`corenet_receive_sixxsconfig_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet recv;
+ allow $1 sixxsconfig_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_server packets.
+## Do not audit attempts to receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56239,17 +76617,17 @@ interface(`corenet_receive_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_server_packets',`
+interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- dontaudit $1 ricci_server_packet_t:packet recv;
+ dontaudit $1 sixxsconfig_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_server packets.
+## Send and receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56258,14 +76636,14 @@ interface(`corenet_dontaudit_receive_ricci_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_server_packets',`
- corenet_send_ricci_server_packets($1)
- corenet_receive_ricci_server_packets($1)
+interface(`corenet_sendrecv_sixxsconfig_server_packets',`
+ corenet_send_sixxsconfig_server_packets($1)
+ corenet_receive_sixxsconfig_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_server packets.
+## Do not audit attempts to send and receive sixxsconfig_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56274,14 +76652,14 @@ interface(`corenet_sendrecv_ricci_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
- corenet_dontaudit_send_ricci_server_packets($1)
- corenet_dontaudit_receive_ricci_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
+ corenet_dontaudit_send_sixxsconfig_server_packets($1)
+ corenet_dontaudit_receive_sixxsconfig_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_server the packet type.
+## Relabel packets to sixxsconfig_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56289,12 +76667,12 @@ interface(`corenet_dontaudit_sendrecv_ricci_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_server_packets',`
+interface(`corenet_relabelto_sixxsconfig_server_packets',`
gen_require(`
- type ricci_server_packet_t;
+ type sixxsconfig_server_packet_t;
')
- allow $1 ricci_server_packet_t:packet relabelto;
+ allow $1 sixxsconfig_server_packet_t:packet relabelto;
')
@@ -56302,7 +76680,7 @@ interface(`corenet_relabelto_ricci_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ricci_modcluster port.
+## Send and receive TCP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56311,17 +76689,17 @@ interface(`corenet_relabelto_ricci_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
+interface(`corenet_tcp_sendrecv_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 smbd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ricci_modcluster port.
+## Send UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56330,17 +76708,17 @@ interface(`corenet_tcp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ricci_modcluster_port',`
+interface(`corenet_udp_send_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket send_msg;
+ allow $1 smbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ricci_modcluster port.
+## Do not audit attempts to send UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56349,17 +76727,17 @@ interface(`corenet_udp_send_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
+interface(`corenet_dontaudit_udp_send_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- dontaudit $1 ricci_modcluster_port_t:udp_socket send_msg;
+ dontaudit $1 smbd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ricci_modcluster port.
+## Receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56368,17 +76746,17 @@ interface(`corenet_dontaudit_udp_send_ricci_modcluster_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ricci_modcluster_port',`
+interface(`corenet_udp_receive_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket recv_msg;
+ allow $1 smbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ricci_modcluster port.
+## Do not audit attempts to receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56387,17 +76765,17 @@ interface(`corenet_udp_receive_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
+interface(`corenet_dontaudit_udp_receive_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- dontaudit $1 ricci_modcluster_port_t:udp_socket recv_msg;
+ dontaudit $1 smbd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ricci_modcluster port.
+## Send and receive UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56406,15 +76784,15 @@ interface(`corenet_dontaudit_udp_receive_ricci_modcluster_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
- corenet_udp_send_ricci_modcluster_port($1)
- corenet_udp_receive_ricci_modcluster_port($1)
+interface(`corenet_udp_sendrecv_smbd_port',`
+ corenet_udp_send_smbd_port($1)
+ corenet_udp_receive_smbd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ricci_modcluster port.
+## UDP traffic on the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56423,14 +76801,14 @@ interface(`corenet_udp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
- corenet_dontaudit_udp_send_ricci_modcluster_port($1)
- corenet_dontaudit_udp_receive_ricci_modcluster_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
+ corenet_dontaudit_udp_send_smbd_port($1)
+ corenet_dontaudit_udp_receive_smbd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ricci_modcluster port.
+## Bind TCP sockets to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56439,18 +76817,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ricci_modcluster_port',`
+interface(`corenet_tcp_bind_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket name_bind;
-
+ allow $1 smbd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ricci_modcluster port.
+## Bind UDP sockets to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56459,18 +76837,18 @@ interface(`corenet_tcp_bind_ricci_modcluster_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ricci_modcluster_port',`
+interface(`corenet_udp_bind_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:udp_socket name_bind;
-
+ allow $1 smbd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ricci_modcluster port.
+## Make a TCP connection to the smbd port.
## </summary>
## <param name="domain">
## <summary>
@@ -56478,18 +76856,18 @@ interface(`corenet_udp_bind_ricci_modcluster_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ricci_modcluster_port',`
+interface(`corenet_tcp_connect_smbd_port',`
gen_require(`
- type ricci_modcluster_port_t;
+ type smbd_port_t;
')
- allow $1 ricci_modcluster_port_t:tcp_socket name_connect;
+ allow $1 smbd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ricci_modcluster_client packets.
+## Send smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56498,17 +76876,17 @@ interface(`corenet_tcp_connect_ricci_modcluster_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_modcluster_client_packets',`
+interface(`corenet_send_smbd_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet send;
+ allow $1 smbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_modcluster_client packets.
+## Do not audit attempts to send smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56517,17 +76895,17 @@ interface(`corenet_send_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
+interface(`corenet_dontaudit_send_smbd_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type smbd_client_packet_t;
')
- dontaudit $1 ricci_modcluster_client_packet_t:packet send;
+ dontaudit $1 smbd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_modcluster_client packets.
+## Receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56536,17 +76914,17 @@ interface(`corenet_dontaudit_send_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_modcluster_client_packets',`
+interface(`corenet_receive_smbd_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet recv;
+ allow $1 smbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_modcluster_client packets.
+## Do not audit attempts to receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56555,17 +76933,17 @@ interface(`corenet_receive_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
+interface(`corenet_dontaudit_receive_smbd_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type smbd_client_packet_t;
')
- dontaudit $1 ricci_modcluster_client_packet_t:packet recv;
+ dontaudit $1 smbd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_modcluster_client packets.
+## Send and receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56574,14 +76952,14 @@ interface(`corenet_dontaudit_receive_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
- corenet_send_ricci_modcluster_client_packets($1)
- corenet_receive_ricci_modcluster_client_packets($1)
+interface(`corenet_sendrecv_smbd_client_packets',`
+ corenet_send_smbd_client_packets($1)
+ corenet_receive_smbd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_modcluster_client packets.
+## Do not audit attempts to send and receive smbd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56590,14 +76968,14 @@ interface(`corenet_sendrecv_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
- corenet_dontaudit_send_ricci_modcluster_client_packets($1)
- corenet_dontaudit_receive_ricci_modcluster_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
+ corenet_dontaudit_send_smbd_client_packets($1)
+ corenet_dontaudit_receive_smbd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_modcluster_client the packet type.
+## Relabel packets to smbd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56605,18 +76983,18 @@ interface(`corenet_dontaudit_sendrecv_ricci_modcluster_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_modcluster_client_packets',`
+interface(`corenet_relabelto_smbd_client_packets',`
gen_require(`
- type ricci_modcluster_client_packet_t;
+ type smbd_client_packet_t;
')
- allow $1 ricci_modcluster_client_packet_t:packet relabelto;
+ allow $1 smbd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ricci_modcluster_server packets.
+## Send smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56625,17 +77003,17 @@ interface(`corenet_relabelto_ricci_modcluster_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ricci_modcluster_server_packets',`
+interface(`corenet_send_smbd_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet send;
+ allow $1 smbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ricci_modcluster_server packets.
+## Do not audit attempts to send smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56644,17 +77022,17 @@ interface(`corenet_send_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
+interface(`corenet_dontaudit_send_smbd_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type smbd_server_packet_t;
')
- dontaudit $1 ricci_modcluster_server_packet_t:packet send;
+ dontaudit $1 smbd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ricci_modcluster_server packets.
+## Receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56663,17 +77041,17 @@ interface(`corenet_dontaudit_send_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ricci_modcluster_server_packets',`
+interface(`corenet_receive_smbd_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet recv;
+ allow $1 smbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ricci_modcluster_server packets.
+## Do not audit attempts to receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56682,17 +77060,17 @@ interface(`corenet_receive_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
+interface(`corenet_dontaudit_receive_smbd_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type smbd_server_packet_t;
')
- dontaudit $1 ricci_modcluster_server_packet_t:packet recv;
+ dontaudit $1 smbd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ricci_modcluster_server packets.
+## Send and receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56701,14 +77079,14 @@ interface(`corenet_dontaudit_receive_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
- corenet_send_ricci_modcluster_server_packets($1)
- corenet_receive_ricci_modcluster_server_packets($1)
+interface(`corenet_sendrecv_smbd_server_packets',`
+ corenet_send_smbd_server_packets($1)
+ corenet_receive_smbd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ricci_modcluster_server packets.
+## Do not audit attempts to send and receive smbd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56716,15 +77094,15 @@ interface(`corenet_sendrecv_ricci_modcluster_server_packets',`
## </summary>
## </param>
## <infoflow type="none"/>
-#
-interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
- corenet_dontaudit_send_ricci_modcluster_server_packets($1)
- corenet_dontaudit_receive_ricci_modcluster_server_packets($1)
+#
+interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
+ corenet_dontaudit_send_smbd_server_packets($1)
+ corenet_dontaudit_receive_smbd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ricci_modcluster_server the packet type.
+## Relabel packets to smbd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -56732,12 +77110,12 @@ interface(`corenet_dontaudit_sendrecv_ricci_modcluster_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ricci_modcluster_server_packets',`
+interface(`corenet_relabelto_smbd_server_packets',`
gen_require(`
- type ricci_modcluster_server_packet_t;
+ type smbd_server_packet_t;
')
- allow $1 ricci_modcluster_server_packet_t:packet relabelto;
+ allow $1 smbd_server_packet_t:packet relabelto;
')
@@ -56745,7 +77123,7 @@ interface(`corenet_relabelto_ricci_modcluster_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rlogind port.
+## Send and receive TCP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56754,17 +77132,17 @@ interface(`corenet_relabelto_ricci_modcluster_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rlogind_port',`
+interface(`corenet_tcp_sendrecv_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 smtp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rlogind port.
+## Send UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56773,17 +77151,17 @@ interface(`corenet_tcp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rlogind_port',`
+interface(`corenet_udp_send_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:udp_socket send_msg;
+ allow $1 smtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rlogind port.
+## Do not audit attempts to send UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56792,17 +77170,17 @@ interface(`corenet_udp_send_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rlogind_port',`
+interface(`corenet_dontaudit_udp_send_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- dontaudit $1 rlogind_port_t:udp_socket send_msg;
+ dontaudit $1 smtp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rlogind port.
+## Receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56811,17 +77189,17 @@ interface(`corenet_dontaudit_udp_send_rlogind_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rlogind_port',`
+interface(`corenet_udp_receive_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:udp_socket recv_msg;
+ allow $1 smtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rlogind port.
+## Do not audit attempts to receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56830,17 +77208,17 @@ interface(`corenet_udp_receive_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rlogind_port',`
+interface(`corenet_dontaudit_udp_receive_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- dontaudit $1 rlogind_port_t:udp_socket recv_msg;
+ dontaudit $1 smtp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rlogind port.
+## Send and receive UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56849,15 +77227,15 @@ interface(`corenet_dontaudit_udp_receive_rlogind_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rlogind_port',`
- corenet_udp_send_rlogind_port($1)
- corenet_udp_receive_rlogind_port($1)
+interface(`corenet_udp_sendrecv_smtp_port',`
+ corenet_udp_send_smtp_port($1)
+ corenet_udp_receive_smtp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rlogind port.
+## UDP traffic on the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56866,14 +77244,14 @@ interface(`corenet_udp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
- corenet_dontaudit_udp_send_rlogind_port($1)
- corenet_dontaudit_udp_receive_rlogind_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
+ corenet_dontaudit_udp_send_smtp_port($1)
+ corenet_dontaudit_udp_receive_smtp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rlogind port.
+## Bind TCP sockets to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56882,18 +77260,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rlogind_port',`
+interface(`corenet_tcp_bind_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:tcp_socket name_bind;
+ allow $1 smtp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rlogind port.
+## Bind UDP sockets to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56902,18 +77280,18 @@ interface(`corenet_tcp_bind_rlogind_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rlogind_port',`
+interface(`corenet_udp_bind_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:udp_socket name_bind;
+ allow $1 smtp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rlogind port.
+## Make a TCP connection to the smtp port.
## </summary>
## <param name="domain">
## <summary>
@@ -56921,18 +77299,18 @@ interface(`corenet_udp_bind_rlogind_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rlogind_port',`
+interface(`corenet_tcp_connect_smtp_port',`
gen_require(`
- type rlogind_port_t;
+ type smtp_port_t;
')
- allow $1 rlogind_port_t:tcp_socket name_connect;
+ allow $1 smtp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rlogind_client packets.
+## Send smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56941,17 +77319,17 @@ interface(`corenet_tcp_connect_rlogind_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rlogind_client_packets',`
+interface(`corenet_send_smtp_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet send;
+ allow $1 smtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rlogind_client packets.
+## Do not audit attempts to send smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56960,17 +77338,17 @@ interface(`corenet_send_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rlogind_client_packets',`
+interface(`corenet_dontaudit_send_smtp_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type smtp_client_packet_t;
')
- dontaudit $1 rlogind_client_packet_t:packet send;
+ dontaudit $1 smtp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rlogind_client packets.
+## Receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56979,17 +77357,17 @@ interface(`corenet_dontaudit_send_rlogind_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rlogind_client_packets',`
+interface(`corenet_receive_smtp_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet recv;
+ allow $1 smtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rlogind_client packets.
+## Do not audit attempts to receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -56998,17 +77376,17 @@ interface(`corenet_receive_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rlogind_client_packets',`
+interface(`corenet_dontaudit_receive_smtp_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type smtp_client_packet_t;
')
- dontaudit $1 rlogind_client_packet_t:packet recv;
+ dontaudit $1 smtp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rlogind_client packets.
+## Send and receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57017,14 +77395,14 @@ interface(`corenet_dontaudit_receive_rlogind_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rlogind_client_packets',`
- corenet_send_rlogind_client_packets($1)
- corenet_receive_rlogind_client_packets($1)
+interface(`corenet_sendrecv_smtp_client_packets',`
+ corenet_send_smtp_client_packets($1)
+ corenet_receive_smtp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rlogind_client packets.
+## Do not audit attempts to send and receive smtp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57033,14 +77411,14 @@ interface(`corenet_sendrecv_rlogind_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
- corenet_dontaudit_send_rlogind_client_packets($1)
- corenet_dontaudit_receive_rlogind_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
+ corenet_dontaudit_send_smtp_client_packets($1)
+ corenet_dontaudit_receive_smtp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rlogind_client the packet type.
+## Relabel packets to smtp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57048,18 +77426,18 @@ interface(`corenet_dontaudit_sendrecv_rlogind_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rlogind_client_packets',`
+interface(`corenet_relabelto_smtp_client_packets',`
gen_require(`
- type rlogind_client_packet_t;
+ type smtp_client_packet_t;
')
- allow $1 rlogind_client_packet_t:packet relabelto;
+ allow $1 smtp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rlogind_server packets.
+## Send smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57068,17 +77446,17 @@ interface(`corenet_relabelto_rlogind_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rlogind_server_packets',`
+interface(`corenet_send_smtp_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet send;
+ allow $1 smtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rlogind_server packets.
+## Do not audit attempts to send smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57087,17 +77465,17 @@ interface(`corenet_send_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rlogind_server_packets',`
+interface(`corenet_dontaudit_send_smtp_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type smtp_server_packet_t;
')
- dontaudit $1 rlogind_server_packet_t:packet send;
+ dontaudit $1 smtp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rlogind_server packets.
+## Receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57106,17 +77484,17 @@ interface(`corenet_dontaudit_send_rlogind_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rlogind_server_packets',`
+interface(`corenet_receive_smtp_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet recv;
+ allow $1 smtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rlogind_server packets.
+## Do not audit attempts to receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57125,17 +77503,17 @@ interface(`corenet_receive_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rlogind_server_packets',`
+interface(`corenet_dontaudit_receive_smtp_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type smtp_server_packet_t;
')
- dontaudit $1 rlogind_server_packet_t:packet recv;
+ dontaudit $1 smtp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rlogind_server packets.
+## Send and receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57144,14 +77522,14 @@ interface(`corenet_dontaudit_receive_rlogind_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rlogind_server_packets',`
- corenet_send_rlogind_server_packets($1)
- corenet_receive_rlogind_server_packets($1)
+interface(`corenet_sendrecv_smtp_server_packets',`
+ corenet_send_smtp_server_packets($1)
+ corenet_receive_smtp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rlogind_server packets.
+## Do not audit attempts to send and receive smtp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57160,14 +77538,14 @@ interface(`corenet_sendrecv_rlogind_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
- corenet_dontaudit_send_rlogind_server_packets($1)
- corenet_dontaudit_receive_rlogind_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
+ corenet_dontaudit_send_smtp_server_packets($1)
+ corenet_dontaudit_receive_smtp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rlogind_server the packet type.
+## Relabel packets to smtp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57175,12 +77553,12 @@ interface(`corenet_dontaudit_sendrecv_rlogind_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rlogind_server_packets',`
+interface(`corenet_relabelto_smtp_server_packets',`
gen_require(`
- type rlogind_server_packet_t;
+ type smtp_server_packet_t;
')
- allow $1 rlogind_server_packet_t:packet relabelto;
+ allow $1 smtp_server_packet_t:packet relabelto;
')
@@ -57188,7 +77566,7 @@ interface(`corenet_relabelto_rlogind_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rndc port.
+## Send and receive TCP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57197,17 +77575,17 @@ interface(`corenet_relabelto_rlogind_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rndc_port',`
+interface(`corenet_tcp_sendrecv_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 snmp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rndc port.
+## Send UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57216,17 +77594,17 @@ interface(`corenet_tcp_sendrecv_rndc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rndc_port',`
+interface(`corenet_udp_send_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:udp_socket send_msg;
+ allow $1 snmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rndc port.
+## Do not audit attempts to send UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57235,17 +77613,17 @@ interface(`corenet_udp_send_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rndc_port',`
+interface(`corenet_dontaudit_udp_send_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- dontaudit $1 rndc_port_t:udp_socket send_msg;
+ dontaudit $1 snmp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rndc port.
+## Receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57254,17 +77632,17 @@ interface(`corenet_dontaudit_udp_send_rndc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rndc_port',`
+interface(`corenet_udp_receive_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:udp_socket recv_msg;
+ allow $1 snmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rndc port.
+## Do not audit attempts to receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57273,17 +77651,17 @@ interface(`corenet_udp_receive_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rndc_port',`
+interface(`corenet_dontaudit_udp_receive_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- dontaudit $1 rndc_port_t:udp_socket recv_msg;
+ dontaudit $1 snmp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rndc port.
+## Send and receive UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57292,15 +77670,15 @@ interface(`corenet_dontaudit_udp_receive_rndc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rndc_port',`
- corenet_udp_send_rndc_port($1)
- corenet_udp_receive_rndc_port($1)
+interface(`corenet_udp_sendrecv_snmp_port',`
+ corenet_udp_send_snmp_port($1)
+ corenet_udp_receive_snmp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rndc port.
+## UDP traffic on the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57309,14 +77687,14 @@ interface(`corenet_udp_sendrecv_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
- corenet_dontaudit_udp_send_rndc_port($1)
- corenet_dontaudit_udp_receive_rndc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
+ corenet_dontaudit_udp_send_snmp_port($1)
+ corenet_dontaudit_udp_receive_snmp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rndc port.
+## Bind TCP sockets to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57325,18 +77703,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rndc_port',`
+interface(`corenet_tcp_bind_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:tcp_socket name_bind;
+ allow $1 snmp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rndc port.
+## Bind UDP sockets to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57345,18 +77723,18 @@ interface(`corenet_tcp_bind_rndc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rndc_port',`
+interface(`corenet_udp_bind_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:udp_socket name_bind;
+ allow $1 snmp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rndc port.
+## Make a TCP connection to the snmp port.
## </summary>
## <param name="domain">
## <summary>
@@ -57364,18 +77742,18 @@ interface(`corenet_udp_bind_rndc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rndc_port',`
+interface(`corenet_tcp_connect_snmp_port',`
gen_require(`
- type rndc_port_t;
+ type snmp_port_t;
')
- allow $1 rndc_port_t:tcp_socket name_connect;
+ allow $1 snmp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rndc_client packets.
+## Send snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57384,17 +77762,17 @@ interface(`corenet_tcp_connect_rndc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rndc_client_packets',`
+interface(`corenet_send_snmp_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet send;
+ allow $1 snmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rndc_client packets.
+## Do not audit attempts to send snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57403,17 +77781,17 @@ interface(`corenet_send_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rndc_client_packets',`
+interface(`corenet_dontaudit_send_snmp_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type snmp_client_packet_t;
')
- dontaudit $1 rndc_client_packet_t:packet send;
+ dontaudit $1 snmp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rndc_client packets.
+## Receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57422,17 +77800,17 @@ interface(`corenet_dontaudit_send_rndc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rndc_client_packets',`
+interface(`corenet_receive_snmp_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet recv;
+ allow $1 snmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rndc_client packets.
+## Do not audit attempts to receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57441,17 +77819,17 @@ interface(`corenet_receive_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rndc_client_packets',`
+interface(`corenet_dontaudit_receive_snmp_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type snmp_client_packet_t;
')
- dontaudit $1 rndc_client_packet_t:packet recv;
+ dontaudit $1 snmp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rndc_client packets.
+## Send and receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57460,14 +77838,14 @@ interface(`corenet_dontaudit_receive_rndc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rndc_client_packets',`
- corenet_send_rndc_client_packets($1)
- corenet_receive_rndc_client_packets($1)
+interface(`corenet_sendrecv_snmp_client_packets',`
+ corenet_send_snmp_client_packets($1)
+ corenet_receive_snmp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rndc_client packets.
+## Do not audit attempts to send and receive snmp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57476,14 +77854,14 @@ interface(`corenet_sendrecv_rndc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
- corenet_dontaudit_send_rndc_client_packets($1)
- corenet_dontaudit_receive_rndc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
+ corenet_dontaudit_send_snmp_client_packets($1)
+ corenet_dontaudit_receive_snmp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rndc_client the packet type.
+## Relabel packets to snmp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57491,18 +77869,18 @@ interface(`corenet_dontaudit_sendrecv_rndc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rndc_client_packets',`
+interface(`corenet_relabelto_snmp_client_packets',`
gen_require(`
- type rndc_client_packet_t;
+ type snmp_client_packet_t;
')
- allow $1 rndc_client_packet_t:packet relabelto;
+ allow $1 snmp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rndc_server packets.
+## Send snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57511,17 +77889,17 @@ interface(`corenet_relabelto_rndc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rndc_server_packets',`
+interface(`corenet_send_snmp_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet send;
+ allow $1 snmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rndc_server packets.
+## Do not audit attempts to send snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57530,17 +77908,17 @@ interface(`corenet_send_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rndc_server_packets',`
+interface(`corenet_dontaudit_send_snmp_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type snmp_server_packet_t;
')
- dontaudit $1 rndc_server_packet_t:packet send;
+ dontaudit $1 snmp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rndc_server packets.
+## Receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57549,17 +77927,17 @@ interface(`corenet_dontaudit_send_rndc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rndc_server_packets',`
+interface(`corenet_receive_snmp_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet recv;
+ allow $1 snmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rndc_server packets.
+## Do not audit attempts to receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57568,17 +77946,17 @@ interface(`corenet_receive_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rndc_server_packets',`
+interface(`corenet_dontaudit_receive_snmp_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type snmp_server_packet_t;
')
- dontaudit $1 rndc_server_packet_t:packet recv;
+ dontaudit $1 snmp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rndc_server packets.
+## Send and receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57587,14 +77965,14 @@ interface(`corenet_dontaudit_receive_rndc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rndc_server_packets',`
- corenet_send_rndc_server_packets($1)
- corenet_receive_rndc_server_packets($1)
+interface(`corenet_sendrecv_snmp_server_packets',`
+ corenet_send_snmp_server_packets($1)
+ corenet_receive_snmp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rndc_server packets.
+## Do not audit attempts to send and receive snmp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57603,14 +77981,14 @@ interface(`corenet_sendrecv_rndc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
- corenet_dontaudit_send_rndc_server_packets($1)
- corenet_dontaudit_receive_rndc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
+ corenet_dontaudit_send_snmp_server_packets($1)
+ corenet_dontaudit_receive_snmp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rndc_server the packet type.
+## Relabel packets to snmp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57618,12 +77996,12 @@ interface(`corenet_dontaudit_sendrecv_rndc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rndc_server_packets',`
+interface(`corenet_relabelto_snmp_server_packets',`
gen_require(`
- type rndc_server_packet_t;
+ type snmp_server_packet_t;
')
- allow $1 rndc_server_packet_t:packet relabelto;
+ allow $1 snmp_server_packet_t:packet relabelto;
')
@@ -57631,7 +78009,7 @@ interface(`corenet_relabelto_rndc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the router port.
+## Send and receive TCP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57640,17 +78018,17 @@ interface(`corenet_relabelto_rndc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_router_port',`
+interface(`corenet_tcp_sendrecv_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 socks_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the router port.
+## Send UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57659,17 +78037,17 @@ interface(`corenet_tcp_sendrecv_router_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_router_port',`
+interface(`corenet_udp_send_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:udp_socket send_msg;
+ allow $1 socks_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the router port.
+## Do not audit attempts to send UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57678,17 +78056,17 @@ interface(`corenet_udp_send_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_router_port',`
+interface(`corenet_dontaudit_udp_send_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- dontaudit $1 router_port_t:udp_socket send_msg;
+ dontaudit $1 socks_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the router port.
+## Receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57697,17 +78075,17 @@ interface(`corenet_dontaudit_udp_send_router_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_router_port',`
+interface(`corenet_udp_receive_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:udp_socket recv_msg;
+ allow $1 socks_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the router port.
+## Do not audit attempts to receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57716,17 +78094,17 @@ interface(`corenet_udp_receive_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_router_port',`
+interface(`corenet_dontaudit_udp_receive_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- dontaudit $1 router_port_t:udp_socket recv_msg;
+ dontaudit $1 socks_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the router port.
+## Send and receive UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57735,15 +78113,15 @@ interface(`corenet_dontaudit_udp_receive_router_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_router_port',`
- corenet_udp_send_router_port($1)
- corenet_udp_receive_router_port($1)
+interface(`corenet_udp_sendrecv_socks_port',`
+ corenet_udp_send_socks_port($1)
+ corenet_udp_receive_socks_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the router port.
+## UDP traffic on the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57752,14 +78130,14 @@ interface(`corenet_udp_sendrecv_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_router_port',`
- corenet_dontaudit_udp_send_router_port($1)
- corenet_dontaudit_udp_receive_router_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
+ corenet_dontaudit_udp_send_socks_port($1)
+ corenet_dontaudit_udp_receive_socks_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the router port.
+## Bind TCP sockets to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57768,18 +78146,18 @@ interface(`corenet_dontaudit_udp_sendrecv_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_router_port',`
+interface(`corenet_tcp_bind_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 socks_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the router port.
+## Bind UDP sockets to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57788,18 +78166,18 @@ interface(`corenet_tcp_bind_router_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_router_port',`
+interface(`corenet_udp_bind_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 socks_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the router port.
+## Make a TCP connection to the socks port.
## </summary>
## <param name="domain">
## <summary>
@@ -57807,18 +78185,18 @@ interface(`corenet_udp_bind_router_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_router_port',`
+interface(`corenet_tcp_connect_socks_port',`
gen_require(`
- type router_port_t;
+ type socks_port_t;
')
- allow $1 router_port_t:tcp_socket name_connect;
+ allow $1 socks_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send router_client packets.
+## Send socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57827,17 +78205,17 @@ interface(`corenet_tcp_connect_router_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_router_client_packets',`
+interface(`corenet_send_socks_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 router_client_packet_t:packet send;
+ allow $1 socks_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send router_client packets.
+## Do not audit attempts to send socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57846,17 +78224,17 @@ interface(`corenet_send_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_router_client_packets',`
+interface(`corenet_dontaudit_send_socks_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type socks_client_packet_t;
')
- dontaudit $1 router_client_packet_t:packet send;
+ dontaudit $1 socks_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive router_client packets.
+## Receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57865,17 +78243,17 @@ interface(`corenet_dontaudit_send_router_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_router_client_packets',`
+interface(`corenet_receive_socks_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 router_client_packet_t:packet recv;
+ allow $1 socks_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive router_client packets.
+## Do not audit attempts to receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57884,17 +78262,17 @@ interface(`corenet_receive_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_router_client_packets',`
+interface(`corenet_dontaudit_receive_socks_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type socks_client_packet_t;
')
- dontaudit $1 router_client_packet_t:packet recv;
+ dontaudit $1 socks_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive router_client packets.
+## Send and receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57903,14 +78281,14 @@ interface(`corenet_dontaudit_receive_router_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_router_client_packets',`
- corenet_send_router_client_packets($1)
- corenet_receive_router_client_packets($1)
+interface(`corenet_sendrecv_socks_client_packets',`
+ corenet_send_socks_client_packets($1)
+ corenet_receive_socks_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive router_client packets.
+## Do not audit attempts to send and receive socks_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57919,14 +78297,14 @@ interface(`corenet_sendrecv_router_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_router_client_packets',`
- corenet_dontaudit_send_router_client_packets($1)
- corenet_dontaudit_receive_router_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
+ corenet_dontaudit_send_socks_client_packets($1)
+ corenet_dontaudit_receive_socks_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to router_client the packet type.
+## Relabel packets to socks_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -57934,18 +78312,18 @@ interface(`corenet_dontaudit_sendrecv_router_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_router_client_packets',`
+interface(`corenet_relabelto_socks_client_packets',`
gen_require(`
- type router_client_packet_t;
+ type socks_client_packet_t;
')
- allow $1 router_client_packet_t:packet relabelto;
+ allow $1 socks_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send router_server packets.
+## Send socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57954,17 +78332,17 @@ interface(`corenet_relabelto_router_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_router_server_packets',`
+interface(`corenet_send_socks_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 router_server_packet_t:packet send;
+ allow $1 socks_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send router_server packets.
+## Do not audit attempts to send socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57973,17 +78351,17 @@ interface(`corenet_send_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_router_server_packets',`
+interface(`corenet_dontaudit_send_socks_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type socks_server_packet_t;
')
- dontaudit $1 router_server_packet_t:packet send;
+ dontaudit $1 socks_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive router_server packets.
+## Receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -57992,17 +78370,17 @@ interface(`corenet_dontaudit_send_router_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_router_server_packets',`
+interface(`corenet_receive_socks_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 router_server_packet_t:packet recv;
+ allow $1 socks_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive router_server packets.
+## Do not audit attempts to receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58011,17 +78389,17 @@ interface(`corenet_receive_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_router_server_packets',`
+interface(`corenet_dontaudit_receive_socks_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type socks_server_packet_t;
')
- dontaudit $1 router_server_packet_t:packet recv;
+ dontaudit $1 socks_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive router_server packets.
+## Send and receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58030,14 +78408,14 @@ interface(`corenet_dontaudit_receive_router_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_router_server_packets',`
- corenet_send_router_server_packets($1)
- corenet_receive_router_server_packets($1)
+interface(`corenet_sendrecv_socks_server_packets',`
+ corenet_send_socks_server_packets($1)
+ corenet_receive_socks_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive router_server packets.
+## Do not audit attempts to send and receive socks_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58046,14 +78424,14 @@ interface(`corenet_sendrecv_router_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_router_server_packets',`
- corenet_dontaudit_send_router_server_packets($1)
- corenet_dontaudit_receive_router_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
+ corenet_dontaudit_send_socks_server_packets($1)
+ corenet_dontaudit_receive_socks_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to router_server the packet type.
+## Relabel packets to socks_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58061,20 +78439,20 @@ interface(`corenet_dontaudit_sendrecv_router_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_router_server_packets',`
+interface(`corenet_relabelto_socks_server_packets',`
gen_require(`
- type router_server_packet_t;
+ type socks_server_packet_t;
')
- allow $1 router_server_packet_t:packet relabelto;
+ allow $1 socks_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the rsh port.
+## Send and receive TCP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58083,17 +78461,17 @@ interface(`corenet_relabelto_router_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rsh_port',`
+interface(`corenet_tcp_sendrecv_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 soundd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rsh port.
+## Send UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58102,17 +78480,17 @@ interface(`corenet_tcp_sendrecv_rsh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rsh_port',`
+interface(`corenet_udp_send_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:udp_socket send_msg;
+ allow $1 soundd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rsh port.
+## Do not audit attempts to send UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58121,17 +78499,17 @@ interface(`corenet_udp_send_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rsh_port',`
+interface(`corenet_dontaudit_udp_send_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- dontaudit $1 rsh_port_t:udp_socket send_msg;
+ dontaudit $1 soundd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rsh port.
+## Receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58140,17 +78518,17 @@ interface(`corenet_dontaudit_udp_send_rsh_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rsh_port',`
+interface(`corenet_udp_receive_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:udp_socket recv_msg;
+ allow $1 soundd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rsh port.
+## Do not audit attempts to receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58159,17 +78537,17 @@ interface(`corenet_udp_receive_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rsh_port',`
+interface(`corenet_dontaudit_udp_receive_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- dontaudit $1 rsh_port_t:udp_socket recv_msg;
+ dontaudit $1 soundd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rsh port.
+## Send and receive UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58178,15 +78556,15 @@ interface(`corenet_dontaudit_udp_receive_rsh_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rsh_port',`
- corenet_udp_send_rsh_port($1)
- corenet_udp_receive_rsh_port($1)
+interface(`corenet_udp_sendrecv_soundd_port',`
+ corenet_udp_send_soundd_port($1)
+ corenet_udp_receive_soundd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rsh port.
+## UDP traffic on the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58195,14 +78573,14 @@ interface(`corenet_udp_sendrecv_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
- corenet_dontaudit_udp_send_rsh_port($1)
- corenet_dontaudit_udp_receive_rsh_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
+ corenet_dontaudit_udp_send_soundd_port($1)
+ corenet_dontaudit_udp_receive_soundd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rsh port.
+## Bind TCP sockets to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58211,18 +78589,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rsh_port',`
+interface(`corenet_tcp_bind_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 soundd_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the rsh port.
+## Bind UDP sockets to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58231,18 +78609,18 @@ interface(`corenet_tcp_bind_rsh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rsh_port',`
+interface(`corenet_udp_bind_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 soundd_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the rsh port.
+## Make a TCP connection to the soundd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58250,18 +78628,18 @@ interface(`corenet_udp_bind_rsh_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rsh_port',`
+interface(`corenet_tcp_connect_soundd_port',`
gen_require(`
- type rsh_port_t;
+ type soundd_port_t;
')
- allow $1 rsh_port_t:tcp_socket name_connect;
+ allow $1 soundd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rsh_client packets.
+## Send soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58270,17 +78648,17 @@ interface(`corenet_tcp_connect_rsh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsh_client_packets',`
+interface(`corenet_send_soundd_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet send;
+ allow $1 soundd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsh_client packets.
+## Do not audit attempts to send soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58289,17 +78667,17 @@ interface(`corenet_send_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsh_client_packets',`
+interface(`corenet_dontaudit_send_soundd_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type soundd_client_packet_t;
')
- dontaudit $1 rsh_client_packet_t:packet send;
+ dontaudit $1 soundd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsh_client packets.
+## Receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58308,17 +78686,17 @@ interface(`corenet_dontaudit_send_rsh_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsh_client_packets',`
+interface(`corenet_receive_soundd_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet recv;
+ allow $1 soundd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsh_client packets.
+## Do not audit attempts to receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58327,17 +78705,17 @@ interface(`corenet_receive_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsh_client_packets',`
+interface(`corenet_dontaudit_receive_soundd_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type soundd_client_packet_t;
')
- dontaudit $1 rsh_client_packet_t:packet recv;
+ dontaudit $1 soundd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsh_client packets.
+## Send and receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58346,14 +78724,14 @@ interface(`corenet_dontaudit_receive_rsh_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsh_client_packets',`
- corenet_send_rsh_client_packets($1)
- corenet_receive_rsh_client_packets($1)
+interface(`corenet_sendrecv_soundd_client_packets',`
+ corenet_send_soundd_client_packets($1)
+ corenet_receive_soundd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsh_client packets.
+## Do not audit attempts to send and receive soundd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58362,14 +78740,14 @@ interface(`corenet_sendrecv_rsh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
- corenet_dontaudit_send_rsh_client_packets($1)
- corenet_dontaudit_receive_rsh_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
+ corenet_dontaudit_send_soundd_client_packets($1)
+ corenet_dontaudit_receive_soundd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsh_client the packet type.
+## Relabel packets to soundd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58377,18 +78755,18 @@ interface(`corenet_dontaudit_sendrecv_rsh_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsh_client_packets',`
+interface(`corenet_relabelto_soundd_client_packets',`
gen_require(`
- type rsh_client_packet_t;
+ type soundd_client_packet_t;
')
- allow $1 rsh_client_packet_t:packet relabelto;
+ allow $1 soundd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rsh_server packets.
+## Send soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58397,17 +78775,17 @@ interface(`corenet_relabelto_rsh_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsh_server_packets',`
+interface(`corenet_send_soundd_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet send;
+ allow $1 soundd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsh_server packets.
+## Do not audit attempts to send soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58416,17 +78794,17 @@ interface(`corenet_send_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsh_server_packets',`
+interface(`corenet_dontaudit_send_soundd_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type soundd_server_packet_t;
')
- dontaudit $1 rsh_server_packet_t:packet send;
+ dontaudit $1 soundd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsh_server packets.
+## Receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58435,17 +78813,17 @@ interface(`corenet_dontaudit_send_rsh_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsh_server_packets',`
+interface(`corenet_receive_soundd_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet recv;
+ allow $1 soundd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsh_server packets.
+## Do not audit attempts to receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58454,17 +78832,17 @@ interface(`corenet_receive_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsh_server_packets',`
+interface(`corenet_dontaudit_receive_soundd_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type soundd_server_packet_t;
')
- dontaudit $1 rsh_server_packet_t:packet recv;
+ dontaudit $1 soundd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsh_server packets.
+## Send and receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58473,14 +78851,14 @@ interface(`corenet_dontaudit_receive_rsh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsh_server_packets',`
- corenet_send_rsh_server_packets($1)
- corenet_receive_rsh_server_packets($1)
+interface(`corenet_sendrecv_soundd_server_packets',`
+ corenet_send_soundd_server_packets($1)
+ corenet_receive_soundd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsh_server packets.
+## Do not audit attempts to send and receive soundd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58489,14 +78867,14 @@ interface(`corenet_sendrecv_rsh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
- corenet_dontaudit_send_rsh_server_packets($1)
- corenet_dontaudit_receive_rsh_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
+ corenet_dontaudit_send_soundd_server_packets($1)
+ corenet_dontaudit_receive_soundd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsh_server the packet type.
+## Relabel packets to soundd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58504,12 +78882,12 @@ interface(`corenet_dontaudit_sendrecv_rsh_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsh_server_packets',`
+interface(`corenet_relabelto_soundd_server_packets',`
gen_require(`
- type rsh_server_packet_t;
+ type soundd_server_packet_t;
')
- allow $1 rsh_server_packet_t:packet relabelto;
+ allow $1 soundd_server_packet_t:packet relabelto;
')
@@ -58517,7 +78895,7 @@ interface(`corenet_relabelto_rsh_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rsync port.
+## Send and receive TCP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58526,17 +78904,17 @@ interface(`corenet_relabelto_rsh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rsync_port',`
+interface(`corenet_tcp_sendrecv_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 spamd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rsync port.
+## Send UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58545,17 +78923,17 @@ interface(`corenet_tcp_sendrecv_rsync_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rsync_port',`
+interface(`corenet_udp_send_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:udp_socket send_msg;
+ allow $1 spamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rsync port.
+## Do not audit attempts to send UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58564,17 +78942,17 @@ interface(`corenet_udp_send_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rsync_port',`
+interface(`corenet_dontaudit_udp_send_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- dontaudit $1 rsync_port_t:udp_socket send_msg;
+ dontaudit $1 spamd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rsync port.
+## Receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58583,17 +78961,17 @@ interface(`corenet_dontaudit_udp_send_rsync_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rsync_port',`
+interface(`corenet_udp_receive_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:udp_socket recv_msg;
+ allow $1 spamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rsync port.
+## Do not audit attempts to receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58602,17 +78980,17 @@ interface(`corenet_udp_receive_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rsync_port',`
+interface(`corenet_dontaudit_udp_receive_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- dontaudit $1 rsync_port_t:udp_socket recv_msg;
+ dontaudit $1 spamd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rsync port.
+## Send and receive UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58621,15 +78999,15 @@ interface(`corenet_dontaudit_udp_receive_rsync_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rsync_port',`
- corenet_udp_send_rsync_port($1)
- corenet_udp_receive_rsync_port($1)
+interface(`corenet_udp_sendrecv_spamd_port',`
+ corenet_udp_send_spamd_port($1)
+ corenet_udp_receive_spamd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rsync port.
+## UDP traffic on the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58638,14 +79016,14 @@ interface(`corenet_udp_sendrecv_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
- corenet_dontaudit_udp_send_rsync_port($1)
- corenet_dontaudit_udp_receive_rsync_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
+ corenet_dontaudit_udp_send_spamd_port($1)
+ corenet_dontaudit_udp_receive_spamd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rsync port.
+## Bind TCP sockets to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58654,18 +79032,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rsync_port',`
+interface(`corenet_tcp_bind_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:tcp_socket name_bind;
+ allow $1 spamd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the rsync port.
+## Bind UDP sockets to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58674,18 +79052,18 @@ interface(`corenet_tcp_bind_rsync_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rsync_port',`
+interface(`corenet_udp_bind_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:udp_socket name_bind;
+ allow $1 spamd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the rsync port.
+## Make a TCP connection to the spamd port.
## </summary>
## <param name="domain">
## <summary>
@@ -58693,18 +79071,18 @@ interface(`corenet_udp_bind_rsync_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rsync_port',`
+interface(`corenet_tcp_connect_spamd_port',`
gen_require(`
- type rsync_port_t;
+ type spamd_port_t;
')
- allow $1 rsync_port_t:tcp_socket name_connect;
+ allow $1 spamd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rsync_client packets.
+## Send spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58713,17 +79091,17 @@ interface(`corenet_tcp_connect_rsync_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsync_client_packets',`
+interface(`corenet_send_spamd_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet send;
+ allow $1 spamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsync_client packets.
+## Do not audit attempts to send spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58732,17 +79110,17 @@ interface(`corenet_send_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsync_client_packets',`
+interface(`corenet_dontaudit_send_spamd_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type spamd_client_packet_t;
')
- dontaudit $1 rsync_client_packet_t:packet send;
+ dontaudit $1 spamd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsync_client packets.
+## Receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58751,17 +79129,17 @@ interface(`corenet_dontaudit_send_rsync_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsync_client_packets',`
+interface(`corenet_receive_spamd_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet recv;
+ allow $1 spamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsync_client packets.
+## Do not audit attempts to receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58770,17 +79148,17 @@ interface(`corenet_receive_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsync_client_packets',`
+interface(`corenet_dontaudit_receive_spamd_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type spamd_client_packet_t;
')
- dontaudit $1 rsync_client_packet_t:packet recv;
+ dontaudit $1 spamd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsync_client packets.
+## Send and receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58789,14 +79167,14 @@ interface(`corenet_dontaudit_receive_rsync_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsync_client_packets',`
- corenet_send_rsync_client_packets($1)
- corenet_receive_rsync_client_packets($1)
+interface(`corenet_sendrecv_spamd_client_packets',`
+ corenet_send_spamd_client_packets($1)
+ corenet_receive_spamd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsync_client packets.
+## Do not audit attempts to send and receive spamd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58805,14 +79183,14 @@ interface(`corenet_sendrecv_rsync_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
- corenet_dontaudit_send_rsync_client_packets($1)
- corenet_dontaudit_receive_rsync_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
+ corenet_dontaudit_send_spamd_client_packets($1)
+ corenet_dontaudit_receive_spamd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsync_client the packet type.
+## Relabel packets to spamd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58820,18 +79198,18 @@ interface(`corenet_dontaudit_sendrecv_rsync_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsync_client_packets',`
+interface(`corenet_relabelto_spamd_client_packets',`
gen_require(`
- type rsync_client_packet_t;
+ type spamd_client_packet_t;
')
- allow $1 rsync_client_packet_t:packet relabelto;
+ allow $1 spamd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rsync_server packets.
+## Send spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58840,17 +79218,17 @@ interface(`corenet_relabelto_rsync_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rsync_server_packets',`
+interface(`corenet_send_spamd_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet send;
+ allow $1 spamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rsync_server packets.
+## Do not audit attempts to send spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58859,17 +79237,17 @@ interface(`corenet_send_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rsync_server_packets',`
+interface(`corenet_dontaudit_send_spamd_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type spamd_server_packet_t;
')
- dontaudit $1 rsync_server_packet_t:packet send;
+ dontaudit $1 spamd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rsync_server packets.
+## Receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58878,17 +79256,17 @@ interface(`corenet_dontaudit_send_rsync_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rsync_server_packets',`
+interface(`corenet_receive_spamd_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet recv;
+ allow $1 spamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rsync_server packets.
+## Do not audit attempts to receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58897,17 +79275,17 @@ interface(`corenet_receive_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rsync_server_packets',`
+interface(`corenet_dontaudit_receive_spamd_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type spamd_server_packet_t;
')
- dontaudit $1 rsync_server_packet_t:packet recv;
+ dontaudit $1 spamd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rsync_server packets.
+## Send and receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58916,14 +79294,14 @@ interface(`corenet_dontaudit_receive_rsync_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rsync_server_packets',`
- corenet_send_rsync_server_packets($1)
- corenet_receive_rsync_server_packets($1)
+interface(`corenet_sendrecv_spamd_server_packets',`
+ corenet_send_spamd_server_packets($1)
+ corenet_receive_spamd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rsync_server packets.
+## Do not audit attempts to send and receive spamd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -58932,14 +79310,14 @@ interface(`corenet_sendrecv_rsync_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
- corenet_dontaudit_send_rsync_server_packets($1)
- corenet_dontaudit_receive_rsync_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
+ corenet_dontaudit_send_spamd_server_packets($1)
+ corenet_dontaudit_receive_spamd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rsync_server the packet type.
+## Relabel packets to spamd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -58947,12 +79325,12 @@ interface(`corenet_dontaudit_sendrecv_rsync_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rsync_server_packets',`
+interface(`corenet_relabelto_spamd_server_packets',`
gen_require(`
- type rsync_server_packet_t;
+ type spamd_server_packet_t;
')
- allow $1 rsync_server_packet_t:packet relabelto;
+ allow $1 spamd_server_packet_t:packet relabelto;
')
@@ -58960,7 +79338,7 @@ interface(`corenet_relabelto_rsync_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the rwho port.
+## Send and receive TCP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -58969,17 +79347,17 @@ interface(`corenet_relabelto_rsync_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_rwho_port',`
+interface(`corenet_tcp_sendrecv_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 speech_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the rwho port.
+## Send UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -58988,17 +79366,17 @@ interface(`corenet_tcp_sendrecv_rwho_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_rwho_port',`
+interface(`corenet_udp_send_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:udp_socket send_msg;
+ allow $1 speech_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the rwho port.
+## Do not audit attempts to send UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59007,17 +79385,17 @@ interface(`corenet_udp_send_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_rwho_port',`
+interface(`corenet_dontaudit_udp_send_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- dontaudit $1 rwho_port_t:udp_socket send_msg;
+ dontaudit $1 speech_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the rwho port.
+## Receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59026,17 +79404,17 @@ interface(`corenet_dontaudit_udp_send_rwho_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_rwho_port',`
+interface(`corenet_udp_receive_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:udp_socket recv_msg;
+ allow $1 speech_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the rwho port.
+## Do not audit attempts to receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59045,17 +79423,17 @@ interface(`corenet_udp_receive_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_rwho_port',`
+interface(`corenet_dontaudit_udp_receive_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- dontaudit $1 rwho_port_t:udp_socket recv_msg;
+ dontaudit $1 speech_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the rwho port.
+## Send and receive UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59064,15 +79442,15 @@ interface(`corenet_dontaudit_udp_receive_rwho_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_rwho_port',`
- corenet_udp_send_rwho_port($1)
- corenet_udp_receive_rwho_port($1)
+interface(`corenet_udp_sendrecv_speech_port',`
+ corenet_udp_send_speech_port($1)
+ corenet_udp_receive_speech_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the rwho port.
+## UDP traffic on the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59081,14 +79459,14 @@ interface(`corenet_udp_sendrecv_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
- corenet_dontaudit_udp_send_rwho_port($1)
- corenet_dontaudit_udp_receive_rwho_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
+ corenet_dontaudit_udp_send_speech_port($1)
+ corenet_dontaudit_udp_receive_speech_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the rwho port.
+## Bind TCP sockets to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59097,18 +79475,18 @@ interface(`corenet_dontaudit_udp_sendrecv_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_rwho_port',`
+interface(`corenet_tcp_bind_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 speech_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the rwho port.
+## Bind UDP sockets to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59117,18 +79495,18 @@ interface(`corenet_tcp_bind_rwho_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_rwho_port',`
+interface(`corenet_udp_bind_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 speech_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the rwho port.
+## Make a TCP connection to the speech port.
## </summary>
## <param name="domain">
## <summary>
@@ -59136,18 +79514,18 @@ interface(`corenet_udp_bind_rwho_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_rwho_port',`
+interface(`corenet_tcp_connect_speech_port',`
gen_require(`
- type rwho_port_t;
+ type speech_port_t;
')
- allow $1 rwho_port_t:tcp_socket name_connect;
+ allow $1 speech_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send rwho_client packets.
+## Send speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59156,17 +79534,17 @@ interface(`corenet_tcp_connect_rwho_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rwho_client_packets',`
+interface(`corenet_send_speech_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet send;
+ allow $1 speech_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rwho_client packets.
+## Do not audit attempts to send speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59175,17 +79553,17 @@ interface(`corenet_send_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rwho_client_packets',`
+interface(`corenet_dontaudit_send_speech_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type speech_client_packet_t;
')
- dontaudit $1 rwho_client_packet_t:packet send;
+ dontaudit $1 speech_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive rwho_client packets.
+## Receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59194,17 +79572,17 @@ interface(`corenet_dontaudit_send_rwho_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rwho_client_packets',`
+interface(`corenet_receive_speech_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet recv;
+ allow $1 speech_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rwho_client packets.
+## Do not audit attempts to receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59213,17 +79591,17 @@ interface(`corenet_receive_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rwho_client_packets',`
+interface(`corenet_dontaudit_receive_speech_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type speech_client_packet_t;
')
- dontaudit $1 rwho_client_packet_t:packet recv;
+ dontaudit $1 speech_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rwho_client packets.
+## Send and receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59232,14 +79610,14 @@ interface(`corenet_dontaudit_receive_rwho_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rwho_client_packets',`
- corenet_send_rwho_client_packets($1)
- corenet_receive_rwho_client_packets($1)
+interface(`corenet_sendrecv_speech_client_packets',`
+ corenet_send_speech_client_packets($1)
+ corenet_receive_speech_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rwho_client packets.
+## Do not audit attempts to send and receive speech_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59248,14 +79626,14 @@ interface(`corenet_sendrecv_rwho_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
- corenet_dontaudit_send_rwho_client_packets($1)
- corenet_dontaudit_receive_rwho_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
+ corenet_dontaudit_send_speech_client_packets($1)
+ corenet_dontaudit_receive_speech_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to rwho_client the packet type.
+## Relabel packets to speech_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59263,18 +79641,18 @@ interface(`corenet_dontaudit_sendrecv_rwho_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rwho_client_packets',`
+interface(`corenet_relabelto_speech_client_packets',`
gen_require(`
- type rwho_client_packet_t;
+ type speech_client_packet_t;
')
- allow $1 rwho_client_packet_t:packet relabelto;
+ allow $1 speech_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send rwho_server packets.
+## Send speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59283,17 +79661,17 @@ interface(`corenet_relabelto_rwho_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_rwho_server_packets',`
+interface(`corenet_send_speech_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet send;
+ allow $1 speech_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send rwho_server packets.
+## Do not audit attempts to send speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59302,17 +79680,17 @@ interface(`corenet_send_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_rwho_server_packets',`
+interface(`corenet_dontaudit_send_speech_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type speech_server_packet_t;
')
- dontaudit $1 rwho_server_packet_t:packet send;
+ dontaudit $1 speech_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive rwho_server packets.
+## Receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59321,17 +79699,17 @@ interface(`corenet_dontaudit_send_rwho_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_rwho_server_packets',`
+interface(`corenet_receive_speech_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet recv;
+ allow $1 speech_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive rwho_server packets.
+## Do not audit attempts to receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59340,17 +79718,17 @@ interface(`corenet_receive_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_rwho_server_packets',`
+interface(`corenet_dontaudit_receive_speech_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type speech_server_packet_t;
')
- dontaudit $1 rwho_server_packet_t:packet recv;
+ dontaudit $1 speech_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive rwho_server packets.
+## Send and receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59359,14 +79737,14 @@ interface(`corenet_dontaudit_receive_rwho_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_rwho_server_packets',`
- corenet_send_rwho_server_packets($1)
- corenet_receive_rwho_server_packets($1)
+interface(`corenet_sendrecv_speech_server_packets',`
+ corenet_send_speech_server_packets($1)
+ corenet_receive_speech_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive rwho_server packets.
+## Do not audit attempts to send and receive speech_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59375,14 +79753,14 @@ interface(`corenet_sendrecv_rwho_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
- corenet_dontaudit_send_rwho_server_packets($1)
- corenet_dontaudit_receive_rwho_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
+ corenet_dontaudit_send_speech_server_packets($1)
+ corenet_dontaudit_receive_speech_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to rwho_server the packet type.
+## Relabel packets to speech_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59390,12 +79768,12 @@ interface(`corenet_dontaudit_sendrecv_rwho_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_rwho_server_packets',`
+interface(`corenet_relabelto_speech_server_packets',`
gen_require(`
- type rwho_server_packet_t;
+ type speech_server_packet_t;
')
- allow $1 rwho_server_packet_t:packet relabelto;
+ allow $1 speech_server_packet_t:packet relabelto;
')
@@ -59403,7 +79781,7 @@ interface(`corenet_relabelto_rwho_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sap port.
+## Send and receive TCP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59412,17 +79790,17 @@ interface(`corenet_relabelto_rwho_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sap_port',`
+interface(`corenet_tcp_sendrecv_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 squid_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sap port.
+## Send UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59431,17 +79809,17 @@ interface(`corenet_tcp_sendrecv_sap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sap_port',`
+interface(`corenet_udp_send_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:udp_socket send_msg;
+ allow $1 squid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sap port.
+## Do not audit attempts to send UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59450,17 +79828,17 @@ interface(`corenet_udp_send_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sap_port',`
+interface(`corenet_dontaudit_udp_send_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- dontaudit $1 sap_port_t:udp_socket send_msg;
+ dontaudit $1 squid_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sap port.
+## Receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59469,17 +79847,17 @@ interface(`corenet_dontaudit_udp_send_sap_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sap_port',`
+interface(`corenet_udp_receive_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:udp_socket recv_msg;
+ allow $1 squid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sap port.
+## Do not audit attempts to receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59488,17 +79866,17 @@ interface(`corenet_udp_receive_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sap_port',`
+interface(`corenet_dontaudit_udp_receive_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- dontaudit $1 sap_port_t:udp_socket recv_msg;
+ dontaudit $1 squid_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sap port.
+## Send and receive UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59507,15 +79885,15 @@ interface(`corenet_dontaudit_udp_receive_sap_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sap_port',`
- corenet_udp_send_sap_port($1)
- corenet_udp_receive_sap_port($1)
+interface(`corenet_udp_sendrecv_squid_port',`
+ corenet_udp_send_squid_port($1)
+ corenet_udp_receive_squid_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sap port.
+## UDP traffic on the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59524,14 +79902,14 @@ interface(`corenet_udp_sendrecv_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
- corenet_dontaudit_udp_send_sap_port($1)
- corenet_dontaudit_udp_receive_sap_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
+ corenet_dontaudit_udp_send_squid_port($1)
+ corenet_dontaudit_udp_receive_squid_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sap port.
+## Bind TCP sockets to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59540,18 +79918,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sap_port',`
+interface(`corenet_tcp_bind_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:tcp_socket name_bind;
+ allow $1 squid_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the sap port.
+## Bind UDP sockets to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59560,18 +79938,18 @@ interface(`corenet_tcp_bind_sap_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sap_port',`
+interface(`corenet_udp_bind_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:udp_socket name_bind;
+ allow $1 squid_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the sap port.
+## Make a TCP connection to the squid port.
## </summary>
## <param name="domain">
## <summary>
@@ -59579,18 +79957,18 @@ interface(`corenet_udp_bind_sap_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sap_port',`
+interface(`corenet_tcp_connect_squid_port',`
gen_require(`
- type sap_port_t;
+ type squid_port_t;
')
- allow $1 sap_port_t:tcp_socket name_connect;
+ allow $1 squid_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sap_client packets.
+## Send squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59599,17 +79977,17 @@ interface(`corenet_tcp_connect_sap_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sap_client_packets',`
+interface(`corenet_send_squid_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 sap_client_packet_t:packet send;
+ allow $1 squid_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sap_client packets.
+## Do not audit attempts to send squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59618,17 +79996,17 @@ interface(`corenet_send_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sap_client_packets',`
+interface(`corenet_dontaudit_send_squid_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type squid_client_packet_t;
')
- dontaudit $1 sap_client_packet_t:packet send;
+ dontaudit $1 squid_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sap_client packets.
+## Receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59637,17 +80015,17 @@ interface(`corenet_dontaudit_send_sap_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sap_client_packets',`
+interface(`corenet_receive_squid_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 sap_client_packet_t:packet recv;
+ allow $1 squid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sap_client packets.
+## Do not audit attempts to receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59656,17 +80034,17 @@ interface(`corenet_receive_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sap_client_packets',`
+interface(`corenet_dontaudit_receive_squid_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type squid_client_packet_t;
')
- dontaudit $1 sap_client_packet_t:packet recv;
+ dontaudit $1 squid_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sap_client packets.
+## Send and receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59675,14 +80053,14 @@ interface(`corenet_dontaudit_receive_sap_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sap_client_packets',`
- corenet_send_sap_client_packets($1)
- corenet_receive_sap_client_packets($1)
+interface(`corenet_sendrecv_squid_client_packets',`
+ corenet_send_squid_client_packets($1)
+ corenet_receive_squid_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sap_client packets.
+## Do not audit attempts to send and receive squid_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59691,14 +80069,14 @@ interface(`corenet_sendrecv_sap_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
- corenet_dontaudit_send_sap_client_packets($1)
- corenet_dontaudit_receive_sap_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
+ corenet_dontaudit_send_squid_client_packets($1)
+ corenet_dontaudit_receive_squid_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sap_client the packet type.
+## Relabel packets to squid_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59706,18 +80084,18 @@ interface(`corenet_dontaudit_sendrecv_sap_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sap_client_packets',`
+interface(`corenet_relabelto_squid_client_packets',`
gen_require(`
- type sap_client_packet_t;
+ type squid_client_packet_t;
')
- allow $1 sap_client_packet_t:packet relabelto;
+ allow $1 squid_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sap_server packets.
+## Send squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59726,17 +80104,17 @@ interface(`corenet_relabelto_sap_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sap_server_packets',`
+interface(`corenet_send_squid_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 sap_server_packet_t:packet send;
+ allow $1 squid_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sap_server packets.
+## Do not audit attempts to send squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59745,17 +80123,17 @@ interface(`corenet_send_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sap_server_packets',`
+interface(`corenet_dontaudit_send_squid_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type squid_server_packet_t;
')
- dontaudit $1 sap_server_packet_t:packet send;
+ dontaudit $1 squid_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sap_server packets.
+## Receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59764,17 +80142,17 @@ interface(`corenet_dontaudit_send_sap_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sap_server_packets',`
+interface(`corenet_receive_squid_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 sap_server_packet_t:packet recv;
+ allow $1 squid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sap_server packets.
+## Do not audit attempts to receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59783,17 +80161,17 @@ interface(`corenet_receive_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sap_server_packets',`
+interface(`corenet_dontaudit_receive_squid_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type squid_server_packet_t;
')
- dontaudit $1 sap_server_packet_t:packet recv;
+ dontaudit $1 squid_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sap_server packets.
+## Send and receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59802,14 +80180,14 @@ interface(`corenet_dontaudit_receive_sap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sap_server_packets',`
- corenet_send_sap_server_packets($1)
- corenet_receive_sap_server_packets($1)
+interface(`corenet_sendrecv_squid_server_packets',`
+ corenet_send_squid_server_packets($1)
+ corenet_receive_squid_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sap_server packets.
+## Do not audit attempts to send and receive squid_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -59818,14 +80196,14 @@ interface(`corenet_sendrecv_sap_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
- corenet_dontaudit_send_sap_server_packets($1)
- corenet_dontaudit_receive_sap_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
+ corenet_dontaudit_send_squid_server_packets($1)
+ corenet_dontaudit_receive_squid_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sap_server the packet type.
+## Relabel packets to squid_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -59833,20 +80211,20 @@ interface(`corenet_dontaudit_sendrecv_sap_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sap_server_packets',`
+interface(`corenet_relabelto_squid_server_packets',`
gen_require(`
- type sap_server_packet_t;
+ type squid_server_packet_t;
')
- allow $1 sap_server_packet_t:packet relabelto;
+ allow $1 squid_server_packet_t:packet relabelto;
')
-
+ # snmp and htcp
########################################
## <summary>
-## Send and receive TCP traffic on the sieve port.
+## Send and receive TCP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59855,17 +80233,17 @@ interface(`corenet_relabelto_sap_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sieve_port',`
+interface(`corenet_tcp_sendrecv_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ssdp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sieve port.
+## Send UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59874,17 +80252,17 @@ interface(`corenet_tcp_sendrecv_sieve_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sieve_port',`
+interface(`corenet_udp_send_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:udp_socket send_msg;
+ allow $1 ssdp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sieve port.
+## Do not audit attempts to send UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59893,17 +80271,17 @@ interface(`corenet_udp_send_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sieve_port',`
+interface(`corenet_dontaudit_udp_send_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- dontaudit $1 sieve_port_t:udp_socket send_msg;
+ dontaudit $1 ssdp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sieve port.
+## Receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59912,17 +80290,17 @@ interface(`corenet_dontaudit_udp_send_sieve_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sieve_port',`
+interface(`corenet_udp_receive_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:udp_socket recv_msg;
+ allow $1 ssdp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sieve port.
+## Do not audit attempts to receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59931,17 +80309,17 @@ interface(`corenet_udp_receive_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sieve_port',`
+interface(`corenet_dontaudit_udp_receive_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- dontaudit $1 sieve_port_t:udp_socket recv_msg;
+ dontaudit $1 ssdp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sieve port.
+## Send and receive UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59950,15 +80328,15 @@ interface(`corenet_dontaudit_udp_receive_sieve_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sieve_port',`
- corenet_udp_send_sieve_port($1)
- corenet_udp_receive_sieve_port($1)
+interface(`corenet_udp_sendrecv_ssdp_port',`
+ corenet_udp_send_ssdp_port($1)
+ corenet_udp_receive_ssdp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sieve port.
+## UDP traffic on the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59967,14 +80345,14 @@ interface(`corenet_udp_sendrecv_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
- corenet_dontaudit_udp_send_sieve_port($1)
- corenet_dontaudit_udp_receive_sieve_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ssdp_port',`
+ corenet_dontaudit_udp_send_ssdp_port($1)
+ corenet_dontaudit_udp_receive_ssdp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sieve port.
+## Bind TCP sockets to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -59983,18 +80361,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sieve_port',`
+interface(`corenet_tcp_bind_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:tcp_socket name_bind;
+ allow $1 ssdp_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the sieve port.
+## Bind UDP sockets to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -60003,18 +80381,18 @@ interface(`corenet_tcp_bind_sieve_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sieve_port',`
+interface(`corenet_udp_bind_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:udp_socket name_bind;
+ allow $1 ssdp_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the sieve port.
+## Make a TCP connection to the ssdp port.
## </summary>
## <param name="domain">
## <summary>
@@ -60022,18 +80400,18 @@ interface(`corenet_udp_bind_sieve_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sieve_port',`
+interface(`corenet_tcp_connect_ssdp_port',`
gen_require(`
- type sieve_port_t;
+ type ssdp_port_t;
')
- allow $1 sieve_port_t:tcp_socket name_connect;
+ allow $1 ssdp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sieve_client packets.
+## Send ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60042,17 +80420,17 @@ interface(`corenet_tcp_connect_sieve_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sieve_client_packets',`
+interface(`corenet_send_ssdp_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet send;
+ allow $1 ssdp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sieve_client packets.
+## Do not audit attempts to send ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60061,17 +80439,17 @@ interface(`corenet_send_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sieve_client_packets',`
+interface(`corenet_dontaudit_send_ssdp_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type ssdp_client_packet_t;
')
- dontaudit $1 sieve_client_packet_t:packet send;
+ dontaudit $1 ssdp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sieve_client packets.
+## Receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60080,17 +80458,17 @@ interface(`corenet_dontaudit_send_sieve_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sieve_client_packets',`
+interface(`corenet_receive_ssdp_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet recv;
+ allow $1 ssdp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sieve_client packets.
+## Do not audit attempts to receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60099,17 +80477,17 @@ interface(`corenet_receive_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sieve_client_packets',`
+interface(`corenet_dontaudit_receive_ssdp_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type ssdp_client_packet_t;
')
- dontaudit $1 sieve_client_packet_t:packet recv;
+ dontaudit $1 ssdp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sieve_client packets.
+## Send and receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60118,14 +80496,14 @@ interface(`corenet_dontaudit_receive_sieve_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sieve_client_packets',`
- corenet_send_sieve_client_packets($1)
- corenet_receive_sieve_client_packets($1)
+interface(`corenet_sendrecv_ssdp_client_packets',`
+ corenet_send_ssdp_client_packets($1)
+ corenet_receive_ssdp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sieve_client packets.
+## Do not audit attempts to send and receive ssdp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60134,14 +80512,14 @@ interface(`corenet_sendrecv_sieve_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
- corenet_dontaudit_send_sieve_client_packets($1)
- corenet_dontaudit_receive_sieve_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssdp_client_packets',`
+ corenet_dontaudit_send_ssdp_client_packets($1)
+ corenet_dontaudit_receive_ssdp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sieve_client the packet type.
+## Relabel packets to ssdp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60149,18 +80527,18 @@ interface(`corenet_dontaudit_sendrecv_sieve_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sieve_client_packets',`
+interface(`corenet_relabelto_ssdp_client_packets',`
gen_require(`
- type sieve_client_packet_t;
+ type ssdp_client_packet_t;
')
- allow $1 sieve_client_packet_t:packet relabelto;
+ allow $1 ssdp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sieve_server packets.
+## Send ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60169,17 +80547,17 @@ interface(`corenet_relabelto_sieve_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sieve_server_packets',`
+interface(`corenet_send_ssdp_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet send;
+ allow $1 ssdp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sieve_server packets.
+## Do not audit attempts to send ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60188,17 +80566,17 @@ interface(`corenet_send_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sieve_server_packets',`
+interface(`corenet_dontaudit_send_ssdp_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type ssdp_server_packet_t;
')
- dontaudit $1 sieve_server_packet_t:packet send;
+ dontaudit $1 ssdp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sieve_server packets.
+## Receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60207,17 +80585,17 @@ interface(`corenet_dontaudit_send_sieve_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sieve_server_packets',`
+interface(`corenet_receive_ssdp_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet recv;
+ allow $1 ssdp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sieve_server packets.
+## Do not audit attempts to receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60226,17 +80604,17 @@ interface(`corenet_receive_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sieve_server_packets',`
+interface(`corenet_dontaudit_receive_ssdp_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type ssdp_server_packet_t;
')
- dontaudit $1 sieve_server_packet_t:packet recv;
+ dontaudit $1 ssdp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sieve_server packets.
+## Send and receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60245,14 +80623,14 @@ interface(`corenet_dontaudit_receive_sieve_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sieve_server_packets',`
- corenet_send_sieve_server_packets($1)
- corenet_receive_sieve_server_packets($1)
+interface(`corenet_sendrecv_ssdp_server_packets',`
+ corenet_send_ssdp_server_packets($1)
+ corenet_receive_ssdp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sieve_server packets.
+## Do not audit attempts to send and receive ssdp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60261,14 +80639,14 @@ interface(`corenet_sendrecv_sieve_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
- corenet_dontaudit_send_sieve_server_packets($1)
- corenet_dontaudit_receive_sieve_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssdp_server_packets',`
+ corenet_dontaudit_send_ssdp_server_packets($1)
+ corenet_dontaudit_receive_ssdp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sieve_server the packet type.
+## Relabel packets to ssdp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60276,12 +80654,12 @@ interface(`corenet_dontaudit_sendrecv_sieve_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sieve_server_packets',`
+interface(`corenet_relabelto_ssdp_server_packets',`
gen_require(`
- type sieve_server_packet_t;
+ type ssdp_server_packet_t;
')
- allow $1 sieve_server_packet_t:packet relabelto;
+ allow $1 ssdp_server_packet_t:packet relabelto;
')
@@ -60289,7 +80667,7 @@ interface(`corenet_relabelto_sieve_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sip port.
+## Send and receive TCP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60298,17 +80676,17 @@ interface(`corenet_relabelto_sieve_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sip_port',`
+interface(`corenet_tcp_sendrecv_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ssh_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sip port.
+## Send UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60317,17 +80695,17 @@ interface(`corenet_tcp_sendrecv_sip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sip_port',`
+interface(`corenet_udp_send_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:udp_socket send_msg;
+ allow $1 ssh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sip port.
+## Do not audit attempts to send UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60336,17 +80714,17 @@ interface(`corenet_udp_send_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sip_port',`
+interface(`corenet_dontaudit_udp_send_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- dontaudit $1 sip_port_t:udp_socket send_msg;
+ dontaudit $1 ssh_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sip port.
+## Receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60355,17 +80733,17 @@ interface(`corenet_dontaudit_udp_send_sip_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sip_port',`
+interface(`corenet_udp_receive_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:udp_socket recv_msg;
+ allow $1 ssh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sip port.
+## Do not audit attempts to receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60374,17 +80752,17 @@ interface(`corenet_udp_receive_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sip_port',`
+interface(`corenet_dontaudit_udp_receive_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- dontaudit $1 sip_port_t:udp_socket recv_msg;
+ dontaudit $1 ssh_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sip port.
+## Send and receive UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60393,15 +80771,15 @@ interface(`corenet_dontaudit_udp_receive_sip_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sip_port',`
- corenet_udp_send_sip_port($1)
- corenet_udp_receive_sip_port($1)
+interface(`corenet_udp_sendrecv_ssh_port',`
+ corenet_udp_send_ssh_port($1)
+ corenet_udp_receive_ssh_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sip port.
+## UDP traffic on the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60410,14 +80788,14 @@ interface(`corenet_udp_sendrecv_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
- corenet_dontaudit_udp_send_sip_port($1)
- corenet_dontaudit_udp_receive_sip_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
+ corenet_dontaudit_udp_send_ssh_port($1)
+ corenet_dontaudit_udp_receive_ssh_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sip port.
+## Bind TCP sockets to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60426,18 +80804,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sip_port',`
+interface(`corenet_tcp_bind_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:tcp_socket name_bind;
-
+ allow $1 ssh_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the sip port.
+## Bind UDP sockets to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60446,18 +80824,18 @@ interface(`corenet_tcp_bind_sip_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sip_port',`
+interface(`corenet_udp_bind_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:udp_socket name_bind;
-
+ allow $1 ssh_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the sip port.
+## Make a TCP connection to the ssh port.
## </summary>
## <param name="domain">
## <summary>
@@ -60465,18 +80843,18 @@ interface(`corenet_udp_bind_sip_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sip_port',`
+interface(`corenet_tcp_connect_ssh_port',`
gen_require(`
- type sip_port_t;
+ type ssh_port_t;
')
- allow $1 sip_port_t:tcp_socket name_connect;
+ allow $1 ssh_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sip_client packets.
+## Send ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60485,17 +80863,17 @@ interface(`corenet_tcp_connect_sip_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sip_client_packets',`
+interface(`corenet_send_ssh_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 sip_client_packet_t:packet send;
+ allow $1 ssh_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sip_client packets.
+## Do not audit attempts to send ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60504,17 +80882,17 @@ interface(`corenet_send_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sip_client_packets',`
+interface(`corenet_dontaudit_send_ssh_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type ssh_client_packet_t;
')
- dontaudit $1 sip_client_packet_t:packet send;
+ dontaudit $1 ssh_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sip_client packets.
+## Receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60523,17 +80901,17 @@ interface(`corenet_dontaudit_send_sip_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sip_client_packets',`
+interface(`corenet_receive_ssh_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 sip_client_packet_t:packet recv;
+ allow $1 ssh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sip_client packets.
+## Do not audit attempts to receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60542,17 +80920,17 @@ interface(`corenet_receive_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sip_client_packets',`
+interface(`corenet_dontaudit_receive_ssh_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type ssh_client_packet_t;
')
- dontaudit $1 sip_client_packet_t:packet recv;
+ dontaudit $1 ssh_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sip_client packets.
+## Send and receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60561,14 +80939,14 @@ interface(`corenet_dontaudit_receive_sip_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sip_client_packets',`
- corenet_send_sip_client_packets($1)
- corenet_receive_sip_client_packets($1)
+interface(`corenet_sendrecv_ssh_client_packets',`
+ corenet_send_ssh_client_packets($1)
+ corenet_receive_ssh_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sip_client packets.
+## Do not audit attempts to send and receive ssh_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60577,14 +80955,14 @@ interface(`corenet_sendrecv_sip_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
- corenet_dontaudit_send_sip_client_packets($1)
- corenet_dontaudit_receive_sip_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
+ corenet_dontaudit_send_ssh_client_packets($1)
+ corenet_dontaudit_receive_ssh_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sip_client the packet type.
+## Relabel packets to ssh_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60592,18 +80970,18 @@ interface(`corenet_dontaudit_sendrecv_sip_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sip_client_packets',`
+interface(`corenet_relabelto_ssh_client_packets',`
gen_require(`
- type sip_client_packet_t;
+ type ssh_client_packet_t;
')
- allow $1 sip_client_packet_t:packet relabelto;
+ allow $1 ssh_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sip_server packets.
+## Send ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60612,17 +80990,17 @@ interface(`corenet_relabelto_sip_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sip_server_packets',`
+interface(`corenet_send_ssh_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 sip_server_packet_t:packet send;
+ allow $1 ssh_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sip_server packets.
+## Do not audit attempts to send ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60631,17 +81009,17 @@ interface(`corenet_send_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sip_server_packets',`
+interface(`corenet_dontaudit_send_ssh_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type ssh_server_packet_t;
')
- dontaudit $1 sip_server_packet_t:packet send;
+ dontaudit $1 ssh_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sip_server packets.
+## Receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60650,17 +81028,17 @@ interface(`corenet_dontaudit_send_sip_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sip_server_packets',`
+interface(`corenet_receive_ssh_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 sip_server_packet_t:packet recv;
+ allow $1 ssh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sip_server packets.
+## Do not audit attempts to receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60669,17 +81047,17 @@ interface(`corenet_receive_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sip_server_packets',`
+interface(`corenet_dontaudit_receive_ssh_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type ssh_server_packet_t;
')
- dontaudit $1 sip_server_packet_t:packet recv;
+ dontaudit $1 ssh_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sip_server packets.
+## Send and receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60688,14 +81066,14 @@ interface(`corenet_dontaudit_receive_sip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sip_server_packets',`
- corenet_send_sip_server_packets($1)
- corenet_receive_sip_server_packets($1)
+interface(`corenet_sendrecv_ssh_server_packets',`
+ corenet_send_ssh_server_packets($1)
+ corenet_receive_ssh_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sip_server packets.
+## Do not audit attempts to send and receive ssh_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60704,14 +81082,14 @@ interface(`corenet_sendrecv_sip_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
- corenet_dontaudit_send_sip_server_packets($1)
- corenet_dontaudit_receive_sip_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
+ corenet_dontaudit_send_ssh_server_packets($1)
+ corenet_dontaudit_receive_ssh_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sip_server the packet type.
+## Relabel packets to ssh_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -60719,12 +81097,12 @@ interface(`corenet_dontaudit_sendrecv_sip_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sip_server_packets',`
+interface(`corenet_relabelto_ssh_server_packets',`
gen_require(`
- type sip_server_packet_t;
+ type ssh_server_packet_t;
')
- allow $1 sip_server_packet_t:packet relabelto;
+ allow $1 ssh_server_packet_t:packet relabelto;
')
@@ -60732,7 +81110,7 @@ interface(`corenet_relabelto_sip_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the sixxsconfig port.
+## Send and receive TCP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60741,17 +81119,17 @@ interface(`corenet_relabelto_sip_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
+interface(`corenet_tcp_sendrecv_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 stunnel_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the sixxsconfig port.
+## Send UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60760,17 +81138,17 @@ interface(`corenet_tcp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_sixxsconfig_port',`
+interface(`corenet_udp_send_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket send_msg;
+ allow $1 stunnel_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the sixxsconfig port.
+## Do not audit attempts to send UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60779,17 +81157,17 @@ interface(`corenet_udp_send_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
+interface(`corenet_dontaudit_udp_send_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- dontaudit $1 sixxsconfig_port_t:udp_socket send_msg;
+ dontaudit $1 stunnel_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the sixxsconfig port.
+## Receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60798,17 +81176,17 @@ interface(`corenet_dontaudit_udp_send_sixxsconfig_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_sixxsconfig_port',`
+interface(`corenet_udp_receive_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket recv_msg;
+ allow $1 stunnel_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the sixxsconfig port.
+## Do not audit attempts to receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60817,17 +81195,17 @@ interface(`corenet_udp_receive_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
+interface(`corenet_dontaudit_udp_receive_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- dontaudit $1 sixxsconfig_port_t:udp_socket recv_msg;
+ dontaudit $1 stunnel_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the sixxsconfig port.
+## Send and receive UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60836,15 +81214,15 @@ interface(`corenet_dontaudit_udp_receive_sixxsconfig_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_sixxsconfig_port',`
- corenet_udp_send_sixxsconfig_port($1)
- corenet_udp_receive_sixxsconfig_port($1)
+interface(`corenet_udp_sendrecv_stunnel_port',`
+ corenet_udp_send_stunnel_port($1)
+ corenet_udp_receive_stunnel_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the sixxsconfig port.
+## UDP traffic on the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60853,14 +81231,14 @@ interface(`corenet_udp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
- corenet_dontaudit_udp_send_sixxsconfig_port($1)
- corenet_dontaudit_udp_receive_sixxsconfig_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
+ corenet_dontaudit_udp_send_stunnel_port($1)
+ corenet_dontaudit_udp_receive_stunnel_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the sixxsconfig port.
+## Bind TCP sockets to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60869,18 +81247,18 @@ interface(`corenet_dontaudit_udp_sendrecv_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_sixxsconfig_port',`
+interface(`corenet_tcp_bind_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket name_bind;
+ allow $1 stunnel_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the sixxsconfig port.
+## Bind UDP sockets to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60889,18 +81267,18 @@ interface(`corenet_tcp_bind_sixxsconfig_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_sixxsconfig_port',`
+interface(`corenet_udp_bind_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:udp_socket name_bind;
+ allow $1 stunnel_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the sixxsconfig port.
+## Make a TCP connection to the stunnel port.
## </summary>
## <param name="domain">
## <summary>
@@ -60908,18 +81286,18 @@ interface(`corenet_udp_bind_sixxsconfig_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_sixxsconfig_port',`
+interface(`corenet_tcp_connect_stunnel_port',`
gen_require(`
- type sixxsconfig_port_t;
+ type stunnel_port_t;
')
- allow $1 sixxsconfig_port_t:tcp_socket name_connect;
+ allow $1 stunnel_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send sixxsconfig_client packets.
+## Send stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60928,17 +81306,17 @@ interface(`corenet_tcp_connect_sixxsconfig_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sixxsconfig_client_packets',`
+interface(`corenet_send_stunnel_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet send;
+ allow $1 stunnel_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sixxsconfig_client packets.
+## Do not audit attempts to send stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60947,17 +81325,17 @@ interface(`corenet_send_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
+interface(`corenet_dontaudit_send_stunnel_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type stunnel_client_packet_t;
')
- dontaudit $1 sixxsconfig_client_packet_t:packet send;
+ dontaudit $1 stunnel_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive sixxsconfig_client packets.
+## Receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60966,17 +81344,17 @@ interface(`corenet_dontaudit_send_sixxsconfig_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sixxsconfig_client_packets',`
+interface(`corenet_receive_stunnel_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet recv;
+ allow $1 stunnel_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sixxsconfig_client packets.
+## Do not audit attempts to receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -60985,17 +81363,17 @@ interface(`corenet_receive_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
+interface(`corenet_dontaudit_receive_stunnel_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type stunnel_client_packet_t;
')
- dontaudit $1 sixxsconfig_client_packet_t:packet recv;
+ dontaudit $1 stunnel_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sixxsconfig_client packets.
+## Send and receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61004,14 +81382,14 @@ interface(`corenet_dontaudit_receive_sixxsconfig_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sixxsconfig_client_packets',`
- corenet_send_sixxsconfig_client_packets($1)
- corenet_receive_sixxsconfig_client_packets($1)
+interface(`corenet_sendrecv_stunnel_client_packets',`
+ corenet_send_stunnel_client_packets($1)
+ corenet_receive_stunnel_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sixxsconfig_client packets.
+## Do not audit attempts to send and receive stunnel_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61020,14 +81398,14 @@ interface(`corenet_sendrecv_sixxsconfig_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
- corenet_dontaudit_send_sixxsconfig_client_packets($1)
- corenet_dontaudit_receive_sixxsconfig_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
+ corenet_dontaudit_send_stunnel_client_packets($1)
+ corenet_dontaudit_receive_stunnel_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to sixxsconfig_client the packet type.
+## Relabel packets to stunnel_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61035,18 +81413,18 @@ interface(`corenet_dontaudit_sendrecv_sixxsconfig_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sixxsconfig_client_packets',`
+interface(`corenet_relabelto_stunnel_client_packets',`
gen_require(`
- type sixxsconfig_client_packet_t;
+ type stunnel_client_packet_t;
')
- allow $1 sixxsconfig_client_packet_t:packet relabelto;
+ allow $1 stunnel_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send sixxsconfig_server packets.
+## Send stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61055,17 +81433,17 @@ interface(`corenet_relabelto_sixxsconfig_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_sixxsconfig_server_packets',`
+interface(`corenet_send_stunnel_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet send;
+ allow $1 stunnel_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send sixxsconfig_server packets.
+## Do not audit attempts to send stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61074,17 +81452,17 @@ interface(`corenet_send_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
+interface(`corenet_dontaudit_send_stunnel_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type stunnel_server_packet_t;
')
- dontaudit $1 sixxsconfig_server_packet_t:packet send;
+ dontaudit $1 stunnel_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive sixxsconfig_server packets.
+## Receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61093,17 +81471,17 @@ interface(`corenet_dontaudit_send_sixxsconfig_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_sixxsconfig_server_packets',`
+interface(`corenet_receive_stunnel_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet recv;
+ allow $1 stunnel_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive sixxsconfig_server packets.
+## Do not audit attempts to receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61112,17 +81490,17 @@ interface(`corenet_receive_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
+interface(`corenet_dontaudit_receive_stunnel_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type stunnel_server_packet_t;
')
- dontaudit $1 sixxsconfig_server_packet_t:packet recv;
+ dontaudit $1 stunnel_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive sixxsconfig_server packets.
+## Send and receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61131,14 +81509,14 @@ interface(`corenet_dontaudit_receive_sixxsconfig_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_sixxsconfig_server_packets',`
- corenet_send_sixxsconfig_server_packets($1)
- corenet_receive_sixxsconfig_server_packets($1)
+interface(`corenet_sendrecv_stunnel_server_packets',`
+ corenet_send_stunnel_server_packets($1)
+ corenet_receive_stunnel_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive sixxsconfig_server packets.
+## Do not audit attempts to send and receive stunnel_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61147,14 +81525,14 @@ interface(`corenet_sendrecv_sixxsconfig_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
- corenet_dontaudit_send_sixxsconfig_server_packets($1)
- corenet_dontaudit_receive_sixxsconfig_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
+ corenet_dontaudit_send_stunnel_server_packets($1)
+ corenet_dontaudit_receive_stunnel_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to sixxsconfig_server the packet type.
+## Relabel packets to stunnel_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61162,20 +81540,20 @@ interface(`corenet_dontaudit_sendrecv_sixxsconfig_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_sixxsconfig_server_packets',`
+interface(`corenet_relabelto_stunnel_server_packets',`
gen_require(`
- type sixxsconfig_server_packet_t;
+ type stunnel_server_packet_t;
')
- allow $1 sixxsconfig_server_packet_t:packet relabelto;
+ allow $1 stunnel_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the smbd port.
+## Send and receive TCP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61184,17 +81562,17 @@ interface(`corenet_relabelto_sixxsconfig_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_smbd_port',`
+interface(`corenet_tcp_sendrecv_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 svn_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the smbd port.
+## Send UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61203,17 +81581,17 @@ interface(`corenet_tcp_sendrecv_smbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_smbd_port',`
+interface(`corenet_udp_send_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:udp_socket send_msg;
+ allow $1 svn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the smbd port.
+## Do not audit attempts to send UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61222,17 +81600,17 @@ interface(`corenet_udp_send_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_smbd_port',`
+interface(`corenet_dontaudit_udp_send_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- dontaudit $1 smbd_port_t:udp_socket send_msg;
+ dontaudit $1 svn_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the smbd port.
+## Receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61241,17 +81619,17 @@ interface(`corenet_dontaudit_udp_send_smbd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_smbd_port',`
+interface(`corenet_udp_receive_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:udp_socket recv_msg;
+ allow $1 svn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the smbd port.
+## Do not audit attempts to receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61260,17 +81638,17 @@ interface(`corenet_udp_receive_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_smbd_port',`
+interface(`corenet_dontaudit_udp_receive_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- dontaudit $1 smbd_port_t:udp_socket recv_msg;
+ dontaudit $1 svn_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the smbd port.
+## Send and receive UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61279,15 +81657,15 @@ interface(`corenet_dontaudit_udp_receive_smbd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_smbd_port',`
- corenet_udp_send_smbd_port($1)
- corenet_udp_receive_smbd_port($1)
+interface(`corenet_udp_sendrecv_svn_port',`
+ corenet_udp_send_svn_port($1)
+ corenet_udp_receive_svn_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the smbd port.
+## UDP traffic on the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61296,14 +81674,14 @@ interface(`corenet_udp_sendrecv_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
- corenet_dontaudit_udp_send_smbd_port($1)
- corenet_dontaudit_udp_receive_smbd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_svn_port',`
+ corenet_dontaudit_udp_send_svn_port($1)
+ corenet_dontaudit_udp_receive_svn_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the smbd port.
+## Bind TCP sockets to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61312,18 +81690,18 @@ interface(`corenet_dontaudit_udp_sendrecv_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_smbd_port',`
+interface(`corenet_tcp_bind_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 svn_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the smbd port.
+## Bind UDP sockets to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61332,18 +81710,18 @@ interface(`corenet_tcp_bind_smbd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_smbd_port',`
+interface(`corenet_udp_bind_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 svn_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the smbd port.
+## Make a TCP connection to the svn port.
## </summary>
## <param name="domain">
## <summary>
@@ -61351,18 +81729,18 @@ interface(`corenet_udp_bind_smbd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_smbd_port',`
+interface(`corenet_tcp_connect_svn_port',`
gen_require(`
- type smbd_port_t;
+ type svn_port_t;
')
- allow $1 smbd_port_t:tcp_socket name_connect;
+ allow $1 svn_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send smbd_client packets.
+## Send svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61371,17 +81749,17 @@ interface(`corenet_tcp_connect_smbd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smbd_client_packets',`
+interface(`corenet_send_svn_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet send;
+ allow $1 svn_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smbd_client packets.
+## Do not audit attempts to send svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61390,17 +81768,17 @@ interface(`corenet_send_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smbd_client_packets',`
+interface(`corenet_dontaudit_send_svn_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type svn_client_packet_t;
')
- dontaudit $1 smbd_client_packet_t:packet send;
+ dontaudit $1 svn_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive smbd_client packets.
+## Receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61409,17 +81787,17 @@ interface(`corenet_dontaudit_send_smbd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smbd_client_packets',`
+interface(`corenet_receive_svn_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet recv;
+ allow $1 svn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smbd_client packets.
+## Do not audit attempts to receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61428,17 +81806,17 @@ interface(`corenet_receive_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smbd_client_packets',`
+interface(`corenet_dontaudit_receive_svn_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type svn_client_packet_t;
')
- dontaudit $1 smbd_client_packet_t:packet recv;
+ dontaudit $1 svn_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smbd_client packets.
+## Send and receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61447,14 +81825,14 @@ interface(`corenet_dontaudit_receive_smbd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smbd_client_packets',`
- corenet_send_smbd_client_packets($1)
- corenet_receive_smbd_client_packets($1)
+interface(`corenet_sendrecv_svn_client_packets',`
+ corenet_send_svn_client_packets($1)
+ corenet_receive_svn_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smbd_client packets.
+## Do not audit attempts to send and receive svn_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61463,14 +81841,14 @@ interface(`corenet_sendrecv_smbd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
- corenet_dontaudit_send_smbd_client_packets($1)
- corenet_dontaudit_receive_smbd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_svn_client_packets',`
+ corenet_dontaudit_send_svn_client_packets($1)
+ corenet_dontaudit_receive_svn_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to smbd_client the packet type.
+## Relabel packets to svn_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61478,18 +81856,18 @@ interface(`corenet_dontaudit_sendrecv_smbd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smbd_client_packets',`
+interface(`corenet_relabelto_svn_client_packets',`
gen_require(`
- type smbd_client_packet_t;
+ type svn_client_packet_t;
')
- allow $1 smbd_client_packet_t:packet relabelto;
+ allow $1 svn_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send smbd_server packets.
+## Send svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61498,17 +81876,17 @@ interface(`corenet_relabelto_smbd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smbd_server_packets',`
+interface(`corenet_send_svn_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet send;
+ allow $1 svn_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smbd_server packets.
+## Do not audit attempts to send svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61517,17 +81895,17 @@ interface(`corenet_send_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smbd_server_packets',`
+interface(`corenet_dontaudit_send_svn_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type svn_server_packet_t;
')
- dontaudit $1 smbd_server_packet_t:packet send;
+ dontaudit $1 svn_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive smbd_server packets.
+## Receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61536,17 +81914,17 @@ interface(`corenet_dontaudit_send_smbd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smbd_server_packets',`
+interface(`corenet_receive_svn_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet recv;
+ allow $1 svn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smbd_server packets.
+## Do not audit attempts to receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61555,17 +81933,17 @@ interface(`corenet_receive_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smbd_server_packets',`
+interface(`corenet_dontaudit_receive_svn_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type svn_server_packet_t;
')
- dontaudit $1 smbd_server_packet_t:packet recv;
+ dontaudit $1 svn_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smbd_server packets.
+## Send and receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61574,14 +81952,14 @@ interface(`corenet_dontaudit_receive_smbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smbd_server_packets',`
- corenet_send_smbd_server_packets($1)
- corenet_receive_smbd_server_packets($1)
+interface(`corenet_sendrecv_svn_server_packets',`
+ corenet_send_svn_server_packets($1)
+ corenet_receive_svn_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smbd_server packets.
+## Do not audit attempts to send and receive svn_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61590,14 +81968,14 @@ interface(`corenet_sendrecv_smbd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
- corenet_dontaudit_send_smbd_server_packets($1)
- corenet_dontaudit_receive_smbd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_svn_server_packets',`
+ corenet_dontaudit_send_svn_server_packets($1)
+ corenet_dontaudit_receive_svn_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to smbd_server the packet type.
+## Relabel packets to svn_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61605,12 +81983,12 @@ interface(`corenet_dontaudit_sendrecv_smbd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smbd_server_packets',`
+interface(`corenet_relabelto_svn_server_packets',`
gen_require(`
- type smbd_server_packet_t;
+ type svn_server_packet_t;
')
- allow $1 smbd_server_packet_t:packet relabelto;
+ allow $1 svn_server_packet_t:packet relabelto;
')
@@ -61618,7 +81996,7 @@ interface(`corenet_relabelto_smbd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the smtp port.
+## Send and receive TCP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61627,17 +82005,17 @@ interface(`corenet_relabelto_smbd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_smtp_port',`
+interface(`corenet_tcp_sendrecv_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 svrloc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the smtp port.
+## Send UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61646,17 +82024,17 @@ interface(`corenet_tcp_sendrecv_smtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_smtp_port',`
+interface(`corenet_udp_send_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:udp_socket send_msg;
+ allow $1 svrloc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the smtp port.
+## Do not audit attempts to send UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61665,17 +82043,17 @@ interface(`corenet_udp_send_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_smtp_port',`
+interface(`corenet_dontaudit_udp_send_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- dontaudit $1 smtp_port_t:udp_socket send_msg;
+ dontaudit $1 svrloc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the smtp port.
+## Receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61684,17 +82062,17 @@ interface(`corenet_dontaudit_udp_send_smtp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_smtp_port',`
+interface(`corenet_udp_receive_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:udp_socket recv_msg;
+ allow $1 svrloc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the smtp port.
+## Do not audit attempts to receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61703,17 +82081,17 @@ interface(`corenet_udp_receive_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_smtp_port',`
+interface(`corenet_dontaudit_udp_receive_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- dontaudit $1 smtp_port_t:udp_socket recv_msg;
+ dontaudit $1 svrloc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the smtp port.
+## Send and receive UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61722,15 +82100,15 @@ interface(`corenet_dontaudit_udp_receive_smtp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_smtp_port',`
- corenet_udp_send_smtp_port($1)
- corenet_udp_receive_smtp_port($1)
+interface(`corenet_udp_sendrecv_svrloc_port',`
+ corenet_udp_send_svrloc_port($1)
+ corenet_udp_receive_svrloc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the smtp port.
+## UDP traffic on the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61739,14 +82117,14 @@ interface(`corenet_udp_sendrecv_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
- corenet_dontaudit_udp_send_smtp_port($1)
- corenet_dontaudit_udp_receive_smtp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_svrloc_port',`
+ corenet_dontaudit_udp_send_svrloc_port($1)
+ corenet_dontaudit_udp_receive_svrloc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the smtp port.
+## Bind TCP sockets to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61755,18 +82133,18 @@ interface(`corenet_dontaudit_udp_sendrecv_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_smtp_port',`
+interface(`corenet_tcp_bind_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:tcp_socket name_bind;
+ allow $1 svrloc_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the smtp port.
+## Bind UDP sockets to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61775,18 +82153,18 @@ interface(`corenet_tcp_bind_smtp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_smtp_port',`
+interface(`corenet_udp_bind_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:udp_socket name_bind;
+ allow $1 svrloc_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the smtp port.
+## Make a TCP connection to the svrloc port.
## </summary>
## <param name="domain">
## <summary>
@@ -61794,18 +82172,18 @@ interface(`corenet_udp_bind_smtp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_smtp_port',`
+interface(`corenet_tcp_connect_svrloc_port',`
gen_require(`
- type smtp_port_t;
+ type svrloc_port_t;
')
- allow $1 smtp_port_t:tcp_socket name_connect;
+ allow $1 svrloc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send smtp_client packets.
+## Send svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61814,17 +82192,17 @@ interface(`corenet_tcp_connect_smtp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smtp_client_packets',`
+interface(`corenet_send_svrloc_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet send;
+ allow $1 svrloc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smtp_client packets.
+## Do not audit attempts to send svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61833,17 +82211,17 @@ interface(`corenet_send_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smtp_client_packets',`
+interface(`corenet_dontaudit_send_svrloc_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type svrloc_client_packet_t;
')
- dontaudit $1 smtp_client_packet_t:packet send;
+ dontaudit $1 svrloc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive smtp_client packets.
+## Receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61852,17 +82230,17 @@ interface(`corenet_dontaudit_send_smtp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smtp_client_packets',`
+interface(`corenet_receive_svrloc_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet recv;
+ allow $1 svrloc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smtp_client packets.
+## Do not audit attempts to receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61871,17 +82249,17 @@ interface(`corenet_receive_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smtp_client_packets',`
+interface(`corenet_dontaudit_receive_svrloc_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type svrloc_client_packet_t;
')
- dontaudit $1 smtp_client_packet_t:packet recv;
+ dontaudit $1 svrloc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smtp_client packets.
+## Send and receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61890,14 +82268,14 @@ interface(`corenet_dontaudit_receive_smtp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_smtp_client_packets',`
- corenet_send_smtp_client_packets($1)
- corenet_receive_smtp_client_packets($1)
+interface(`corenet_sendrecv_svrloc_client_packets',`
+ corenet_send_svrloc_client_packets($1)
+ corenet_receive_svrloc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smtp_client packets.
+## Do not audit attempts to send and receive svrloc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61906,14 +82284,14 @@ interface(`corenet_sendrecv_smtp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
- corenet_dontaudit_send_smtp_client_packets($1)
- corenet_dontaudit_receive_smtp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_svrloc_client_packets',`
+ corenet_dontaudit_send_svrloc_client_packets($1)
+ corenet_dontaudit_receive_svrloc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to smtp_client the packet type.
+## Relabel packets to svrloc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -61921,18 +82299,18 @@ interface(`corenet_dontaudit_sendrecv_smtp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smtp_client_packets',`
+interface(`corenet_relabelto_svrloc_client_packets',`
gen_require(`
- type smtp_client_packet_t;
+ type svrloc_client_packet_t;
')
- allow $1 smtp_client_packet_t:packet relabelto;
+ allow $1 svrloc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send smtp_server packets.
+## Send svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61941,17 +82319,17 @@ interface(`corenet_relabelto_smtp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_smtp_server_packets',`
+interface(`corenet_send_svrloc_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet send;
+ allow $1 svrloc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send smtp_server packets.
+## Do not audit attempts to send svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61960,17 +82338,17 @@ interface(`corenet_send_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_smtp_server_packets',`
+interface(`corenet_dontaudit_send_svrloc_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type svrloc_server_packet_t;
')
- dontaudit $1 smtp_server_packet_t:packet send;
+ dontaudit $1 svrloc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive smtp_server packets.
+## Receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61979,17 +82357,17 @@ interface(`corenet_dontaudit_send_smtp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_smtp_server_packets',`
+interface(`corenet_receive_svrloc_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet recv;
+ allow $1 svrloc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive smtp_server packets.
+## Do not audit attempts to receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -61998,33 +82376,33 @@ interface(`corenet_receive_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_smtp_server_packets',`
+interface(`corenet_dontaudit_receive_svrloc_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type svrloc_server_packet_t;
')
- dontaudit $1 smtp_server_packet_t:packet recv;
+ dontaudit $1 svrloc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive smtp_server packets.
+## Send and receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
-## <infoflow type="both" weight="10"/>
-#
-interface(`corenet_sendrecv_smtp_server_packets',`
- corenet_send_smtp_server_packets($1)
- corenet_receive_smtp_server_packets($1)
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_svrloc_server_packets',`
+ corenet_send_svrloc_server_packets($1)
+ corenet_receive_svrloc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive smtp_server packets.
+## Do not audit attempts to send and receive svrloc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62033,14 +82411,14 @@ interface(`corenet_sendrecv_smtp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
- corenet_dontaudit_send_smtp_server_packets($1)
- corenet_dontaudit_receive_smtp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_svrloc_server_packets',`
+ corenet_dontaudit_send_svrloc_server_packets($1)
+ corenet_dontaudit_receive_svrloc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to smtp_server the packet type.
+## Relabel packets to svrloc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62048,12 +82426,12 @@ interface(`corenet_dontaudit_sendrecv_smtp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_smtp_server_packets',`
+interface(`corenet_relabelto_svrloc_server_packets',`
gen_require(`
- type smtp_server_packet_t;
+ type svrloc_server_packet_t;
')
- allow $1 smtp_server_packet_t:packet relabelto;
+ allow $1 svrloc_server_packet_t:packet relabelto;
')
@@ -62061,7 +82439,7 @@ interface(`corenet_relabelto_smtp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the snmp port.
+## Send and receive TCP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62070,17 +82448,17 @@ interface(`corenet_relabelto_smtp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_snmp_port',`
+interface(`corenet_tcp_sendrecv_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 swat_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the snmp port.
+## Send UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62089,17 +82467,17 @@ interface(`corenet_tcp_sendrecv_snmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_snmp_port',`
+interface(`corenet_udp_send_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:udp_socket send_msg;
+ allow $1 swat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the snmp port.
+## Do not audit attempts to send UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62108,17 +82486,17 @@ interface(`corenet_udp_send_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_snmp_port',`
+interface(`corenet_dontaudit_udp_send_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- dontaudit $1 snmp_port_t:udp_socket send_msg;
+ dontaudit $1 swat_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the snmp port.
+## Receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62127,17 +82505,17 @@ interface(`corenet_dontaudit_udp_send_snmp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_snmp_port',`
+interface(`corenet_udp_receive_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:udp_socket recv_msg;
+ allow $1 swat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the snmp port.
+## Do not audit attempts to receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62146,17 +82524,17 @@ interface(`corenet_udp_receive_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_snmp_port',`
+interface(`corenet_dontaudit_udp_receive_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- dontaudit $1 snmp_port_t:udp_socket recv_msg;
+ dontaudit $1 swat_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the snmp port.
+## Send and receive UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62165,15 +82543,15 @@ interface(`corenet_dontaudit_udp_receive_snmp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_snmp_port',`
- corenet_udp_send_snmp_port($1)
- corenet_udp_receive_snmp_port($1)
+interface(`corenet_udp_sendrecv_swat_port',`
+ corenet_udp_send_swat_port($1)
+ corenet_udp_receive_swat_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the snmp port.
+## UDP traffic on the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62182,14 +82560,14 @@ interface(`corenet_udp_sendrecv_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
- corenet_dontaudit_udp_send_snmp_port($1)
- corenet_dontaudit_udp_receive_snmp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
+ corenet_dontaudit_udp_send_swat_port($1)
+ corenet_dontaudit_udp_receive_swat_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the snmp port.
+## Bind TCP sockets to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62198,18 +82576,18 @@ interface(`corenet_dontaudit_udp_sendrecv_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_snmp_port',`
+interface(`corenet_tcp_bind_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:tcp_socket name_bind;
+ allow $1 swat_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the snmp port.
+## Bind UDP sockets to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62218,18 +82596,18 @@ interface(`corenet_tcp_bind_snmp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_snmp_port',`
+interface(`corenet_udp_bind_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:udp_socket name_bind;
+ allow $1 swat_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the snmp port.
+## Make a TCP connection to the swat port.
## </summary>
## <param name="domain">
## <summary>
@@ -62237,18 +82615,18 @@ interface(`corenet_udp_bind_snmp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_snmp_port',`
+interface(`corenet_tcp_connect_swat_port',`
gen_require(`
- type snmp_port_t;
+ type swat_port_t;
')
- allow $1 snmp_port_t:tcp_socket name_connect;
+ allow $1 swat_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send snmp_client packets.
+## Send swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62257,17 +82635,17 @@ interface(`corenet_tcp_connect_snmp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_snmp_client_packets',`
+interface(`corenet_send_swat_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet send;
+ allow $1 swat_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send snmp_client packets.
+## Do not audit attempts to send swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62276,17 +82654,17 @@ interface(`corenet_send_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_snmp_client_packets',`
+interface(`corenet_dontaudit_send_swat_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type swat_client_packet_t;
')
- dontaudit $1 snmp_client_packet_t:packet send;
+ dontaudit $1 swat_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive snmp_client packets.
+## Receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62295,17 +82673,17 @@ interface(`corenet_dontaudit_send_snmp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_snmp_client_packets',`
+interface(`corenet_receive_swat_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet recv;
+ allow $1 swat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive snmp_client packets.
+## Do not audit attempts to receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62314,17 +82692,17 @@ interface(`corenet_receive_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_snmp_client_packets',`
+interface(`corenet_dontaudit_receive_swat_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type swat_client_packet_t;
')
- dontaudit $1 snmp_client_packet_t:packet recv;
+ dontaudit $1 swat_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive snmp_client packets.
+## Send and receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62333,14 +82711,14 @@ interface(`corenet_dontaudit_receive_snmp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_snmp_client_packets',`
- corenet_send_snmp_client_packets($1)
- corenet_receive_snmp_client_packets($1)
+interface(`corenet_sendrecv_swat_client_packets',`
+ corenet_send_swat_client_packets($1)
+ corenet_receive_swat_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive snmp_client packets.
+## Do not audit attempts to send and receive swat_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62349,14 +82727,14 @@ interface(`corenet_sendrecv_snmp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
- corenet_dontaudit_send_snmp_client_packets($1)
- corenet_dontaudit_receive_snmp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
+ corenet_dontaudit_send_swat_client_packets($1)
+ corenet_dontaudit_receive_swat_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to snmp_client the packet type.
+## Relabel packets to swat_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62364,18 +82742,18 @@ interface(`corenet_dontaudit_sendrecv_snmp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_snmp_client_packets',`
+interface(`corenet_relabelto_swat_client_packets',`
gen_require(`
- type snmp_client_packet_t;
+ type swat_client_packet_t;
')
- allow $1 snmp_client_packet_t:packet relabelto;
+ allow $1 swat_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send snmp_server packets.
+## Send swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62384,17 +82762,17 @@ interface(`corenet_relabelto_snmp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_snmp_server_packets',`
+interface(`corenet_send_swat_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet send;
+ allow $1 swat_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send snmp_server packets.
+## Do not audit attempts to send swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62403,17 +82781,17 @@ interface(`corenet_send_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_snmp_server_packets',`
+interface(`corenet_dontaudit_send_swat_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type swat_server_packet_t;
')
- dontaudit $1 snmp_server_packet_t:packet send;
+ dontaudit $1 swat_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive snmp_server packets.
+## Receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62422,17 +82800,17 @@ interface(`corenet_dontaudit_send_snmp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_snmp_server_packets',`
+interface(`corenet_receive_swat_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet recv;
+ allow $1 swat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive snmp_server packets.
+## Do not audit attempts to receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62441,17 +82819,17 @@ interface(`corenet_receive_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_snmp_server_packets',`
+interface(`corenet_dontaudit_receive_swat_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type swat_server_packet_t;
')
- dontaudit $1 snmp_server_packet_t:packet recv;
+ dontaudit $1 swat_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive snmp_server packets.
+## Send and receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62460,14 +82838,14 @@ interface(`corenet_dontaudit_receive_snmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_snmp_server_packets',`
- corenet_send_snmp_server_packets($1)
- corenet_receive_snmp_server_packets($1)
+interface(`corenet_sendrecv_swat_server_packets',`
+ corenet_send_swat_server_packets($1)
+ corenet_receive_swat_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive snmp_server packets.
+## Do not audit attempts to send and receive swat_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62476,14 +82854,14 @@ interface(`corenet_sendrecv_snmp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
- corenet_dontaudit_send_snmp_server_packets($1)
- corenet_dontaudit_receive_snmp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
+ corenet_dontaudit_send_swat_server_packets($1)
+ corenet_dontaudit_receive_swat_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to snmp_server the packet type.
+## Relabel packets to swat_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62491,12 +82869,12 @@ interface(`corenet_dontaudit_sendrecv_snmp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_snmp_server_packets',`
+interface(`corenet_relabelto_swat_server_packets',`
gen_require(`
- type snmp_server_packet_t;
+ type swat_server_packet_t;
')
- allow $1 snmp_server_packet_t:packet relabelto;
+ allow $1 swat_server_packet_t:packet relabelto;
')
@@ -62504,7 +82882,7 @@ interface(`corenet_relabelto_snmp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the socks port.
+## Send and receive TCP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62513,17 +82891,17 @@ interface(`corenet_relabelto_snmp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_socks_port',`
+interface(`corenet_tcp_sendrecv_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 sype_transport_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the socks port.
+## Send UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62532,17 +82910,17 @@ interface(`corenet_tcp_sendrecv_socks_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_socks_port',`
+interface(`corenet_udp_send_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:udp_socket send_msg;
+ allow $1 sype_transport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the socks port.
+## Do not audit attempts to send UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62551,17 +82929,17 @@ interface(`corenet_udp_send_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_socks_port',`
+interface(`corenet_dontaudit_udp_send_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- dontaudit $1 socks_port_t:udp_socket send_msg;
+ dontaudit $1 sype_transport_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the socks port.
+## Receive UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62570,17 +82948,17 @@ interface(`corenet_dontaudit_udp_send_socks_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_socks_port',`
+interface(`corenet_udp_receive_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:udp_socket recv_msg;
+ allow $1 sype_transport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the socks port.
+## Do not audit attempts to receive UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62589,17 +82967,17 @@ interface(`corenet_udp_receive_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_socks_port',`
+interface(`corenet_dontaudit_udp_receive_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- dontaudit $1 socks_port_t:udp_socket recv_msg;
+ dontaudit $1 sype_transport_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the socks port.
+## Send and receive UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62608,15 +82986,15 @@ interface(`corenet_dontaudit_udp_receive_socks_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_socks_port',`
- corenet_udp_send_socks_port($1)
- corenet_udp_receive_socks_port($1)
+interface(`corenet_udp_sendrecv_sype_transport_port',`
+ corenet_udp_send_sype_transport_port($1)
+ corenet_udp_receive_sype_transport_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the socks port.
+## UDP traffic on the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62625,14 +83003,14 @@ interface(`corenet_udp_sendrecv_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
- corenet_dontaudit_udp_send_socks_port($1)
- corenet_dontaudit_udp_receive_socks_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_sype_transport_port',`
+ corenet_dontaudit_udp_send_sype_transport_port($1)
+ corenet_dontaudit_udp_receive_sype_transport_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the socks port.
+## Bind TCP sockets to the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62641,18 +83019,18 @@ interface(`corenet_dontaudit_udp_sendrecv_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_socks_port',`
+interface(`corenet_tcp_bind_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:tcp_socket name_bind;
+ allow $1 sype_transport_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the socks port.
+## Bind UDP sockets to the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62661,18 +83039,18 @@ interface(`corenet_tcp_bind_socks_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_socks_port',`
+interface(`corenet_udp_bind_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:udp_socket name_bind;
+ allow $1 sype_transport_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the socks port.
+## Make a TCP connection to the sype_transport port.
## </summary>
## <param name="domain">
## <summary>
@@ -62680,18 +83058,18 @@ interface(`corenet_udp_bind_socks_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_socks_port',`
+interface(`corenet_tcp_connect_sype_transport_port',`
gen_require(`
- type socks_port_t;
+ type sype_transport_port_t;
')
- allow $1 socks_port_t:tcp_socket name_connect;
+ allow $1 sype_transport_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send socks_client packets.
+## Send sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62700,17 +83078,17 @@ interface(`corenet_tcp_connect_socks_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_socks_client_packets',`
+interface(`corenet_send_sype_transport_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type sype_transport_client_packet_t;
')
- allow $1 socks_client_packet_t:packet send;
+ allow $1 sype_transport_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send socks_client packets.
+## Do not audit attempts to send sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62719,17 +83097,17 @@ interface(`corenet_send_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_socks_client_packets',`
+interface(`corenet_dontaudit_send_sype_transport_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type sype_transport_client_packet_t;
')
- dontaudit $1 socks_client_packet_t:packet send;
+ dontaudit $1 sype_transport_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive socks_client packets.
+## Receive sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62738,17 +83116,17 @@ interface(`corenet_dontaudit_send_socks_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_socks_client_packets',`
+interface(`corenet_receive_sype_transport_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type sype_transport_client_packet_t;
')
- allow $1 socks_client_packet_t:packet recv;
+ allow $1 sype_transport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive socks_client packets.
+## Do not audit attempts to receive sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62757,17 +83135,17 @@ interface(`corenet_receive_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_socks_client_packets',`
+interface(`corenet_dontaudit_receive_sype_transport_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type sype_transport_client_packet_t;
')
- dontaudit $1 socks_client_packet_t:packet recv;
+ dontaudit $1 sype_transport_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive socks_client packets.
+## Send and receive sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62776,14 +83154,14 @@ interface(`corenet_dontaudit_receive_socks_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_socks_client_packets',`
- corenet_send_socks_client_packets($1)
- corenet_receive_socks_client_packets($1)
+interface(`corenet_sendrecv_sype_transport_client_packets',`
+ corenet_send_sype_transport_client_packets($1)
+ corenet_receive_sype_transport_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive socks_client packets.
+## Do not audit attempts to send and receive sype_transport_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62792,14 +83170,14 @@ interface(`corenet_sendrecv_socks_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
- corenet_dontaudit_send_socks_client_packets($1)
- corenet_dontaudit_receive_socks_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_sype_transport_client_packets',`
+ corenet_dontaudit_send_sype_transport_client_packets($1)
+ corenet_dontaudit_receive_sype_transport_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to socks_client the packet type.
+## Relabel packets to sype_transport_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62807,18 +83185,18 @@ interface(`corenet_dontaudit_sendrecv_socks_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_socks_client_packets',`
+interface(`corenet_relabelto_sype_transport_client_packets',`
gen_require(`
- type socks_client_packet_t;
+ type sype_transport_client_packet_t;
')
- allow $1 socks_client_packet_t:packet relabelto;
+ allow $1 sype_transport_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send socks_server packets.
+## Send sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62827,17 +83205,17 @@ interface(`corenet_relabelto_socks_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_socks_server_packets',`
+interface(`corenet_send_sype_transport_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type sype_transport_server_packet_t;
')
- allow $1 socks_server_packet_t:packet send;
+ allow $1 sype_transport_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send socks_server packets.
+## Do not audit attempts to send sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62846,17 +83224,17 @@ interface(`corenet_send_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_socks_server_packets',`
+interface(`corenet_dontaudit_send_sype_transport_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type sype_transport_server_packet_t;
')
- dontaudit $1 socks_server_packet_t:packet send;
+ dontaudit $1 sype_transport_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive socks_server packets.
+## Receive sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62865,17 +83243,17 @@ interface(`corenet_dontaudit_send_socks_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_socks_server_packets',`
+interface(`corenet_receive_sype_transport_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type sype_transport_server_packet_t;
')
- allow $1 socks_server_packet_t:packet recv;
+ allow $1 sype_transport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive socks_server packets.
+## Do not audit attempts to receive sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62884,17 +83262,17 @@ interface(`corenet_receive_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_socks_server_packets',`
+interface(`corenet_dontaudit_receive_sype_transport_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type sype_transport_server_packet_t;
')
- dontaudit $1 socks_server_packet_t:packet recv;
+ dontaudit $1 sype_transport_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive socks_server packets.
+## Send and receive sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62903,14 +83281,14 @@ interface(`corenet_dontaudit_receive_socks_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_socks_server_packets',`
- corenet_send_socks_server_packets($1)
- corenet_receive_socks_server_packets($1)
+interface(`corenet_sendrecv_sype_transport_server_packets',`
+ corenet_send_sype_transport_server_packets($1)
+ corenet_receive_sype_transport_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive socks_server packets.
+## Do not audit attempts to send and receive sype_transport_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -62919,14 +83297,14 @@ interface(`corenet_sendrecv_socks_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
- corenet_dontaudit_send_socks_server_packets($1)
- corenet_dontaudit_receive_socks_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_sype_transport_server_packets',`
+ corenet_dontaudit_send_sype_transport_server_packets($1)
+ corenet_dontaudit_receive_sype_transport_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to socks_server the packet type.
+## Relabel packets to sype_transport_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -62934,20 +83312,20 @@ interface(`corenet_dontaudit_sendrecv_socks_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_socks_server_packets',`
+interface(`corenet_relabelto_sype_transport_server_packets',`
gen_require(`
- type socks_server_packet_t;
+ type sype_transport_server_packet_t;
')
- allow $1 socks_server_packet_t:packet relabelto;
+ allow $1 sype_transport_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the soundd port.
+## Send and receive TCP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -62956,17 +83334,17 @@ interface(`corenet_relabelto_socks_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_soundd_port',`
+interface(`corenet_tcp_sendrecv_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 syslogd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the soundd port.
+## Send UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -62975,17 +83353,17 @@ interface(`corenet_tcp_sendrecv_soundd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_soundd_port',`
+interface(`corenet_udp_send_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:udp_socket send_msg;
+ allow $1 syslogd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the soundd port.
+## Do not audit attempts to send UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -62994,17 +83372,17 @@ interface(`corenet_udp_send_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_soundd_port',`
+interface(`corenet_dontaudit_udp_send_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- dontaudit $1 soundd_port_t:udp_socket send_msg;
+ dontaudit $1 syslogd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the soundd port.
+## Receive UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63013,17 +83391,17 @@ interface(`corenet_dontaudit_udp_send_soundd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_soundd_port',`
+interface(`corenet_udp_receive_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:udp_socket recv_msg;
+ allow $1 syslogd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the soundd port.
+## Do not audit attempts to receive UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63032,17 +83410,17 @@ interface(`corenet_udp_receive_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_soundd_port',`
+interface(`corenet_dontaudit_udp_receive_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- dontaudit $1 soundd_port_t:udp_socket recv_msg;
+ dontaudit $1 syslogd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the soundd port.
+## Send and receive UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63051,15 +83429,15 @@ interface(`corenet_dontaudit_udp_receive_soundd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_soundd_port',`
- corenet_udp_send_soundd_port($1)
- corenet_udp_receive_soundd_port($1)
+interface(`corenet_udp_sendrecv_syslogd_port',`
+ corenet_udp_send_syslogd_port($1)
+ corenet_udp_receive_syslogd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the soundd port.
+## UDP traffic on the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63068,14 +83446,14 @@ interface(`corenet_udp_sendrecv_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
- corenet_dontaudit_udp_send_soundd_port($1)
- corenet_dontaudit_udp_receive_soundd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_syslogd_port',`
+ corenet_dontaudit_udp_send_syslogd_port($1)
+ corenet_dontaudit_udp_receive_syslogd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the soundd port.
+## Bind TCP sockets to the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63084,18 +83462,18 @@ interface(`corenet_dontaudit_udp_sendrecv_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_soundd_port',`
+interface(`corenet_tcp_bind_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:tcp_socket name_bind;
-
+ allow $1 syslogd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the soundd port.
+## Bind UDP sockets to the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63104,18 +83482,18 @@ interface(`corenet_tcp_bind_soundd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_soundd_port',`
+interface(`corenet_udp_bind_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:udp_socket name_bind;
-
+ allow $1 syslogd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the soundd port.
+## Make a TCP connection to the syslogd port.
## </summary>
## <param name="domain">
## <summary>
@@ -63123,18 +83501,18 @@ interface(`corenet_udp_bind_soundd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_soundd_port',`
+interface(`corenet_tcp_connect_syslogd_port',`
gen_require(`
- type soundd_port_t;
+ type syslogd_port_t;
')
- allow $1 soundd_port_t:tcp_socket name_connect;
+ allow $1 syslogd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send soundd_client packets.
+## Send syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63143,17 +83521,17 @@ interface(`corenet_tcp_connect_soundd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_soundd_client_packets',`
+interface(`corenet_send_syslogd_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type syslogd_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet send;
+ allow $1 syslogd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send soundd_client packets.
+## Do not audit attempts to send syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63162,17 +83540,17 @@ interface(`corenet_send_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_soundd_client_packets',`
+interface(`corenet_dontaudit_send_syslogd_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type syslogd_client_packet_t;
')
- dontaudit $1 soundd_client_packet_t:packet send;
+ dontaudit $1 syslogd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive soundd_client packets.
+## Receive syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63181,17 +83559,17 @@ interface(`corenet_dontaudit_send_soundd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_soundd_client_packets',`
+interface(`corenet_receive_syslogd_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type syslogd_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet recv;
+ allow $1 syslogd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive soundd_client packets.
+## Do not audit attempts to receive syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63200,17 +83578,17 @@ interface(`corenet_receive_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_soundd_client_packets',`
+interface(`corenet_dontaudit_receive_syslogd_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type syslogd_client_packet_t;
')
- dontaudit $1 soundd_client_packet_t:packet recv;
+ dontaudit $1 syslogd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive soundd_client packets.
+## Send and receive syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63219,14 +83597,14 @@ interface(`corenet_dontaudit_receive_soundd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_soundd_client_packets',`
- corenet_send_soundd_client_packets($1)
- corenet_receive_soundd_client_packets($1)
+interface(`corenet_sendrecv_syslogd_client_packets',`
+ corenet_send_syslogd_client_packets($1)
+ corenet_receive_syslogd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive soundd_client packets.
+## Do not audit attempts to send and receive syslogd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63235,14 +83613,14 @@ interface(`corenet_sendrecv_soundd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
- corenet_dontaudit_send_soundd_client_packets($1)
- corenet_dontaudit_receive_soundd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_syslogd_client_packets',`
+ corenet_dontaudit_send_syslogd_client_packets($1)
+ corenet_dontaudit_receive_syslogd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to soundd_client the packet type.
+## Relabel packets to syslogd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63250,18 +83628,18 @@ interface(`corenet_dontaudit_sendrecv_soundd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_soundd_client_packets',`
+interface(`corenet_relabelto_syslogd_client_packets',`
gen_require(`
- type soundd_client_packet_t;
+ type syslogd_client_packet_t;
')
- allow $1 soundd_client_packet_t:packet relabelto;
+ allow $1 syslogd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send soundd_server packets.
+## Send syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63270,17 +83648,17 @@ interface(`corenet_relabelto_soundd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_soundd_server_packets',`
+interface(`corenet_send_syslogd_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type syslogd_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet send;
+ allow $1 syslogd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send soundd_server packets.
+## Do not audit attempts to send syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63289,17 +83667,17 @@ interface(`corenet_send_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_soundd_server_packets',`
+interface(`corenet_dontaudit_send_syslogd_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type syslogd_server_packet_t;
')
- dontaudit $1 soundd_server_packet_t:packet send;
+ dontaudit $1 syslogd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive soundd_server packets.
+## Receive syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63308,17 +83686,17 @@ interface(`corenet_dontaudit_send_soundd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_soundd_server_packets',`
+interface(`corenet_receive_syslogd_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type syslogd_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet recv;
+ allow $1 syslogd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive soundd_server packets.
+## Do not audit attempts to receive syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63327,17 +83705,17 @@ interface(`corenet_receive_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_soundd_server_packets',`
+interface(`corenet_dontaudit_receive_syslogd_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type syslogd_server_packet_t;
')
- dontaudit $1 soundd_server_packet_t:packet recv;
+ dontaudit $1 syslogd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive soundd_server packets.
+## Send and receive syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63346,14 +83724,14 @@ interface(`corenet_dontaudit_receive_soundd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_soundd_server_packets',`
- corenet_send_soundd_server_packets($1)
- corenet_receive_soundd_server_packets($1)
+interface(`corenet_sendrecv_syslogd_server_packets',`
+ corenet_send_syslogd_server_packets($1)
+ corenet_receive_syslogd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive soundd_server packets.
+## Do not audit attempts to send and receive syslogd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63362,14 +83740,14 @@ interface(`corenet_sendrecv_soundd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
- corenet_dontaudit_send_soundd_server_packets($1)
- corenet_dontaudit_receive_soundd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_syslogd_server_packets',`
+ corenet_dontaudit_send_syslogd_server_packets($1)
+ corenet_dontaudit_receive_syslogd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to soundd_server the packet type.
+## Relabel packets to syslogd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63377,12 +83755,12 @@ interface(`corenet_dontaudit_sendrecv_soundd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_soundd_server_packets',`
+interface(`corenet_relabelto_syslogd_server_packets',`
gen_require(`
- type soundd_server_packet_t;
+ type syslogd_server_packet_t;
')
- allow $1 soundd_server_packet_t:packet relabelto;
+ allow $1 syslogd_server_packet_t:packet relabelto;
')
@@ -63390,7 +83768,7 @@ interface(`corenet_relabelto_soundd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the spamd port.
+## Send and receive TCP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63399,17 +83777,17 @@ interface(`corenet_relabelto_soundd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_spamd_port',`
+interface(`corenet_tcp_sendrecv_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 syslog_tls_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the spamd port.
+## Send UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63418,17 +83796,17 @@ interface(`corenet_tcp_sendrecv_spamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_spamd_port',`
+interface(`corenet_udp_send_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:udp_socket send_msg;
+ allow $1 syslog_tls_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the spamd port.
+## Do not audit attempts to send UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63437,17 +83815,17 @@ interface(`corenet_udp_send_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_spamd_port',`
+interface(`corenet_dontaudit_udp_send_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- dontaudit $1 spamd_port_t:udp_socket send_msg;
+ dontaudit $1 syslog_tls_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the spamd port.
+## Receive UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63456,17 +83834,17 @@ interface(`corenet_dontaudit_udp_send_spamd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_spamd_port',`
+interface(`corenet_udp_receive_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:udp_socket recv_msg;
+ allow $1 syslog_tls_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the spamd port.
+## Do not audit attempts to receive UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63475,17 +83853,17 @@ interface(`corenet_udp_receive_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_spamd_port',`
+interface(`corenet_dontaudit_udp_receive_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- dontaudit $1 spamd_port_t:udp_socket recv_msg;
+ dontaudit $1 syslog_tls_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the spamd port.
+## Send and receive UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63494,15 +83872,15 @@ interface(`corenet_dontaudit_udp_receive_spamd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_spamd_port',`
- corenet_udp_send_spamd_port($1)
- corenet_udp_receive_spamd_port($1)
+interface(`corenet_udp_sendrecv_syslog_tls_port',`
+ corenet_udp_send_syslog_tls_port($1)
+ corenet_udp_receive_syslog_tls_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the spamd port.
+## UDP traffic on the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63511,14 +83889,14 @@ interface(`corenet_udp_sendrecv_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
- corenet_dontaudit_udp_send_spamd_port($1)
- corenet_dontaudit_udp_receive_spamd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_syslog_tls_port',`
+ corenet_dontaudit_udp_send_syslog_tls_port($1)
+ corenet_dontaudit_udp_receive_syslog_tls_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the spamd port.
+## Bind TCP sockets to the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63527,18 +83905,18 @@ interface(`corenet_dontaudit_udp_sendrecv_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_spamd_port',`
+interface(`corenet_tcp_bind_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syslog_tls_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the spamd port.
+## Bind UDP sockets to the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63547,18 +83925,18 @@ interface(`corenet_tcp_bind_spamd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_spamd_port',`
+interface(`corenet_udp_bind_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 syslog_tls_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the spamd port.
+## Make a TCP connection to the syslog_tls port.
## </summary>
## <param name="domain">
## <summary>
@@ -63566,18 +83944,18 @@ interface(`corenet_udp_bind_spamd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_spamd_port',`
+interface(`corenet_tcp_connect_syslog_tls_port',`
gen_require(`
- type spamd_port_t;
+ type syslog_tls_port_t;
')
- allow $1 spamd_port_t:tcp_socket name_connect;
+ allow $1 syslog_tls_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send spamd_client packets.
+## Send syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63586,17 +83964,17 @@ interface(`corenet_tcp_connect_spamd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_spamd_client_packets',`
+interface(`corenet_send_syslog_tls_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type syslog_tls_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet send;
+ allow $1 syslog_tls_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send spamd_client packets.
+## Do not audit attempts to send syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63605,17 +83983,17 @@ interface(`corenet_send_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_spamd_client_packets',`
+interface(`corenet_dontaudit_send_syslog_tls_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type syslog_tls_client_packet_t;
')
- dontaudit $1 spamd_client_packet_t:packet send;
+ dontaudit $1 syslog_tls_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive spamd_client packets.
+## Receive syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63624,17 +84002,17 @@ interface(`corenet_dontaudit_send_spamd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_spamd_client_packets',`
+interface(`corenet_receive_syslog_tls_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type syslog_tls_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet recv;
+ allow $1 syslog_tls_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive spamd_client packets.
+## Do not audit attempts to receive syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63643,17 +84021,17 @@ interface(`corenet_receive_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_spamd_client_packets',`
+interface(`corenet_dontaudit_receive_syslog_tls_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type syslog_tls_client_packet_t;
')
- dontaudit $1 spamd_client_packet_t:packet recv;
+ dontaudit $1 syslog_tls_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive spamd_client packets.
+## Send and receive syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63662,14 +84040,14 @@ interface(`corenet_dontaudit_receive_spamd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_spamd_client_packets',`
- corenet_send_spamd_client_packets($1)
- corenet_receive_spamd_client_packets($1)
+interface(`corenet_sendrecv_syslog_tls_client_packets',`
+ corenet_send_syslog_tls_client_packets($1)
+ corenet_receive_syslog_tls_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive spamd_client packets.
+## Do not audit attempts to send and receive syslog_tls_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63678,14 +84056,14 @@ interface(`corenet_sendrecv_spamd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
- corenet_dontaudit_send_spamd_client_packets($1)
- corenet_dontaudit_receive_spamd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_syslog_tls_client_packets',`
+ corenet_dontaudit_send_syslog_tls_client_packets($1)
+ corenet_dontaudit_receive_syslog_tls_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to spamd_client the packet type.
+## Relabel packets to syslog_tls_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63693,18 +84071,18 @@ interface(`corenet_dontaudit_sendrecv_spamd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_spamd_client_packets',`
+interface(`corenet_relabelto_syslog_tls_client_packets',`
gen_require(`
- type spamd_client_packet_t;
+ type syslog_tls_client_packet_t;
')
- allow $1 spamd_client_packet_t:packet relabelto;
+ allow $1 syslog_tls_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send spamd_server packets.
+## Send syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63713,17 +84091,17 @@ interface(`corenet_relabelto_spamd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_spamd_server_packets',`
+interface(`corenet_send_syslog_tls_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type syslog_tls_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet send;
+ allow $1 syslog_tls_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send spamd_server packets.
+## Do not audit attempts to send syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63732,17 +84110,17 @@ interface(`corenet_send_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_spamd_server_packets',`
+interface(`corenet_dontaudit_send_syslog_tls_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type syslog_tls_server_packet_t;
')
- dontaudit $1 spamd_server_packet_t:packet send;
+ dontaudit $1 syslog_tls_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive spamd_server packets.
+## Receive syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63751,17 +84129,17 @@ interface(`corenet_dontaudit_send_spamd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_spamd_server_packets',`
+interface(`corenet_receive_syslog_tls_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type syslog_tls_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet recv;
+ allow $1 syslog_tls_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive spamd_server packets.
+## Do not audit attempts to receive syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63770,17 +84148,17 @@ interface(`corenet_receive_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_spamd_server_packets',`
+interface(`corenet_dontaudit_receive_syslog_tls_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type syslog_tls_server_packet_t;
')
- dontaudit $1 spamd_server_packet_t:packet recv;
+ dontaudit $1 syslog_tls_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive spamd_server packets.
+## Send and receive syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63789,14 +84167,14 @@ interface(`corenet_dontaudit_receive_spamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_spamd_server_packets',`
- corenet_send_spamd_server_packets($1)
- corenet_receive_spamd_server_packets($1)
+interface(`corenet_sendrecv_syslog_tls_server_packets',`
+ corenet_send_syslog_tls_server_packets($1)
+ corenet_receive_syslog_tls_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive spamd_server packets.
+## Do not audit attempts to send and receive syslog_tls_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -63805,14 +84183,14 @@ interface(`corenet_sendrecv_spamd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
- corenet_dontaudit_send_spamd_server_packets($1)
- corenet_dontaudit_receive_spamd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_syslog_tls_server_packets',`
+ corenet_dontaudit_send_syslog_tls_server_packets($1)
+ corenet_dontaudit_receive_syslog_tls_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to spamd_server the packet type.
+## Relabel packets to syslog_tls_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -63820,12 +84198,12 @@ interface(`corenet_dontaudit_sendrecv_spamd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_spamd_server_packets',`
+interface(`corenet_relabelto_syslog_tls_server_packets',`
gen_require(`
- type spamd_server_packet_t;
+ type syslog_tls_server_packet_t;
')
- allow $1 spamd_server_packet_t:packet relabelto;
+ allow $1 syslog_tls_server_packet_t:packet relabelto;
')
@@ -63833,7 +84211,7 @@ interface(`corenet_relabelto_spamd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the speech port.
+## Send and receive TCP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63842,17 +84220,17 @@ interface(`corenet_relabelto_spamd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_speech_port',`
+interface(`corenet_tcp_sendrecv_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 tcs_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the speech port.
+## Send UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63861,17 +84239,17 @@ interface(`corenet_tcp_sendrecv_speech_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_speech_port',`
+interface(`corenet_udp_send_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:udp_socket send_msg;
+ allow $1 tcs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the speech port.
+## Do not audit attempts to send UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63880,17 +84258,17 @@ interface(`corenet_udp_send_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_speech_port',`
+interface(`corenet_dontaudit_udp_send_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- dontaudit $1 speech_port_t:udp_socket send_msg;
+ dontaudit $1 tcs_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the speech port.
+## Receive UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63899,17 +84277,17 @@ interface(`corenet_dontaudit_udp_send_speech_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_speech_port',`
+interface(`corenet_udp_receive_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:udp_socket recv_msg;
+ allow $1 tcs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the speech port.
+## Do not audit attempts to receive UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63918,17 +84296,17 @@ interface(`corenet_udp_receive_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_speech_port',`
+interface(`corenet_dontaudit_udp_receive_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- dontaudit $1 speech_port_t:udp_socket recv_msg;
+ dontaudit $1 tcs_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the speech port.
+## Send and receive UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63937,15 +84315,15 @@ interface(`corenet_dontaudit_udp_receive_speech_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_speech_port',`
- corenet_udp_send_speech_port($1)
- corenet_udp_receive_speech_port($1)
+interface(`corenet_udp_sendrecv_tcs_port',`
+ corenet_udp_send_tcs_port($1)
+ corenet_udp_receive_tcs_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the speech port.
+## UDP traffic on the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63954,14 +84332,14 @@ interface(`corenet_udp_sendrecv_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
- corenet_dontaudit_udp_send_speech_port($1)
- corenet_dontaudit_udp_receive_speech_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_tcs_port',`
+ corenet_dontaudit_udp_send_tcs_port($1)
+ corenet_dontaudit_udp_receive_tcs_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the speech port.
+## Bind TCP sockets to the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63970,18 +84348,18 @@ interface(`corenet_dontaudit_udp_sendrecv_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_speech_port',`
+interface(`corenet_tcp_bind_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:tcp_socket name_bind;
+ allow $1 tcs_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the speech port.
+## Bind UDP sockets to the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -63990,18 +84368,18 @@ interface(`corenet_tcp_bind_speech_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_speech_port',`
+interface(`corenet_udp_bind_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:udp_socket name_bind;
+ allow $1 tcs_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the speech port.
+## Make a TCP connection to the tcs port.
## </summary>
## <param name="domain">
## <summary>
@@ -64009,18 +84387,18 @@ interface(`corenet_udp_bind_speech_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_speech_port',`
+interface(`corenet_tcp_connect_tcs_port',`
gen_require(`
- type speech_port_t;
+ type tcs_port_t;
')
- allow $1 speech_port_t:tcp_socket name_connect;
+ allow $1 tcs_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send speech_client packets.
+## Send tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64029,17 +84407,17 @@ interface(`corenet_tcp_connect_speech_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_speech_client_packets',`
+interface(`corenet_send_tcs_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type tcs_client_packet_t;
')
- allow $1 speech_client_packet_t:packet send;
+ allow $1 tcs_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send speech_client packets.
+## Do not audit attempts to send tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64048,17 +84426,17 @@ interface(`corenet_send_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_speech_client_packets',`
+interface(`corenet_dontaudit_send_tcs_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type tcs_client_packet_t;
')
- dontaudit $1 speech_client_packet_t:packet send;
+ dontaudit $1 tcs_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive speech_client packets.
+## Receive tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64067,17 +84445,17 @@ interface(`corenet_dontaudit_send_speech_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_speech_client_packets',`
+interface(`corenet_receive_tcs_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type tcs_client_packet_t;
')
- allow $1 speech_client_packet_t:packet recv;
+ allow $1 tcs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive speech_client packets.
+## Do not audit attempts to receive tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64086,17 +84464,17 @@ interface(`corenet_receive_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_speech_client_packets',`
+interface(`corenet_dontaudit_receive_tcs_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type tcs_client_packet_t;
')
- dontaudit $1 speech_client_packet_t:packet recv;
+ dontaudit $1 tcs_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive speech_client packets.
+## Send and receive tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64105,14 +84483,14 @@ interface(`corenet_dontaudit_receive_speech_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_speech_client_packets',`
- corenet_send_speech_client_packets($1)
- corenet_receive_speech_client_packets($1)
+interface(`corenet_sendrecv_tcs_client_packets',`
+ corenet_send_tcs_client_packets($1)
+ corenet_receive_tcs_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive speech_client packets.
+## Do not audit attempts to send and receive tcs_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64121,14 +84499,14 @@ interface(`corenet_sendrecv_speech_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
- corenet_dontaudit_send_speech_client_packets($1)
- corenet_dontaudit_receive_speech_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_tcs_client_packets',`
+ corenet_dontaudit_send_tcs_client_packets($1)
+ corenet_dontaudit_receive_tcs_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to speech_client the packet type.
+## Relabel packets to tcs_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64136,18 +84514,18 @@ interface(`corenet_dontaudit_sendrecv_speech_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_speech_client_packets',`
+interface(`corenet_relabelto_tcs_client_packets',`
gen_require(`
- type speech_client_packet_t;
+ type tcs_client_packet_t;
')
- allow $1 speech_client_packet_t:packet relabelto;
+ allow $1 tcs_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send speech_server packets.
+## Send tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64156,17 +84534,17 @@ interface(`corenet_relabelto_speech_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_speech_server_packets',`
+interface(`corenet_send_tcs_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type tcs_server_packet_t;
')
- allow $1 speech_server_packet_t:packet send;
+ allow $1 tcs_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send speech_server packets.
+## Do not audit attempts to send tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64175,17 +84553,17 @@ interface(`corenet_send_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_speech_server_packets',`
+interface(`corenet_dontaudit_send_tcs_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type tcs_server_packet_t;
')
- dontaudit $1 speech_server_packet_t:packet send;
+ dontaudit $1 tcs_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive speech_server packets.
+## Receive tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64194,17 +84572,17 @@ interface(`corenet_dontaudit_send_speech_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_speech_server_packets',`
+interface(`corenet_receive_tcs_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type tcs_server_packet_t;
')
- allow $1 speech_server_packet_t:packet recv;
+ allow $1 tcs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive speech_server packets.
+## Do not audit attempts to receive tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64213,17 +84591,17 @@ interface(`corenet_receive_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_speech_server_packets',`
+interface(`corenet_dontaudit_receive_tcs_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type tcs_server_packet_t;
')
- dontaudit $1 speech_server_packet_t:packet recv;
+ dontaudit $1 tcs_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive speech_server packets.
+## Send and receive tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64232,14 +84610,14 @@ interface(`corenet_dontaudit_receive_speech_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_speech_server_packets',`
- corenet_send_speech_server_packets($1)
- corenet_receive_speech_server_packets($1)
+interface(`corenet_sendrecv_tcs_server_packets',`
+ corenet_send_tcs_server_packets($1)
+ corenet_receive_tcs_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive speech_server packets.
+## Do not audit attempts to send and receive tcs_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64248,14 +84626,14 @@ interface(`corenet_sendrecv_speech_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
- corenet_dontaudit_send_speech_server_packets($1)
- corenet_dontaudit_receive_speech_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_tcs_server_packets',`
+ corenet_dontaudit_send_tcs_server_packets($1)
+ corenet_dontaudit_receive_tcs_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to speech_server the packet type.
+## Relabel packets to tcs_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64263,12 +84641,12 @@ interface(`corenet_dontaudit_sendrecv_speech_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_speech_server_packets',`
+interface(`corenet_relabelto_tcs_server_packets',`
gen_require(`
- type speech_server_packet_t;
+ type tcs_server_packet_t;
')
- allow $1 speech_server_packet_t:packet relabelto;
+ allow $1 tcs_server_packet_t:packet relabelto;
')
@@ -64276,7 +84654,7 @@ interface(`corenet_relabelto_speech_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the squid port.
+## Send and receive TCP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64285,17 +84663,17 @@ interface(`corenet_relabelto_speech_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_squid_port',`
+interface(`corenet_tcp_sendrecv_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 telnetd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the squid port.
+## Send UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64304,17 +84682,17 @@ interface(`corenet_tcp_sendrecv_squid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_squid_port',`
+interface(`corenet_udp_send_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:udp_socket send_msg;
+ allow $1 telnetd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the squid port.
+## Do not audit attempts to send UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64323,17 +84701,17 @@ interface(`corenet_udp_send_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_squid_port',`
+interface(`corenet_dontaudit_udp_send_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- dontaudit $1 squid_port_t:udp_socket send_msg;
+ dontaudit $1 telnetd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the squid port.
+## Receive UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64342,17 +84720,17 @@ interface(`corenet_dontaudit_udp_send_squid_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_squid_port',`
+interface(`corenet_udp_receive_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:udp_socket recv_msg;
+ allow $1 telnetd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the squid port.
+## Do not audit attempts to receive UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64361,17 +84739,17 @@ interface(`corenet_udp_receive_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_squid_port',`
+interface(`corenet_dontaudit_udp_receive_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- dontaudit $1 squid_port_t:udp_socket recv_msg;
+ dontaudit $1 telnetd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the squid port.
+## Send and receive UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64380,15 +84758,15 @@ interface(`corenet_dontaudit_udp_receive_squid_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_squid_port',`
- corenet_udp_send_squid_port($1)
- corenet_udp_receive_squid_port($1)
+interface(`corenet_udp_sendrecv_telnetd_port',`
+ corenet_udp_send_telnetd_port($1)
+ corenet_udp_receive_telnetd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the squid port.
+## UDP traffic on the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64397,14 +84775,14 @@ interface(`corenet_udp_sendrecv_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
- corenet_dontaudit_udp_send_squid_port($1)
- corenet_dontaudit_udp_receive_squid_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_telnetd_port',`
+ corenet_dontaudit_udp_send_telnetd_port($1)
+ corenet_dontaudit_udp_receive_telnetd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the squid port.
+## Bind TCP sockets to the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64413,18 +84791,18 @@ interface(`corenet_dontaudit_udp_sendrecv_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_squid_port',`
+interface(`corenet_tcp_bind_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:tcp_socket name_bind;
-
+ allow $1 telnetd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the squid port.
+## Bind UDP sockets to the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64433,18 +84811,18 @@ interface(`corenet_tcp_bind_squid_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_squid_port',`
+interface(`corenet_udp_bind_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:udp_socket name_bind;
-
+ allow $1 telnetd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the squid port.
+## Make a TCP connection to the telnetd port.
## </summary>
## <param name="domain">
## <summary>
@@ -64452,18 +84830,18 @@ interface(`corenet_udp_bind_squid_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_squid_port',`
+interface(`corenet_tcp_connect_telnetd_port',`
gen_require(`
- type squid_port_t;
+ type telnetd_port_t;
')
- allow $1 squid_port_t:tcp_socket name_connect;
+ allow $1 telnetd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send squid_client packets.
+## Send telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64472,17 +84850,17 @@ interface(`corenet_tcp_connect_squid_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_squid_client_packets',`
+interface(`corenet_send_telnetd_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type telnetd_client_packet_t;
')
- allow $1 squid_client_packet_t:packet send;
+ allow $1 telnetd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send squid_client packets.
+## Do not audit attempts to send telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64491,17 +84869,17 @@ interface(`corenet_send_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_squid_client_packets',`
+interface(`corenet_dontaudit_send_telnetd_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type telnetd_client_packet_t;
')
- dontaudit $1 squid_client_packet_t:packet send;
+ dontaudit $1 telnetd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive squid_client packets.
+## Receive telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64510,17 +84888,17 @@ interface(`corenet_dontaudit_send_squid_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_squid_client_packets',`
+interface(`corenet_receive_telnetd_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type telnetd_client_packet_t;
')
- allow $1 squid_client_packet_t:packet recv;
+ allow $1 telnetd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive squid_client packets.
+## Do not audit attempts to receive telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64529,17 +84907,17 @@ interface(`corenet_receive_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_squid_client_packets',`
+interface(`corenet_dontaudit_receive_telnetd_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type telnetd_client_packet_t;
')
- dontaudit $1 squid_client_packet_t:packet recv;
+ dontaudit $1 telnetd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive squid_client packets.
+## Send and receive telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64548,14 +84926,14 @@ interface(`corenet_dontaudit_receive_squid_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_squid_client_packets',`
- corenet_send_squid_client_packets($1)
- corenet_receive_squid_client_packets($1)
+interface(`corenet_sendrecv_telnetd_client_packets',`
+ corenet_send_telnetd_client_packets($1)
+ corenet_receive_telnetd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive squid_client packets.
+## Do not audit attempts to send and receive telnetd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64564,14 +84942,14 @@ interface(`corenet_sendrecv_squid_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
- corenet_dontaudit_send_squid_client_packets($1)
- corenet_dontaudit_receive_squid_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_telnetd_client_packets',`
+ corenet_dontaudit_send_telnetd_client_packets($1)
+ corenet_dontaudit_receive_telnetd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to squid_client the packet type.
+## Relabel packets to telnetd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64579,18 +84957,18 @@ interface(`corenet_dontaudit_sendrecv_squid_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_squid_client_packets',`
+interface(`corenet_relabelto_telnetd_client_packets',`
gen_require(`
- type squid_client_packet_t;
+ type telnetd_client_packet_t;
')
- allow $1 squid_client_packet_t:packet relabelto;
+ allow $1 telnetd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send squid_server packets.
+## Send telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64599,17 +84977,17 @@ interface(`corenet_relabelto_squid_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_squid_server_packets',`
+interface(`corenet_send_telnetd_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type telnetd_server_packet_t;
')
- allow $1 squid_server_packet_t:packet send;
+ allow $1 telnetd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send squid_server packets.
+## Do not audit attempts to send telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64618,17 +84996,17 @@ interface(`corenet_send_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_squid_server_packets',`
+interface(`corenet_dontaudit_send_telnetd_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type telnetd_server_packet_t;
')
- dontaudit $1 squid_server_packet_t:packet send;
+ dontaudit $1 telnetd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive squid_server packets.
+## Receive telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64637,17 +85015,17 @@ interface(`corenet_dontaudit_send_squid_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_squid_server_packets',`
+interface(`corenet_receive_telnetd_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type telnetd_server_packet_t;
')
- allow $1 squid_server_packet_t:packet recv;
+ allow $1 telnetd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive squid_server packets.
+## Do not audit attempts to receive telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64656,17 +85034,17 @@ interface(`corenet_receive_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_squid_server_packets',`
+interface(`corenet_dontaudit_receive_telnetd_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type telnetd_server_packet_t;
')
- dontaudit $1 squid_server_packet_t:packet recv;
+ dontaudit $1 telnetd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive squid_server packets.
+## Send and receive telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64675,14 +85053,14 @@ interface(`corenet_dontaudit_receive_squid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_squid_server_packets',`
- corenet_send_squid_server_packets($1)
- corenet_receive_squid_server_packets($1)
+interface(`corenet_sendrecv_telnetd_server_packets',`
+ corenet_send_telnetd_server_packets($1)
+ corenet_receive_telnetd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive squid_server packets.
+## Do not audit attempts to send and receive telnetd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64691,14 +85069,14 @@ interface(`corenet_sendrecv_squid_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
- corenet_dontaudit_send_squid_server_packets($1)
- corenet_dontaudit_receive_squid_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_telnetd_server_packets',`
+ corenet_dontaudit_send_telnetd_server_packets($1)
+ corenet_dontaudit_receive_telnetd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to squid_server the packet type.
+## Relabel packets to telnetd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -64706,20 +85084,20 @@ interface(`corenet_dontaudit_sendrecv_squid_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_squid_server_packets',`
+interface(`corenet_relabelto_telnetd_server_packets',`
gen_require(`
- type squid_server_packet_t;
+ type telnetd_server_packet_t;
')
- allow $1 squid_server_packet_t:packet relabelto;
+ allow $1 telnetd_server_packet_t:packet relabelto;
')
- # snmp and htcp
+
########################################
## <summary>
-## Send and receive TCP traffic on the ssh port.
+## Send and receive TCP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64728,17 +85106,17 @@ interface(`corenet_relabelto_squid_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ssh_port',`
+interface(`corenet_tcp_sendrecv_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 tftp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ssh port.
+## Send UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64747,17 +85125,17 @@ interface(`corenet_tcp_sendrecv_ssh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ssh_port',`
+interface(`corenet_udp_send_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:udp_socket send_msg;
+ allow $1 tftp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ssh port.
+## Do not audit attempts to send UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64766,17 +85144,17 @@ interface(`corenet_udp_send_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ssh_port',`
+interface(`corenet_dontaudit_udp_send_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- dontaudit $1 ssh_port_t:udp_socket send_msg;
+ dontaudit $1 tftp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ssh port.
+## Receive UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64785,17 +85163,17 @@ interface(`corenet_dontaudit_udp_send_ssh_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ssh_port',`
+interface(`corenet_udp_receive_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:udp_socket recv_msg;
+ allow $1 tftp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ssh port.
+## Do not audit attempts to receive UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64804,17 +85182,17 @@ interface(`corenet_udp_receive_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ssh_port',`
+interface(`corenet_dontaudit_udp_receive_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- dontaudit $1 ssh_port_t:udp_socket recv_msg;
+ dontaudit $1 tftp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ssh port.
+## Send and receive UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64823,15 +85201,15 @@ interface(`corenet_dontaudit_udp_receive_ssh_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ssh_port',`
- corenet_udp_send_ssh_port($1)
- corenet_udp_receive_ssh_port($1)
+interface(`corenet_udp_sendrecv_tftp_port',`
+ corenet_udp_send_tftp_port($1)
+ corenet_udp_receive_tftp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ssh port.
+## UDP traffic on the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64840,14 +85218,14 @@ interface(`corenet_udp_sendrecv_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
- corenet_dontaudit_udp_send_ssh_port($1)
- corenet_dontaudit_udp_receive_ssh_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_tftp_port',`
+ corenet_dontaudit_udp_send_tftp_port($1)
+ corenet_dontaudit_udp_receive_tftp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ssh port.
+## Bind TCP sockets to the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64856,18 +85234,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ssh_port',`
+interface(`corenet_tcp_bind_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:tcp_socket name_bind;
+ allow $1 tftp_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the ssh port.
+## Bind UDP sockets to the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64876,18 +85254,18 @@ interface(`corenet_tcp_bind_ssh_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ssh_port',`
+interface(`corenet_udp_bind_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:udp_socket name_bind;
+ allow $1 tftp_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the ssh port.
+## Make a TCP connection to the tftp port.
## </summary>
## <param name="domain">
## <summary>
@@ -64895,18 +85273,18 @@ interface(`corenet_udp_bind_ssh_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ssh_port',`
+interface(`corenet_tcp_connect_tftp_port',`
gen_require(`
- type ssh_port_t;
+ type tftp_port_t;
')
- allow $1 ssh_port_t:tcp_socket name_connect;
+ allow $1 tftp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ssh_client packets.
+## Send tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64915,17 +85293,17 @@ interface(`corenet_tcp_connect_ssh_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssh_client_packets',`
+interface(`corenet_send_tftp_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type tftp_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet send;
+ allow $1 tftp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssh_client packets.
+## Do not audit attempts to send tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64934,17 +85312,17 @@ interface(`corenet_send_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssh_client_packets',`
+interface(`corenet_dontaudit_send_tftp_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type tftp_client_packet_t;
')
- dontaudit $1 ssh_client_packet_t:packet send;
+ dontaudit $1 tftp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssh_client packets.
+## Receive tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64953,17 +85331,17 @@ interface(`corenet_dontaudit_send_ssh_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssh_client_packets',`
+interface(`corenet_receive_tftp_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type tftp_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet recv;
+ allow $1 tftp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssh_client packets.
+## Do not audit attempts to receive tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64972,17 +85350,17 @@ interface(`corenet_receive_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssh_client_packets',`
+interface(`corenet_dontaudit_receive_tftp_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type tftp_client_packet_t;
')
- dontaudit $1 ssh_client_packet_t:packet recv;
+ dontaudit $1 tftp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssh_client packets.
+## Send and receive tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -64991,14 +85369,14 @@ interface(`corenet_dontaudit_receive_ssh_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssh_client_packets',`
- corenet_send_ssh_client_packets($1)
- corenet_receive_ssh_client_packets($1)
+interface(`corenet_sendrecv_tftp_client_packets',`
+ corenet_send_tftp_client_packets($1)
+ corenet_receive_tftp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssh_client packets.
+## Do not audit attempts to send and receive tftp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65007,14 +85385,14 @@ interface(`corenet_sendrecv_ssh_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
- corenet_dontaudit_send_ssh_client_packets($1)
- corenet_dontaudit_receive_ssh_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_tftp_client_packets',`
+ corenet_dontaudit_send_tftp_client_packets($1)
+ corenet_dontaudit_receive_tftp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssh_client the packet type.
+## Relabel packets to tftp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65022,18 +85400,18 @@ interface(`corenet_dontaudit_sendrecv_ssh_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssh_client_packets',`
+interface(`corenet_relabelto_tftp_client_packets',`
gen_require(`
- type ssh_client_packet_t;
+ type tftp_client_packet_t;
')
- allow $1 ssh_client_packet_t:packet relabelto;
+ allow $1 tftp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ssh_server packets.
+## Send tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65042,17 +85420,17 @@ interface(`corenet_relabelto_ssh_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ssh_server_packets',`
+interface(`corenet_send_tftp_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type tftp_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet send;
+ allow $1 tftp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ssh_server packets.
+## Do not audit attempts to send tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65061,17 +85439,17 @@ interface(`corenet_send_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ssh_server_packets',`
+interface(`corenet_dontaudit_send_tftp_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type tftp_server_packet_t;
')
- dontaudit $1 ssh_server_packet_t:packet send;
+ dontaudit $1 tftp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ssh_server packets.
+## Receive tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65080,17 +85458,17 @@ interface(`corenet_dontaudit_send_ssh_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ssh_server_packets',`
+interface(`corenet_receive_tftp_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type tftp_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet recv;
+ allow $1 tftp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ssh_server packets.
+## Do not audit attempts to receive tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65099,17 +85477,17 @@ interface(`corenet_receive_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ssh_server_packets',`
+interface(`corenet_dontaudit_receive_tftp_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type tftp_server_packet_t;
')
- dontaudit $1 ssh_server_packet_t:packet recv;
+ dontaudit $1 tftp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ssh_server packets.
+## Send and receive tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65118,14 +85496,14 @@ interface(`corenet_dontaudit_receive_ssh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ssh_server_packets',`
- corenet_send_ssh_server_packets($1)
- corenet_receive_ssh_server_packets($1)
+interface(`corenet_sendrecv_tftp_server_packets',`
+ corenet_send_tftp_server_packets($1)
+ corenet_receive_tftp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ssh_server packets.
+## Do not audit attempts to send and receive tftp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65134,14 +85512,14 @@ interface(`corenet_sendrecv_ssh_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
- corenet_dontaudit_send_ssh_server_packets($1)
- corenet_dontaudit_receive_ssh_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_tftp_server_packets',`
+ corenet_dontaudit_send_tftp_server_packets($1)
+ corenet_dontaudit_receive_tftp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ssh_server the packet type.
+## Relabel packets to tftp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65149,12 +85527,12 @@ interface(`corenet_dontaudit_sendrecv_ssh_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ssh_server_packets',`
+interface(`corenet_relabelto_tftp_server_packets',`
gen_require(`
- type ssh_server_packet_t;
+ type tftp_server_packet_t;
')
- allow $1 ssh_server_packet_t:packet relabelto;
+ allow $1 tftp_server_packet_t:packet relabelto;
')
@@ -65162,7 +85540,7 @@ interface(`corenet_relabelto_ssh_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the stunnel port.
+## Send and receive TCP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65171,17 +85549,17 @@ interface(`corenet_relabelto_ssh_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_stunnel_port',`
+interface(`corenet_tcp_sendrecv_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 tor_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the stunnel port.
+## Send UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65190,17 +85568,17 @@ interface(`corenet_tcp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_stunnel_port',`
+interface(`corenet_udp_send_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:udp_socket send_msg;
+ allow $1 tor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the stunnel port.
+## Do not audit attempts to send UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65209,17 +85587,17 @@ interface(`corenet_udp_send_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_stunnel_port',`
+interface(`corenet_dontaudit_udp_send_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- dontaudit $1 stunnel_port_t:udp_socket send_msg;
+ dontaudit $1 tor_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the stunnel port.
+## Receive UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65228,17 +85606,17 @@ interface(`corenet_dontaudit_udp_send_stunnel_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_stunnel_port',`
+interface(`corenet_udp_receive_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:udp_socket recv_msg;
+ allow $1 tor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the stunnel port.
+## Do not audit attempts to receive UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65247,17 +85625,17 @@ interface(`corenet_udp_receive_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_stunnel_port',`
+interface(`corenet_dontaudit_udp_receive_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- dontaudit $1 stunnel_port_t:udp_socket recv_msg;
+ dontaudit $1 tor_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the stunnel port.
+## Send and receive UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65266,15 +85644,15 @@ interface(`corenet_dontaudit_udp_receive_stunnel_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_stunnel_port',`
- corenet_udp_send_stunnel_port($1)
- corenet_udp_receive_stunnel_port($1)
+interface(`corenet_udp_sendrecv_tor_port',`
+ corenet_udp_send_tor_port($1)
+ corenet_udp_receive_tor_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the stunnel port.
+## UDP traffic on the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65283,14 +85661,14 @@ interface(`corenet_udp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
- corenet_dontaudit_udp_send_stunnel_port($1)
- corenet_dontaudit_udp_receive_stunnel_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_tor_port',`
+ corenet_dontaudit_udp_send_tor_port($1)
+ corenet_dontaudit_udp_receive_tor_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the stunnel port.
+## Bind TCP sockets to the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65299,18 +85677,18 @@ interface(`corenet_dontaudit_udp_sendrecv_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_stunnel_port',`
+interface(`corenet_tcp_bind_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:tcp_socket name_bind;
+ allow $1 tor_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the stunnel port.
+## Bind UDP sockets to the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65319,18 +85697,18 @@ interface(`corenet_tcp_bind_stunnel_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_stunnel_port',`
+interface(`corenet_udp_bind_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:udp_socket name_bind;
+ allow $1 tor_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the stunnel port.
+## Make a TCP connection to the tor port.
## </summary>
## <param name="domain">
## <summary>
@@ -65338,18 +85716,18 @@ interface(`corenet_udp_bind_stunnel_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_stunnel_port',`
+interface(`corenet_tcp_connect_tor_port',`
gen_require(`
- type stunnel_port_t;
+ type tor_port_t;
')
- allow $1 stunnel_port_t:tcp_socket name_connect;
+ allow $1 tor_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send stunnel_client packets.
+## Send tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65358,17 +85736,17 @@ interface(`corenet_tcp_connect_stunnel_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_stunnel_client_packets',`
+interface(`corenet_send_tor_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type tor_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet send;
+ allow $1 tor_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send stunnel_client packets.
+## Do not audit attempts to send tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65377,17 +85755,17 @@ interface(`corenet_send_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_stunnel_client_packets',`
+interface(`corenet_dontaudit_send_tor_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type tor_client_packet_t;
')
- dontaudit $1 stunnel_client_packet_t:packet send;
+ dontaudit $1 tor_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive stunnel_client packets.
+## Receive tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65396,17 +85774,17 @@ interface(`corenet_dontaudit_send_stunnel_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_stunnel_client_packets',`
+interface(`corenet_receive_tor_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type tor_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet recv;
+ allow $1 tor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive stunnel_client packets.
+## Do not audit attempts to receive tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65415,17 +85793,17 @@ interface(`corenet_receive_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_stunnel_client_packets',`
+interface(`corenet_dontaudit_receive_tor_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type tor_client_packet_t;
')
- dontaudit $1 stunnel_client_packet_t:packet recv;
+ dontaudit $1 tor_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive stunnel_client packets.
+## Send and receive tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65434,14 +85812,14 @@ interface(`corenet_dontaudit_receive_stunnel_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_stunnel_client_packets',`
- corenet_send_stunnel_client_packets($1)
- corenet_receive_stunnel_client_packets($1)
+interface(`corenet_sendrecv_tor_client_packets',`
+ corenet_send_tor_client_packets($1)
+ corenet_receive_tor_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive stunnel_client packets.
+## Do not audit attempts to send and receive tor_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65450,14 +85828,14 @@ interface(`corenet_sendrecv_stunnel_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
- corenet_dontaudit_send_stunnel_client_packets($1)
- corenet_dontaudit_receive_stunnel_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_tor_client_packets',`
+ corenet_dontaudit_send_tor_client_packets($1)
+ corenet_dontaudit_receive_tor_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to stunnel_client the packet type.
+## Relabel packets to tor_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65465,18 +85843,18 @@ interface(`corenet_dontaudit_sendrecv_stunnel_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_stunnel_client_packets',`
+interface(`corenet_relabelto_tor_client_packets',`
gen_require(`
- type stunnel_client_packet_t;
+ type tor_client_packet_t;
')
- allow $1 stunnel_client_packet_t:packet relabelto;
+ allow $1 tor_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send stunnel_server packets.
+## Send tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65485,17 +85863,17 @@ interface(`corenet_relabelto_stunnel_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_stunnel_server_packets',`
+interface(`corenet_send_tor_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type tor_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet send;
+ allow $1 tor_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send stunnel_server packets.
+## Do not audit attempts to send tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65504,17 +85882,17 @@ interface(`corenet_send_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_stunnel_server_packets',`
+interface(`corenet_dontaudit_send_tor_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type tor_server_packet_t;
')
- dontaudit $1 stunnel_server_packet_t:packet send;
+ dontaudit $1 tor_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive stunnel_server packets.
+## Receive tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65523,17 +85901,17 @@ interface(`corenet_dontaudit_send_stunnel_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_stunnel_server_packets',`
+interface(`corenet_receive_tor_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type tor_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet recv;
+ allow $1 tor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive stunnel_server packets.
+## Do not audit attempts to receive tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65542,17 +85920,17 @@ interface(`corenet_receive_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_stunnel_server_packets',`
+interface(`corenet_dontaudit_receive_tor_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type tor_server_packet_t;
')
- dontaudit $1 stunnel_server_packet_t:packet recv;
+ dontaudit $1 tor_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive stunnel_server packets.
+## Send and receive tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65561,14 +85939,14 @@ interface(`corenet_dontaudit_receive_stunnel_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_stunnel_server_packets',`
- corenet_send_stunnel_server_packets($1)
- corenet_receive_stunnel_server_packets($1)
+interface(`corenet_sendrecv_tor_server_packets',`
+ corenet_send_tor_server_packets($1)
+ corenet_receive_tor_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive stunnel_server packets.
+## Do not audit attempts to send and receive tor_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65577,14 +85955,14 @@ interface(`corenet_sendrecv_stunnel_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
- corenet_dontaudit_send_stunnel_server_packets($1)
- corenet_dontaudit_receive_stunnel_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_tor_server_packets',`
+ corenet_dontaudit_send_tor_server_packets($1)
+ corenet_dontaudit_receive_tor_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to stunnel_server the packet type.
+## Relabel packets to tor_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65592,20 +85970,20 @@ interface(`corenet_dontaudit_sendrecv_stunnel_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_stunnel_server_packets',`
+interface(`corenet_relabelto_tor_server_packets',`
gen_require(`
- type stunnel_server_packet_t;
+ type tor_server_packet_t;
')
- allow $1 stunnel_server_packet_t:packet relabelto;
+ allow $1 tor_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the swat port.
+## Send and receive TCP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65614,17 +85992,17 @@ interface(`corenet_relabelto_stunnel_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_swat_port',`
+interface(`corenet_tcp_sendrecv_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 traceroute_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the swat port.
+## Send UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65633,17 +86011,17 @@ interface(`corenet_tcp_sendrecv_swat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_swat_port',`
+interface(`corenet_udp_send_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:udp_socket send_msg;
+ allow $1 traceroute_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the swat port.
+## Do not audit attempts to send UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65652,17 +86030,17 @@ interface(`corenet_udp_send_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_swat_port',`
+interface(`corenet_dontaudit_udp_send_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- dontaudit $1 swat_port_t:udp_socket send_msg;
+ dontaudit $1 traceroute_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the swat port.
+## Receive UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65671,17 +86049,17 @@ interface(`corenet_dontaudit_udp_send_swat_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_swat_port',`
+interface(`corenet_udp_receive_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:udp_socket recv_msg;
+ allow $1 traceroute_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the swat port.
+## Do not audit attempts to receive UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65690,17 +86068,17 @@ interface(`corenet_udp_receive_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_swat_port',`
+interface(`corenet_dontaudit_udp_receive_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- dontaudit $1 swat_port_t:udp_socket recv_msg;
+ dontaudit $1 traceroute_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the swat port.
+## Send and receive UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65709,15 +86087,15 @@ interface(`corenet_dontaudit_udp_receive_swat_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_swat_port',`
- corenet_udp_send_swat_port($1)
- corenet_udp_receive_swat_port($1)
+interface(`corenet_udp_sendrecv_traceroute_port',`
+ corenet_udp_send_traceroute_port($1)
+ corenet_udp_receive_traceroute_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the swat port.
+## UDP traffic on the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65726,14 +86104,14 @@ interface(`corenet_udp_sendrecv_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
- corenet_dontaudit_udp_send_swat_port($1)
- corenet_dontaudit_udp_receive_swat_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_traceroute_port',`
+ corenet_dontaudit_udp_send_traceroute_port($1)
+ corenet_dontaudit_udp_receive_traceroute_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the swat port.
+## Bind TCP sockets to the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65742,18 +86120,18 @@ interface(`corenet_dontaudit_udp_sendrecv_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_swat_port',`
+interface(`corenet_tcp_bind_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:tcp_socket name_bind;
+ allow $1 traceroute_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the swat port.
+## Bind UDP sockets to the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65762,18 +86140,18 @@ interface(`corenet_tcp_bind_swat_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_swat_port',`
+interface(`corenet_udp_bind_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:udp_socket name_bind;
+ allow $1 traceroute_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the swat port.
+## Make a TCP connection to the traceroute port.
## </summary>
## <param name="domain">
## <summary>
@@ -65781,18 +86159,18 @@ interface(`corenet_udp_bind_swat_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_swat_port',`
+interface(`corenet_tcp_connect_traceroute_port',`
gen_require(`
- type swat_port_t;
+ type traceroute_port_t;
')
- allow $1 swat_port_t:tcp_socket name_connect;
+ allow $1 traceroute_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send swat_client packets.
+## Send traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65801,17 +86179,17 @@ interface(`corenet_tcp_connect_swat_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_swat_client_packets',`
+interface(`corenet_send_traceroute_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type traceroute_client_packet_t;
')
- allow $1 swat_client_packet_t:packet send;
+ allow $1 traceroute_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send swat_client packets.
+## Do not audit attempts to send traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65820,17 +86198,17 @@ interface(`corenet_send_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_swat_client_packets',`
+interface(`corenet_dontaudit_send_traceroute_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type traceroute_client_packet_t;
')
- dontaudit $1 swat_client_packet_t:packet send;
+ dontaudit $1 traceroute_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive swat_client packets.
+## Receive traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65839,17 +86217,17 @@ interface(`corenet_dontaudit_send_swat_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_swat_client_packets',`
+interface(`corenet_receive_traceroute_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type traceroute_client_packet_t;
')
- allow $1 swat_client_packet_t:packet recv;
+ allow $1 traceroute_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive swat_client packets.
+## Do not audit attempts to receive traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65858,17 +86236,17 @@ interface(`corenet_receive_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_swat_client_packets',`
+interface(`corenet_dontaudit_receive_traceroute_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type traceroute_client_packet_t;
')
- dontaudit $1 swat_client_packet_t:packet recv;
+ dontaudit $1 traceroute_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive swat_client packets.
+## Send and receive traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65877,14 +86255,14 @@ interface(`corenet_dontaudit_receive_swat_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_swat_client_packets',`
- corenet_send_swat_client_packets($1)
- corenet_receive_swat_client_packets($1)
+interface(`corenet_sendrecv_traceroute_client_packets',`
+ corenet_send_traceroute_client_packets($1)
+ corenet_receive_traceroute_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive swat_client packets.
+## Do not audit attempts to send and receive traceroute_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65893,14 +86271,14 @@ interface(`corenet_sendrecv_swat_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
- corenet_dontaudit_send_swat_client_packets($1)
- corenet_dontaudit_receive_swat_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_traceroute_client_packets',`
+ corenet_dontaudit_send_traceroute_client_packets($1)
+ corenet_dontaudit_receive_traceroute_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to swat_client the packet type.
+## Relabel packets to traceroute_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -65908,18 +86286,18 @@ interface(`corenet_dontaudit_sendrecv_swat_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_swat_client_packets',`
+interface(`corenet_relabelto_traceroute_client_packets',`
gen_require(`
- type swat_client_packet_t;
+ type traceroute_client_packet_t;
')
- allow $1 swat_client_packet_t:packet relabelto;
+ allow $1 traceroute_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send swat_server packets.
+## Send traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65928,17 +86306,17 @@ interface(`corenet_relabelto_swat_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_swat_server_packets',`
+interface(`corenet_send_traceroute_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type traceroute_server_packet_t;
')
- allow $1 swat_server_packet_t:packet send;
+ allow $1 traceroute_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send swat_server packets.
+## Do not audit attempts to send traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65947,17 +86325,17 @@ interface(`corenet_send_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_swat_server_packets',`
+interface(`corenet_dontaudit_send_traceroute_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type traceroute_server_packet_t;
')
- dontaudit $1 swat_server_packet_t:packet send;
+ dontaudit $1 traceroute_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive swat_server packets.
+## Receive traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65966,17 +86344,17 @@ interface(`corenet_dontaudit_send_swat_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_swat_server_packets',`
+interface(`corenet_receive_traceroute_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type traceroute_server_packet_t;
')
- allow $1 swat_server_packet_t:packet recv;
+ allow $1 traceroute_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive swat_server packets.
+## Do not audit attempts to receive traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -65985,17 +86363,17 @@ interface(`corenet_receive_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_swat_server_packets',`
+interface(`corenet_dontaudit_receive_traceroute_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type traceroute_server_packet_t;
')
- dontaudit $1 swat_server_packet_t:packet recv;
+ dontaudit $1 traceroute_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive swat_server packets.
+## Send and receive traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66004,14 +86382,14 @@ interface(`corenet_dontaudit_receive_swat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_swat_server_packets',`
- corenet_send_swat_server_packets($1)
- corenet_receive_swat_server_packets($1)
+interface(`corenet_sendrecv_traceroute_server_packets',`
+ corenet_send_traceroute_server_packets($1)
+ corenet_receive_traceroute_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive swat_server packets.
+## Do not audit attempts to send and receive traceroute_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66020,14 +86398,14 @@ interface(`corenet_sendrecv_swat_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
- corenet_dontaudit_send_swat_server_packets($1)
- corenet_dontaudit_receive_swat_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_traceroute_server_packets',`
+ corenet_dontaudit_send_traceroute_server_packets($1)
+ corenet_dontaudit_receive_traceroute_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to swat_server the packet type.
+## Relabel packets to traceroute_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66035,12 +86413,12 @@ interface(`corenet_dontaudit_sendrecv_swat_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_swat_server_packets',`
+interface(`corenet_relabelto_traceroute_server_packets',`
gen_require(`
- type swat_server_packet_t;
+ type traceroute_server_packet_t;
')
- allow $1 swat_server_packet_t:packet relabelto;
+ allow $1 traceroute_server_packet_t:packet relabelto;
')
@@ -66048,7 +86426,7 @@ interface(`corenet_relabelto_swat_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the syslogd port.
+## Send and receive TCP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66057,17 +86435,17 @@ interface(`corenet_relabelto_swat_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_syslogd_port',`
+interface(`corenet_tcp_sendrecv_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 transproxy_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the syslogd port.
+## Send UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66076,17 +86454,17 @@ interface(`corenet_tcp_sendrecv_syslogd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_syslogd_port',`
+interface(`corenet_udp_send_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:udp_socket send_msg;
+ allow $1 transproxy_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the syslogd port.
+## Do not audit attempts to send UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66095,17 +86473,17 @@ interface(`corenet_udp_send_syslogd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_syslogd_port',`
+interface(`corenet_dontaudit_udp_send_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- dontaudit $1 syslogd_port_t:udp_socket send_msg;
+ dontaudit $1 transproxy_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the syslogd port.
+## Receive UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66114,17 +86492,17 @@ interface(`corenet_dontaudit_udp_send_syslogd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_syslogd_port',`
+interface(`corenet_udp_receive_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:udp_socket recv_msg;
+ allow $1 transproxy_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the syslogd port.
+## Do not audit attempts to receive UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66133,17 +86511,17 @@ interface(`corenet_udp_receive_syslogd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_syslogd_port',`
+interface(`corenet_dontaudit_udp_receive_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- dontaudit $1 syslogd_port_t:udp_socket recv_msg;
+ dontaudit $1 transproxy_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the syslogd port.
+## Send and receive UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66152,15 +86530,15 @@ interface(`corenet_dontaudit_udp_receive_syslogd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_syslogd_port',`
- corenet_udp_send_syslogd_port($1)
- corenet_udp_receive_syslogd_port($1)
+interface(`corenet_udp_sendrecv_transproxy_port',`
+ corenet_udp_send_transproxy_port($1)
+ corenet_udp_receive_transproxy_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the syslogd port.
+## UDP traffic on the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66169,14 +86547,14 @@ interface(`corenet_udp_sendrecv_syslogd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_syslogd_port',`
- corenet_dontaudit_udp_send_syslogd_port($1)
- corenet_dontaudit_udp_receive_syslogd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_transproxy_port',`
+ corenet_dontaudit_udp_send_transproxy_port($1)
+ corenet_dontaudit_udp_receive_transproxy_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the syslogd port.
+## Bind TCP sockets to the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66185,18 +86563,18 @@ interface(`corenet_dontaudit_udp_sendrecv_syslogd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_syslogd_port',`
+interface(`corenet_tcp_bind_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 transproxy_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the syslogd port.
+## Bind UDP sockets to the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66205,18 +86583,18 @@ interface(`corenet_tcp_bind_syslogd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_syslogd_port',`
+interface(`corenet_udp_bind_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 transproxy_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the syslogd port.
+## Make a TCP connection to the transproxy port.
## </summary>
## <param name="domain">
## <summary>
@@ -66224,18 +86602,18 @@ interface(`corenet_udp_bind_syslogd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_syslogd_port',`
+interface(`corenet_tcp_connect_transproxy_port',`
gen_require(`
- type syslogd_port_t;
+ type transproxy_port_t;
')
- allow $1 syslogd_port_t:tcp_socket name_connect;
+ allow $1 transproxy_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send syslogd_client packets.
+## Send transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66244,17 +86622,17 @@ interface(`corenet_tcp_connect_syslogd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_syslogd_client_packets',`
+interface(`corenet_send_transproxy_client_packets',`
gen_require(`
- type syslogd_client_packet_t;
+ type transproxy_client_packet_t;
')
- allow $1 syslogd_client_packet_t:packet send;
+ allow $1 transproxy_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send syslogd_client packets.
+## Do not audit attempts to send transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66263,17 +86641,17 @@ interface(`corenet_send_syslogd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_syslogd_client_packets',`
+interface(`corenet_dontaudit_send_transproxy_client_packets',`
gen_require(`
- type syslogd_client_packet_t;
+ type transproxy_client_packet_t;
')
- dontaudit $1 syslogd_client_packet_t:packet send;
+ dontaudit $1 transproxy_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive syslogd_client packets.
+## Receive transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66282,17 +86660,17 @@ interface(`corenet_dontaudit_send_syslogd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_syslogd_client_packets',`
+interface(`corenet_receive_transproxy_client_packets',`
gen_require(`
- type syslogd_client_packet_t;
+ type transproxy_client_packet_t;
')
- allow $1 syslogd_client_packet_t:packet recv;
+ allow $1 transproxy_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive syslogd_client packets.
+## Do not audit attempts to receive transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66301,17 +86679,17 @@ interface(`corenet_receive_syslogd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_syslogd_client_packets',`
+interface(`corenet_dontaudit_receive_transproxy_client_packets',`
gen_require(`
- type syslogd_client_packet_t;
+ type transproxy_client_packet_t;
')
- dontaudit $1 syslogd_client_packet_t:packet recv;
+ dontaudit $1 transproxy_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive syslogd_client packets.
+## Send and receive transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66320,14 +86698,14 @@ interface(`corenet_dontaudit_receive_syslogd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_syslogd_client_packets',`
- corenet_send_syslogd_client_packets($1)
- corenet_receive_syslogd_client_packets($1)
+interface(`corenet_sendrecv_transproxy_client_packets',`
+ corenet_send_transproxy_client_packets($1)
+ corenet_receive_transproxy_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive syslogd_client packets.
+## Do not audit attempts to send and receive transproxy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66336,14 +86714,14 @@ interface(`corenet_sendrecv_syslogd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_syslogd_client_packets',`
- corenet_dontaudit_send_syslogd_client_packets($1)
- corenet_dontaudit_receive_syslogd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_transproxy_client_packets',`
+ corenet_dontaudit_send_transproxy_client_packets($1)
+ corenet_dontaudit_receive_transproxy_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to syslogd_client the packet type.
+## Relabel packets to transproxy_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66351,18 +86729,18 @@ interface(`corenet_dontaudit_sendrecv_syslogd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_syslogd_client_packets',`
+interface(`corenet_relabelto_transproxy_client_packets',`
gen_require(`
- type syslogd_client_packet_t;
+ type transproxy_client_packet_t;
')
- allow $1 syslogd_client_packet_t:packet relabelto;
+ allow $1 transproxy_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send syslogd_server packets.
+## Send transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66371,17 +86749,17 @@ interface(`corenet_relabelto_syslogd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_syslogd_server_packets',`
+interface(`corenet_send_transproxy_server_packets',`
gen_require(`
- type syslogd_server_packet_t;
+ type transproxy_server_packet_t;
')
- allow $1 syslogd_server_packet_t:packet send;
+ allow $1 transproxy_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send syslogd_server packets.
+## Do not audit attempts to send transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66390,17 +86768,17 @@ interface(`corenet_send_syslogd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_syslogd_server_packets',`
+interface(`corenet_dontaudit_send_transproxy_server_packets',`
gen_require(`
- type syslogd_server_packet_t;
+ type transproxy_server_packet_t;
')
- dontaudit $1 syslogd_server_packet_t:packet send;
+ dontaudit $1 transproxy_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive syslogd_server packets.
+## Receive transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66409,17 +86787,17 @@ interface(`corenet_dontaudit_send_syslogd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_syslogd_server_packets',`
+interface(`corenet_receive_transproxy_server_packets',`
gen_require(`
- type syslogd_server_packet_t;
+ type transproxy_server_packet_t;
')
- allow $1 syslogd_server_packet_t:packet recv;
+ allow $1 transproxy_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive syslogd_server packets.
+## Do not audit attempts to receive transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66428,17 +86806,17 @@ interface(`corenet_receive_syslogd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_syslogd_server_packets',`
+interface(`corenet_dontaudit_receive_transproxy_server_packets',`
gen_require(`
- type syslogd_server_packet_t;
+ type transproxy_server_packet_t;
')
- dontaudit $1 syslogd_server_packet_t:packet recv;
+ dontaudit $1 transproxy_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive syslogd_server packets.
+## Send and receive transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66447,14 +86825,14 @@ interface(`corenet_dontaudit_receive_syslogd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_syslogd_server_packets',`
- corenet_send_syslogd_server_packets($1)
- corenet_receive_syslogd_server_packets($1)
+interface(`corenet_sendrecv_transproxy_server_packets',`
+ corenet_send_transproxy_server_packets($1)
+ corenet_receive_transproxy_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive syslogd_server packets.
+## Do not audit attempts to send and receive transproxy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66463,14 +86841,14 @@ interface(`corenet_sendrecv_syslogd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_syslogd_server_packets',`
- corenet_dontaudit_send_syslogd_server_packets($1)
- corenet_dontaudit_receive_syslogd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_transproxy_server_packets',`
+ corenet_dontaudit_send_transproxy_server_packets($1)
+ corenet_dontaudit_receive_transproxy_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to syslogd_server the packet type.
+## Relabel packets to transproxy_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66478,12 +86856,12 @@ interface(`corenet_dontaudit_sendrecv_syslogd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_syslogd_server_packets',`
+interface(`corenet_relabelto_transproxy_server_packets',`
gen_require(`
- type syslogd_server_packet_t;
+ type transproxy_server_packet_t;
')
- allow $1 syslogd_server_packet_t:packet relabelto;
+ allow $1 transproxy_server_packet_t:packet relabelto;
')
@@ -66491,7 +86869,7 @@ interface(`corenet_relabelto_syslogd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the tcs port.
+## Send and receive TCP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66500,17 +86878,17 @@ interface(`corenet_relabelto_syslogd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_tcs_port',`
+interface(`corenet_tcp_sendrecv_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 trisoap_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the tcs port.
+## Send UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66519,17 +86897,17 @@ interface(`corenet_tcp_sendrecv_tcs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_tcs_port',`
+interface(`corenet_udp_send_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:udp_socket send_msg;
+ allow $1 trisoap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the tcs port.
+## Do not audit attempts to send UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66538,17 +86916,17 @@ interface(`corenet_udp_send_tcs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_tcs_port',`
+interface(`corenet_dontaudit_udp_send_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- dontaudit $1 tcs_port_t:udp_socket send_msg;
+ dontaudit $1 trisoap_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the tcs port.
+## Receive UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66557,17 +86935,17 @@ interface(`corenet_dontaudit_udp_send_tcs_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_tcs_port',`
+interface(`corenet_udp_receive_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:udp_socket recv_msg;
+ allow $1 trisoap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the tcs port.
+## Do not audit attempts to receive UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66576,17 +86954,17 @@ interface(`corenet_udp_receive_tcs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_tcs_port',`
+interface(`corenet_dontaudit_udp_receive_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- dontaudit $1 tcs_port_t:udp_socket recv_msg;
+ dontaudit $1 trisoap_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the tcs port.
+## Send and receive UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66595,15 +86973,15 @@ interface(`corenet_dontaudit_udp_receive_tcs_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_tcs_port',`
- corenet_udp_send_tcs_port($1)
- corenet_udp_receive_tcs_port($1)
+interface(`corenet_udp_sendrecv_trisoap_port',`
+ corenet_udp_send_trisoap_port($1)
+ corenet_udp_receive_trisoap_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the tcs port.
+## UDP traffic on the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66612,14 +86990,14 @@ interface(`corenet_udp_sendrecv_tcs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_tcs_port',`
- corenet_dontaudit_udp_send_tcs_port($1)
- corenet_dontaudit_udp_receive_tcs_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_trisoap_port',`
+ corenet_dontaudit_udp_send_trisoap_port($1)
+ corenet_dontaudit_udp_receive_trisoap_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the tcs port.
+## Bind TCP sockets to the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66628,18 +87006,18 @@ interface(`corenet_dontaudit_udp_sendrecv_tcs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_tcs_port',`
+interface(`corenet_tcp_bind_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:tcp_socket name_bind;
+ allow $1 trisoap_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the tcs port.
+## Bind UDP sockets to the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66648,18 +87026,18 @@ interface(`corenet_tcp_bind_tcs_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_tcs_port',`
+interface(`corenet_udp_bind_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:udp_socket name_bind;
+ allow $1 trisoap_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the tcs port.
+## Make a TCP connection to the trisoap port.
## </summary>
## <param name="domain">
## <summary>
@@ -66667,18 +87045,18 @@ interface(`corenet_udp_bind_tcs_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_tcs_port',`
+interface(`corenet_tcp_connect_trisoap_port',`
gen_require(`
- type tcs_port_t;
+ type trisoap_port_t;
')
- allow $1 tcs_port_t:tcp_socket name_connect;
+ allow $1 trisoap_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send tcs_client packets.
+## Send trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66687,17 +87065,17 @@ interface(`corenet_tcp_connect_tcs_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tcs_client_packets',`
+interface(`corenet_send_trisoap_client_packets',`
gen_require(`
- type tcs_client_packet_t;
+ type trisoap_client_packet_t;
')
- allow $1 tcs_client_packet_t:packet send;
+ allow $1 trisoap_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tcs_client packets.
+## Do not audit attempts to send trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66706,17 +87084,17 @@ interface(`corenet_send_tcs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tcs_client_packets',`
+interface(`corenet_dontaudit_send_trisoap_client_packets',`
gen_require(`
- type tcs_client_packet_t;
+ type trisoap_client_packet_t;
')
- dontaudit $1 tcs_client_packet_t:packet send;
+ dontaudit $1 trisoap_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive tcs_client packets.
+## Receive trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66725,17 +87103,17 @@ interface(`corenet_dontaudit_send_tcs_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tcs_client_packets',`
+interface(`corenet_receive_trisoap_client_packets',`
gen_require(`
- type tcs_client_packet_t;
+ type trisoap_client_packet_t;
')
- allow $1 tcs_client_packet_t:packet recv;
+ allow $1 trisoap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tcs_client packets.
+## Do not audit attempts to receive trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66744,17 +87122,17 @@ interface(`corenet_receive_tcs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tcs_client_packets',`
+interface(`corenet_dontaudit_receive_trisoap_client_packets',`
gen_require(`
- type tcs_client_packet_t;
+ type trisoap_client_packet_t;
')
- dontaudit $1 tcs_client_packet_t:packet recv;
+ dontaudit $1 trisoap_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tcs_client packets.
+## Send and receive trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66763,14 +87141,14 @@ interface(`corenet_dontaudit_receive_tcs_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tcs_client_packets',`
- corenet_send_tcs_client_packets($1)
- corenet_receive_tcs_client_packets($1)
+interface(`corenet_sendrecv_trisoap_client_packets',`
+ corenet_send_trisoap_client_packets($1)
+ corenet_receive_trisoap_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tcs_client packets.
+## Do not audit attempts to send and receive trisoap_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66779,14 +87157,14 @@ interface(`corenet_sendrecv_tcs_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tcs_client_packets',`
- corenet_dontaudit_send_tcs_client_packets($1)
- corenet_dontaudit_receive_tcs_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_trisoap_client_packets',`
+ corenet_dontaudit_send_trisoap_client_packets($1)
+ corenet_dontaudit_receive_trisoap_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to tcs_client the packet type.
+## Relabel packets to trisoap_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66794,18 +87172,18 @@ interface(`corenet_dontaudit_sendrecv_tcs_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tcs_client_packets',`
+interface(`corenet_relabelto_trisoap_client_packets',`
gen_require(`
- type tcs_client_packet_t;
+ type trisoap_client_packet_t;
')
- allow $1 tcs_client_packet_t:packet relabelto;
+ allow $1 trisoap_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send tcs_server packets.
+## Send trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66814,17 +87192,17 @@ interface(`corenet_relabelto_tcs_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tcs_server_packets',`
+interface(`corenet_send_trisoap_server_packets',`
gen_require(`
- type tcs_server_packet_t;
+ type trisoap_server_packet_t;
')
- allow $1 tcs_server_packet_t:packet send;
+ allow $1 trisoap_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tcs_server packets.
+## Do not audit attempts to send trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66833,17 +87211,17 @@ interface(`corenet_send_tcs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tcs_server_packets',`
+interface(`corenet_dontaudit_send_trisoap_server_packets',`
gen_require(`
- type tcs_server_packet_t;
+ type trisoap_server_packet_t;
')
- dontaudit $1 tcs_server_packet_t:packet send;
+ dontaudit $1 trisoap_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive tcs_server packets.
+## Receive trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66852,17 +87230,17 @@ interface(`corenet_dontaudit_send_tcs_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tcs_server_packets',`
+interface(`corenet_receive_trisoap_server_packets',`
gen_require(`
- type tcs_server_packet_t;
+ type trisoap_server_packet_t;
')
- allow $1 tcs_server_packet_t:packet recv;
+ allow $1 trisoap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tcs_server packets.
+## Do not audit attempts to receive trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66871,17 +87249,17 @@ interface(`corenet_receive_tcs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tcs_server_packets',`
+interface(`corenet_dontaudit_receive_trisoap_server_packets',`
gen_require(`
- type tcs_server_packet_t;
+ type trisoap_server_packet_t;
')
- dontaudit $1 tcs_server_packet_t:packet recv;
+ dontaudit $1 trisoap_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tcs_server packets.
+## Send and receive trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66890,14 +87268,14 @@ interface(`corenet_dontaudit_receive_tcs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tcs_server_packets',`
- corenet_send_tcs_server_packets($1)
- corenet_receive_tcs_server_packets($1)
+interface(`corenet_sendrecv_trisoap_server_packets',`
+ corenet_send_trisoap_server_packets($1)
+ corenet_receive_trisoap_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tcs_server packets.
+## Do not audit attempts to send and receive trisoap_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -66906,14 +87284,14 @@ interface(`corenet_sendrecv_tcs_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tcs_server_packets',`
- corenet_dontaudit_send_tcs_server_packets($1)
- corenet_dontaudit_receive_tcs_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_trisoap_server_packets',`
+ corenet_dontaudit_send_trisoap_server_packets($1)
+ corenet_dontaudit_receive_trisoap_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to tcs_server the packet type.
+## Relabel packets to trisoap_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -66921,12 +87299,12 @@ interface(`corenet_dontaudit_sendrecv_tcs_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tcs_server_packets',`
+interface(`corenet_relabelto_trisoap_server_packets',`
gen_require(`
- type tcs_server_packet_t;
+ type trisoap_server_packet_t;
')
- allow $1 tcs_server_packet_t:packet relabelto;
+ allow $1 trisoap_server_packet_t:packet relabelto;
')
@@ -66934,7 +87312,7 @@ interface(`corenet_relabelto_tcs_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the telnetd port.
+## Send and receive TCP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -66943,17 +87321,17 @@ interface(`corenet_relabelto_tcs_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_telnetd_port',`
+interface(`corenet_tcp_sendrecv_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 ups_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the telnetd port.
+## Send UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -66962,17 +87340,17 @@ interface(`corenet_tcp_sendrecv_telnetd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_telnetd_port',`
+interface(`corenet_udp_send_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:udp_socket send_msg;
+ allow $1 ups_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the telnetd port.
+## Do not audit attempts to send UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -66981,17 +87359,17 @@ interface(`corenet_udp_send_telnetd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_telnetd_port',`
+interface(`corenet_dontaudit_udp_send_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- dontaudit $1 telnetd_port_t:udp_socket send_msg;
+ dontaudit $1 ups_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the telnetd port.
+## Receive UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67000,17 +87378,17 @@ interface(`corenet_dontaudit_udp_send_telnetd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_telnetd_port',`
+interface(`corenet_udp_receive_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:udp_socket recv_msg;
+ allow $1 ups_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the telnetd port.
+## Do not audit attempts to receive UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67019,17 +87397,17 @@ interface(`corenet_udp_receive_telnetd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_telnetd_port',`
+interface(`corenet_dontaudit_udp_receive_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- dontaudit $1 telnetd_port_t:udp_socket recv_msg;
+ dontaudit $1 ups_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the telnetd port.
+## Send and receive UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67038,15 +87416,15 @@ interface(`corenet_dontaudit_udp_receive_telnetd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_telnetd_port',`
- corenet_udp_send_telnetd_port($1)
- corenet_udp_receive_telnetd_port($1)
+interface(`corenet_udp_sendrecv_ups_port',`
+ corenet_udp_send_ups_port($1)
+ corenet_udp_receive_ups_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the telnetd port.
+## UDP traffic on the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67055,14 +87433,14 @@ interface(`corenet_udp_sendrecv_telnetd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_telnetd_port',`
- corenet_dontaudit_udp_send_telnetd_port($1)
- corenet_dontaudit_udp_receive_telnetd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_ups_port',`
+ corenet_dontaudit_udp_send_ups_port($1)
+ corenet_dontaudit_udp_receive_ups_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the telnetd port.
+## Bind TCP sockets to the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67071,18 +87449,18 @@ interface(`corenet_dontaudit_udp_sendrecv_telnetd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_telnetd_port',`
+interface(`corenet_tcp_bind_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ups_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the telnetd port.
+## Bind UDP sockets to the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67091,18 +87469,18 @@ interface(`corenet_tcp_bind_telnetd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_telnetd_port',`
+interface(`corenet_udp_bind_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 ups_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the telnetd port.
+## Make a TCP connection to the ups port.
## </summary>
## <param name="domain">
## <summary>
@@ -67110,18 +87488,18 @@ interface(`corenet_udp_bind_telnetd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_telnetd_port',`
+interface(`corenet_tcp_connect_ups_port',`
gen_require(`
- type telnetd_port_t;
+ type ups_port_t;
')
- allow $1 telnetd_port_t:tcp_socket name_connect;
+ allow $1 ups_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send telnetd_client packets.
+## Send ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67130,17 +87508,17 @@ interface(`corenet_tcp_connect_telnetd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_telnetd_client_packets',`
+interface(`corenet_send_ups_client_packets',`
gen_require(`
- type telnetd_client_packet_t;
+ type ups_client_packet_t;
')
- allow $1 telnetd_client_packet_t:packet send;
+ allow $1 ups_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send telnetd_client packets.
+## Do not audit attempts to send ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67149,17 +87527,17 @@ interface(`corenet_send_telnetd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_telnetd_client_packets',`
+interface(`corenet_dontaudit_send_ups_client_packets',`
gen_require(`
- type telnetd_client_packet_t;
+ type ups_client_packet_t;
')
- dontaudit $1 telnetd_client_packet_t:packet send;
+ dontaudit $1 ups_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive telnetd_client packets.
+## Receive ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67168,17 +87546,17 @@ interface(`corenet_dontaudit_send_telnetd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_telnetd_client_packets',`
+interface(`corenet_receive_ups_client_packets',`
gen_require(`
- type telnetd_client_packet_t;
+ type ups_client_packet_t;
')
- allow $1 telnetd_client_packet_t:packet recv;
+ allow $1 ups_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive telnetd_client packets.
+## Do not audit attempts to receive ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67187,17 +87565,17 @@ interface(`corenet_receive_telnetd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_telnetd_client_packets',`
+interface(`corenet_dontaudit_receive_ups_client_packets',`
gen_require(`
- type telnetd_client_packet_t;
+ type ups_client_packet_t;
')
- dontaudit $1 telnetd_client_packet_t:packet recv;
+ dontaudit $1 ups_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive telnetd_client packets.
+## Send and receive ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67206,14 +87584,14 @@ interface(`corenet_dontaudit_receive_telnetd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_telnetd_client_packets',`
- corenet_send_telnetd_client_packets($1)
- corenet_receive_telnetd_client_packets($1)
+interface(`corenet_sendrecv_ups_client_packets',`
+ corenet_send_ups_client_packets($1)
+ corenet_receive_ups_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive telnetd_client packets.
+## Do not audit attempts to send and receive ups_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67222,14 +87600,14 @@ interface(`corenet_sendrecv_telnetd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_telnetd_client_packets',`
- corenet_dontaudit_send_telnetd_client_packets($1)
- corenet_dontaudit_receive_telnetd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_ups_client_packets',`
+ corenet_dontaudit_send_ups_client_packets($1)
+ corenet_dontaudit_receive_ups_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to telnetd_client the packet type.
+## Relabel packets to ups_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67237,18 +87615,18 @@ interface(`corenet_dontaudit_sendrecv_telnetd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_telnetd_client_packets',`
+interface(`corenet_relabelto_ups_client_packets',`
gen_require(`
- type telnetd_client_packet_t;
+ type ups_client_packet_t;
')
- allow $1 telnetd_client_packet_t:packet relabelto;
+ allow $1 ups_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send telnetd_server packets.
+## Send ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67257,17 +87635,17 @@ interface(`corenet_relabelto_telnetd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_telnetd_server_packets',`
+interface(`corenet_send_ups_server_packets',`
gen_require(`
- type telnetd_server_packet_t;
+ type ups_server_packet_t;
')
- allow $1 telnetd_server_packet_t:packet send;
+ allow $1 ups_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send telnetd_server packets.
+## Do not audit attempts to send ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67276,17 +87654,17 @@ interface(`corenet_send_telnetd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_telnetd_server_packets',`
+interface(`corenet_dontaudit_send_ups_server_packets',`
gen_require(`
- type telnetd_server_packet_t;
+ type ups_server_packet_t;
')
- dontaudit $1 telnetd_server_packet_t:packet send;
+ dontaudit $1 ups_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive telnetd_server packets.
+## Receive ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67295,17 +87673,17 @@ interface(`corenet_dontaudit_send_telnetd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_telnetd_server_packets',`
+interface(`corenet_receive_ups_server_packets',`
gen_require(`
- type telnetd_server_packet_t;
+ type ups_server_packet_t;
')
- allow $1 telnetd_server_packet_t:packet recv;
+ allow $1 ups_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive telnetd_server packets.
+## Do not audit attempts to receive ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67314,17 +87692,17 @@ interface(`corenet_receive_telnetd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_telnetd_server_packets',`
+interface(`corenet_dontaudit_receive_ups_server_packets',`
gen_require(`
- type telnetd_server_packet_t;
+ type ups_server_packet_t;
')
- dontaudit $1 telnetd_server_packet_t:packet recv;
+ dontaudit $1 ups_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive telnetd_server packets.
+## Send and receive ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67333,14 +87711,14 @@ interface(`corenet_dontaudit_receive_telnetd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_telnetd_server_packets',`
- corenet_send_telnetd_server_packets($1)
- corenet_receive_telnetd_server_packets($1)
+interface(`corenet_sendrecv_ups_server_packets',`
+ corenet_send_ups_server_packets($1)
+ corenet_receive_ups_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive telnetd_server packets.
+## Do not audit attempts to send and receive ups_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67349,14 +87727,14 @@ interface(`corenet_sendrecv_telnetd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_telnetd_server_packets',`
- corenet_dontaudit_send_telnetd_server_packets($1)
- corenet_dontaudit_receive_telnetd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_ups_server_packets',`
+ corenet_dontaudit_send_ups_server_packets($1)
+ corenet_dontaudit_receive_ups_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to telnetd_server the packet type.
+## Relabel packets to ups_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67364,12 +87742,12 @@ interface(`corenet_dontaudit_sendrecv_telnetd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_telnetd_server_packets',`
+interface(`corenet_relabelto_ups_server_packets',`
gen_require(`
- type telnetd_server_packet_t;
+ type ups_server_packet_t;
')
- allow $1 telnetd_server_packet_t:packet relabelto;
+ allow $1 ups_server_packet_t:packet relabelto;
')
@@ -67377,7 +87755,7 @@ interface(`corenet_relabelto_telnetd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the tftp port.
+## Send and receive TCP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67386,17 +87764,17 @@ interface(`corenet_relabelto_telnetd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_tftp_port',`
+interface(`corenet_tcp_sendrecv_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 utcpserver_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the tftp port.
+## Send UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67405,17 +87783,17 @@ interface(`corenet_tcp_sendrecv_tftp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_tftp_port',`
+interface(`corenet_udp_send_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:udp_socket send_msg;
+ allow $1 utcpserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the tftp port.
+## Do not audit attempts to send UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67424,17 +87802,17 @@ interface(`corenet_udp_send_tftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_tftp_port',`
+interface(`corenet_dontaudit_udp_send_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- dontaudit $1 tftp_port_t:udp_socket send_msg;
+ dontaudit $1 utcpserver_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the tftp port.
+## Receive UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67443,17 +87821,17 @@ interface(`corenet_dontaudit_udp_send_tftp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_tftp_port',`
+interface(`corenet_udp_receive_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:udp_socket recv_msg;
+ allow $1 utcpserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the tftp port.
+## Do not audit attempts to receive UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67462,17 +87840,17 @@ interface(`corenet_udp_receive_tftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_tftp_port',`
+interface(`corenet_dontaudit_udp_receive_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- dontaudit $1 tftp_port_t:udp_socket recv_msg;
+ dontaudit $1 utcpserver_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the tftp port.
+## Send and receive UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67481,15 +87859,15 @@ interface(`corenet_dontaudit_udp_receive_tftp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_tftp_port',`
- corenet_udp_send_tftp_port($1)
- corenet_udp_receive_tftp_port($1)
+interface(`corenet_udp_sendrecv_utcpserver_port',`
+ corenet_udp_send_utcpserver_port($1)
+ corenet_udp_receive_utcpserver_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the tftp port.
+## UDP traffic on the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67498,14 +87876,14 @@ interface(`corenet_udp_sendrecv_tftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_tftp_port',`
- corenet_dontaudit_udp_send_tftp_port($1)
- corenet_dontaudit_udp_receive_tftp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_utcpserver_port',`
+ corenet_dontaudit_udp_send_utcpserver_port($1)
+ corenet_dontaudit_udp_receive_utcpserver_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the tftp port.
+## Bind TCP sockets to the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67514,18 +87892,18 @@ interface(`corenet_dontaudit_udp_sendrecv_tftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_tftp_port',`
+interface(`corenet_tcp_bind_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 utcpserver_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the tftp port.
+## Bind UDP sockets to the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67534,18 +87912,18 @@ interface(`corenet_tcp_bind_tftp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_tftp_port',`
+interface(`corenet_udp_bind_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 utcpserver_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the tftp port.
+## Make a TCP connection to the utcpserver port.
## </summary>
## <param name="domain">
## <summary>
@@ -67553,18 +87931,18 @@ interface(`corenet_udp_bind_tftp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_tftp_port',`
+interface(`corenet_tcp_connect_utcpserver_port',`
gen_require(`
- type tftp_port_t;
+ type utcpserver_port_t;
')
- allow $1 tftp_port_t:tcp_socket name_connect;
+ allow $1 utcpserver_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send tftp_client packets.
+## Send utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67573,17 +87951,17 @@ interface(`corenet_tcp_connect_tftp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tftp_client_packets',`
+interface(`corenet_send_utcpserver_client_packets',`
gen_require(`
- type tftp_client_packet_t;
+ type utcpserver_client_packet_t;
')
- allow $1 tftp_client_packet_t:packet send;
+ allow $1 utcpserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tftp_client packets.
+## Do not audit attempts to send utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67592,17 +87970,17 @@ interface(`corenet_send_tftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tftp_client_packets',`
+interface(`corenet_dontaudit_send_utcpserver_client_packets',`
gen_require(`
- type tftp_client_packet_t;
+ type utcpserver_client_packet_t;
')
- dontaudit $1 tftp_client_packet_t:packet send;
+ dontaudit $1 utcpserver_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive tftp_client packets.
+## Receive utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67611,17 +87989,17 @@ interface(`corenet_dontaudit_send_tftp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tftp_client_packets',`
+interface(`corenet_receive_utcpserver_client_packets',`
gen_require(`
- type tftp_client_packet_t;
+ type utcpserver_client_packet_t;
')
- allow $1 tftp_client_packet_t:packet recv;
+ allow $1 utcpserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tftp_client packets.
+## Do not audit attempts to receive utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67630,17 +88008,17 @@ interface(`corenet_receive_tftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tftp_client_packets',`
+interface(`corenet_dontaudit_receive_utcpserver_client_packets',`
gen_require(`
- type tftp_client_packet_t;
+ type utcpserver_client_packet_t;
')
- dontaudit $1 tftp_client_packet_t:packet recv;
+ dontaudit $1 utcpserver_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tftp_client packets.
+## Send and receive utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67649,14 +88027,14 @@ interface(`corenet_dontaudit_receive_tftp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tftp_client_packets',`
- corenet_send_tftp_client_packets($1)
- corenet_receive_tftp_client_packets($1)
+interface(`corenet_sendrecv_utcpserver_client_packets',`
+ corenet_send_utcpserver_client_packets($1)
+ corenet_receive_utcpserver_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tftp_client packets.
+## Do not audit attempts to send and receive utcpserver_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67665,14 +88043,14 @@ interface(`corenet_sendrecv_tftp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tftp_client_packets',`
- corenet_dontaudit_send_tftp_client_packets($1)
- corenet_dontaudit_receive_tftp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_utcpserver_client_packets',`
+ corenet_dontaudit_send_utcpserver_client_packets($1)
+ corenet_dontaudit_receive_utcpserver_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to tftp_client the packet type.
+## Relabel packets to utcpserver_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67680,18 +88058,18 @@ interface(`corenet_dontaudit_sendrecv_tftp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tftp_client_packets',`
+interface(`corenet_relabelto_utcpserver_client_packets',`
gen_require(`
- type tftp_client_packet_t;
+ type utcpserver_client_packet_t;
')
- allow $1 tftp_client_packet_t:packet relabelto;
+ allow $1 utcpserver_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send tftp_server packets.
+## Send utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67700,17 +88078,17 @@ interface(`corenet_relabelto_tftp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tftp_server_packets',`
+interface(`corenet_send_utcpserver_server_packets',`
gen_require(`
- type tftp_server_packet_t;
+ type utcpserver_server_packet_t;
')
- allow $1 tftp_server_packet_t:packet send;
+ allow $1 utcpserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tftp_server packets.
+## Do not audit attempts to send utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67719,17 +88097,17 @@ interface(`corenet_send_tftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tftp_server_packets',`
+interface(`corenet_dontaudit_send_utcpserver_server_packets',`
gen_require(`
- type tftp_server_packet_t;
+ type utcpserver_server_packet_t;
')
- dontaudit $1 tftp_server_packet_t:packet send;
+ dontaudit $1 utcpserver_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive tftp_server packets.
+## Receive utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67738,17 +88116,17 @@ interface(`corenet_dontaudit_send_tftp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tftp_server_packets',`
+interface(`corenet_receive_utcpserver_server_packets',`
gen_require(`
- type tftp_server_packet_t;
+ type utcpserver_server_packet_t;
')
- allow $1 tftp_server_packet_t:packet recv;
+ allow $1 utcpserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tftp_server packets.
+## Do not audit attempts to receive utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67757,17 +88135,17 @@ interface(`corenet_receive_tftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tftp_server_packets',`
+interface(`corenet_dontaudit_receive_utcpserver_server_packets',`
gen_require(`
- type tftp_server_packet_t;
+ type utcpserver_server_packet_t;
')
- dontaudit $1 tftp_server_packet_t:packet recv;
+ dontaudit $1 utcpserver_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tftp_server packets.
+## Send and receive utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67776,14 +88154,14 @@ interface(`corenet_dontaudit_receive_tftp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tftp_server_packets',`
- corenet_send_tftp_server_packets($1)
- corenet_receive_tftp_server_packets($1)
+interface(`corenet_sendrecv_utcpserver_server_packets',`
+ corenet_send_utcpserver_server_packets($1)
+ corenet_receive_utcpserver_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tftp_server packets.
+## Do not audit attempts to send and receive utcpserver_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -67792,14 +88170,14 @@ interface(`corenet_sendrecv_tftp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tftp_server_packets',`
- corenet_dontaudit_send_tftp_server_packets($1)
- corenet_dontaudit_receive_tftp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_utcpserver_server_packets',`
+ corenet_dontaudit_send_utcpserver_server_packets($1)
+ corenet_dontaudit_receive_utcpserver_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to tftp_server the packet type.
+## Relabel packets to utcpserver_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -67807,20 +88185,20 @@ interface(`corenet_dontaudit_sendrecv_tftp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tftp_server_packets',`
+interface(`corenet_relabelto_utcpserver_server_packets',`
gen_require(`
- type tftp_server_packet_t;
+ type utcpserver_server_packet_t;
')
- allow $1 tftp_server_packet_t:packet relabelto;
+ allow $1 utcpserver_server_packet_t:packet relabelto;
')
-
+ # no defined portcon
########################################
## <summary>
-## Send and receive TCP traffic on the tor port.
+## Send and receive TCP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67829,17 +88207,17 @@ interface(`corenet_relabelto_tftp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_tor_port',`
+interface(`corenet_tcp_sendrecv_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 uucpd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the tor port.
+## Send UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67848,17 +88226,17 @@ interface(`corenet_tcp_sendrecv_tor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_tor_port',`
+interface(`corenet_udp_send_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:udp_socket send_msg;
+ allow $1 uucpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the tor port.
+## Do not audit attempts to send UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67867,17 +88245,17 @@ interface(`corenet_udp_send_tor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_tor_port',`
+interface(`corenet_dontaudit_udp_send_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- dontaudit $1 tor_port_t:udp_socket send_msg;
+ dontaudit $1 uucpd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the tor port.
+## Receive UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67886,17 +88264,17 @@ interface(`corenet_dontaudit_udp_send_tor_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_tor_port',`
+interface(`corenet_udp_receive_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:udp_socket recv_msg;
+ allow $1 uucpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the tor port.
+## Do not audit attempts to receive UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67905,17 +88283,17 @@ interface(`corenet_udp_receive_tor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_tor_port',`
+interface(`corenet_dontaudit_udp_receive_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- dontaudit $1 tor_port_t:udp_socket recv_msg;
+ dontaudit $1 uucpd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the tor port.
+## Send and receive UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67924,15 +88302,15 @@ interface(`corenet_dontaudit_udp_receive_tor_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_tor_port',`
- corenet_udp_send_tor_port($1)
- corenet_udp_receive_tor_port($1)
+interface(`corenet_udp_sendrecv_uucpd_port',`
+ corenet_udp_send_uucpd_port($1)
+ corenet_udp_receive_uucpd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the tor port.
+## UDP traffic on the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67941,14 +88319,14 @@ interface(`corenet_udp_sendrecv_tor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_tor_port',`
- corenet_dontaudit_udp_send_tor_port($1)
- corenet_dontaudit_udp_receive_tor_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_uucpd_port',`
+ corenet_dontaudit_udp_send_uucpd_port($1)
+ corenet_dontaudit_udp_receive_uucpd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the tor port.
+## Bind TCP sockets to the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67957,18 +88335,18 @@ interface(`corenet_dontaudit_udp_sendrecv_tor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_tor_port',`
+interface(`corenet_tcp_bind_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:tcp_socket name_bind;
-
+ allow $1 uucpd_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the tor port.
+## Bind UDP sockets to the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67977,18 +88355,18 @@ interface(`corenet_tcp_bind_tor_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_tor_port',`
+interface(`corenet_udp_bind_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:udp_socket name_bind;
-
+ allow $1 uucpd_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the tor port.
+## Make a TCP connection to the uucpd port.
## </summary>
## <param name="domain">
## <summary>
@@ -67996,18 +88374,18 @@ interface(`corenet_udp_bind_tor_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_tor_port',`
+interface(`corenet_tcp_connect_uucpd_port',`
gen_require(`
- type tor_port_t;
+ type uucpd_port_t;
')
- allow $1 tor_port_t:tcp_socket name_connect;
+ allow $1 uucpd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send tor_client packets.
+## Send uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68016,17 +88394,17 @@ interface(`corenet_tcp_connect_tor_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tor_client_packets',`
+interface(`corenet_send_uucpd_client_packets',`
gen_require(`
- type tor_client_packet_t;
+ type uucpd_client_packet_t;
')
- allow $1 tor_client_packet_t:packet send;
+ allow $1 uucpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tor_client packets.
+## Do not audit attempts to send uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68035,17 +88413,17 @@ interface(`corenet_send_tor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tor_client_packets',`
+interface(`corenet_dontaudit_send_uucpd_client_packets',`
gen_require(`
- type tor_client_packet_t;
+ type uucpd_client_packet_t;
')
- dontaudit $1 tor_client_packet_t:packet send;
+ dontaudit $1 uucpd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive tor_client packets.
+## Receive uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68054,17 +88432,17 @@ interface(`corenet_dontaudit_send_tor_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tor_client_packets',`
+interface(`corenet_receive_uucpd_client_packets',`
gen_require(`
- type tor_client_packet_t;
+ type uucpd_client_packet_t;
')
- allow $1 tor_client_packet_t:packet recv;
+ allow $1 uucpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tor_client packets.
+## Do not audit attempts to receive uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68073,17 +88451,17 @@ interface(`corenet_receive_tor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tor_client_packets',`
+interface(`corenet_dontaudit_receive_uucpd_client_packets',`
gen_require(`
- type tor_client_packet_t;
+ type uucpd_client_packet_t;
')
- dontaudit $1 tor_client_packet_t:packet recv;
+ dontaudit $1 uucpd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tor_client packets.
+## Send and receive uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68092,14 +88470,14 @@ interface(`corenet_dontaudit_receive_tor_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tor_client_packets',`
- corenet_send_tor_client_packets($1)
- corenet_receive_tor_client_packets($1)
+interface(`corenet_sendrecv_uucpd_client_packets',`
+ corenet_send_uucpd_client_packets($1)
+ corenet_receive_uucpd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tor_client packets.
+## Do not audit attempts to send and receive uucpd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68108,14 +88486,14 @@ interface(`corenet_sendrecv_tor_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tor_client_packets',`
- corenet_dontaudit_send_tor_client_packets($1)
- corenet_dontaudit_receive_tor_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_uucpd_client_packets',`
+ corenet_dontaudit_send_uucpd_client_packets($1)
+ corenet_dontaudit_receive_uucpd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to tor_client the packet type.
+## Relabel packets to uucpd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68123,18 +88501,18 @@ interface(`corenet_dontaudit_sendrecv_tor_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tor_client_packets',`
+interface(`corenet_relabelto_uucpd_client_packets',`
gen_require(`
- type tor_client_packet_t;
+ type uucpd_client_packet_t;
')
- allow $1 tor_client_packet_t:packet relabelto;
+ allow $1 uucpd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send tor_server packets.
+## Send uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68143,17 +88521,17 @@ interface(`corenet_relabelto_tor_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_tor_server_packets',`
+interface(`corenet_send_uucpd_server_packets',`
gen_require(`
- type tor_server_packet_t;
+ type uucpd_server_packet_t;
')
- allow $1 tor_server_packet_t:packet send;
+ allow $1 uucpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send tor_server packets.
+## Do not audit attempts to send uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68162,17 +88540,17 @@ interface(`corenet_send_tor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_tor_server_packets',`
+interface(`corenet_dontaudit_send_uucpd_server_packets',`
gen_require(`
- type tor_server_packet_t;
+ type uucpd_server_packet_t;
')
- dontaudit $1 tor_server_packet_t:packet send;
+ dontaudit $1 uucpd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive tor_server packets.
+## Receive uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68181,17 +88559,17 @@ interface(`corenet_dontaudit_send_tor_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_tor_server_packets',`
+interface(`corenet_receive_uucpd_server_packets',`
gen_require(`
- type tor_server_packet_t;
+ type uucpd_server_packet_t;
')
- allow $1 tor_server_packet_t:packet recv;
+ allow $1 uucpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive tor_server packets.
+## Do not audit attempts to receive uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68200,17 +88578,17 @@ interface(`corenet_receive_tor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_tor_server_packets',`
+interface(`corenet_dontaudit_receive_uucpd_server_packets',`
gen_require(`
- type tor_server_packet_t;
+ type uucpd_server_packet_t;
')
- dontaudit $1 tor_server_packet_t:packet recv;
+ dontaudit $1 uucpd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive tor_server packets.
+## Send and receive uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68219,14 +88597,14 @@ interface(`corenet_dontaudit_receive_tor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_tor_server_packets',`
- corenet_send_tor_server_packets($1)
- corenet_receive_tor_server_packets($1)
+interface(`corenet_sendrecv_uucpd_server_packets',`
+ corenet_send_uucpd_server_packets($1)
+ corenet_receive_uucpd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive tor_server packets.
+## Do not audit attempts to send and receive uucpd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68235,14 +88613,14 @@ interface(`corenet_sendrecv_tor_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_tor_server_packets',`
- corenet_dontaudit_send_tor_server_packets($1)
- corenet_dontaudit_receive_tor_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_uucpd_server_packets',`
+ corenet_dontaudit_send_uucpd_server_packets($1)
+ corenet_dontaudit_receive_uucpd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to tor_server the packet type.
+## Relabel packets to uucpd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68250,12 +88628,12 @@ interface(`corenet_dontaudit_sendrecv_tor_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_tor_server_packets',`
+interface(`corenet_relabelto_uucpd_server_packets',`
gen_require(`
- type tor_server_packet_t;
+ type uucpd_server_packet_t;
')
- allow $1 tor_server_packet_t:packet relabelto;
+ allow $1 uucpd_server_packet_t:packet relabelto;
')
@@ -68263,7 +88641,7 @@ interface(`corenet_relabelto_tor_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the traceroute port.
+## Send and receive TCP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68272,17 +88650,17 @@ interface(`corenet_relabelto_tor_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_traceroute_port',`
+interface(`corenet_tcp_sendrecv_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 varnishd_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the traceroute port.
+## Send UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68291,17 +88669,17 @@ interface(`corenet_tcp_sendrecv_traceroute_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_traceroute_port',`
+interface(`corenet_udp_send_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:udp_socket send_msg;
+ allow $1 varnishd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the traceroute port.
+## Do not audit attempts to send UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68310,17 +88688,17 @@ interface(`corenet_udp_send_traceroute_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_traceroute_port',`
+interface(`corenet_dontaudit_udp_send_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- dontaudit $1 traceroute_port_t:udp_socket send_msg;
+ dontaudit $1 varnishd_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the traceroute port.
+## Receive UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68329,17 +88707,17 @@ interface(`corenet_dontaudit_udp_send_traceroute_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_traceroute_port',`
+interface(`corenet_udp_receive_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:udp_socket recv_msg;
+ allow $1 varnishd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the traceroute port.
+## Do not audit attempts to receive UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68348,17 +88726,17 @@ interface(`corenet_udp_receive_traceroute_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_traceroute_port',`
+interface(`corenet_dontaudit_udp_receive_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- dontaudit $1 traceroute_port_t:udp_socket recv_msg;
+ dontaudit $1 varnishd_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the traceroute port.
+## Send and receive UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68367,15 +88745,15 @@ interface(`corenet_dontaudit_udp_receive_traceroute_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_traceroute_port',`
- corenet_udp_send_traceroute_port($1)
- corenet_udp_receive_traceroute_port($1)
+interface(`corenet_udp_sendrecv_varnishd_port',`
+ corenet_udp_send_varnishd_port($1)
+ corenet_udp_receive_varnishd_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the traceroute port.
+## UDP traffic on the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68384,14 +88762,14 @@ interface(`corenet_udp_sendrecv_traceroute_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_traceroute_port',`
- corenet_dontaudit_udp_send_traceroute_port($1)
- corenet_dontaudit_udp_receive_traceroute_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_varnishd_port',`
+ corenet_dontaudit_udp_send_varnishd_port($1)
+ corenet_dontaudit_udp_receive_varnishd_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the traceroute port.
+## Bind TCP sockets to the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68400,18 +88778,18 @@ interface(`corenet_dontaudit_udp_sendrecv_traceroute_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_traceroute_port',`
+interface(`corenet_tcp_bind_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:tcp_socket name_bind;
+ allow $1 varnishd_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the traceroute port.
+## Bind UDP sockets to the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68420,18 +88798,18 @@ interface(`corenet_tcp_bind_traceroute_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_traceroute_port',`
+interface(`corenet_udp_bind_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:udp_socket name_bind;
+ allow $1 varnishd_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the traceroute port.
+## Make a TCP connection to the varnishd port.
## </summary>
## <param name="domain">
## <summary>
@@ -68439,18 +88817,18 @@ interface(`corenet_udp_bind_traceroute_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_traceroute_port',`
+interface(`corenet_tcp_connect_varnishd_port',`
gen_require(`
- type traceroute_port_t;
+ type varnishd_port_t;
')
- allow $1 traceroute_port_t:tcp_socket name_connect;
+ allow $1 varnishd_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send traceroute_client packets.
+## Send varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68459,17 +88837,17 @@ interface(`corenet_tcp_connect_traceroute_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_traceroute_client_packets',`
+interface(`corenet_send_varnishd_client_packets',`
gen_require(`
- type traceroute_client_packet_t;
+ type varnishd_client_packet_t;
')
- allow $1 traceroute_client_packet_t:packet send;
+ allow $1 varnishd_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send traceroute_client packets.
+## Do not audit attempts to send varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68478,17 +88856,17 @@ interface(`corenet_send_traceroute_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_traceroute_client_packets',`
+interface(`corenet_dontaudit_send_varnishd_client_packets',`
gen_require(`
- type traceroute_client_packet_t;
+ type varnishd_client_packet_t;
')
- dontaudit $1 traceroute_client_packet_t:packet send;
+ dontaudit $1 varnishd_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive traceroute_client packets.
+## Receive varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68497,17 +88875,17 @@ interface(`corenet_dontaudit_send_traceroute_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_traceroute_client_packets',`
+interface(`corenet_receive_varnishd_client_packets',`
gen_require(`
- type traceroute_client_packet_t;
+ type varnishd_client_packet_t;
')
- allow $1 traceroute_client_packet_t:packet recv;
+ allow $1 varnishd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive traceroute_client packets.
+## Do not audit attempts to receive varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68516,17 +88894,17 @@ interface(`corenet_receive_traceroute_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_traceroute_client_packets',`
+interface(`corenet_dontaudit_receive_varnishd_client_packets',`
gen_require(`
- type traceroute_client_packet_t;
+ type varnishd_client_packet_t;
')
- dontaudit $1 traceroute_client_packet_t:packet recv;
+ dontaudit $1 varnishd_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive traceroute_client packets.
+## Send and receive varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68535,14 +88913,14 @@ interface(`corenet_dontaudit_receive_traceroute_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_traceroute_client_packets',`
- corenet_send_traceroute_client_packets($1)
- corenet_receive_traceroute_client_packets($1)
+interface(`corenet_sendrecv_varnishd_client_packets',`
+ corenet_send_varnishd_client_packets($1)
+ corenet_receive_varnishd_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive traceroute_client packets.
+## Do not audit attempts to send and receive varnishd_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68551,14 +88929,14 @@ interface(`corenet_sendrecv_traceroute_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_traceroute_client_packets',`
- corenet_dontaudit_send_traceroute_client_packets($1)
- corenet_dontaudit_receive_traceroute_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_varnishd_client_packets',`
+ corenet_dontaudit_send_varnishd_client_packets($1)
+ corenet_dontaudit_receive_varnishd_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to traceroute_client the packet type.
+## Relabel packets to varnishd_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68566,18 +88944,18 @@ interface(`corenet_dontaudit_sendrecv_traceroute_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_traceroute_client_packets',`
+interface(`corenet_relabelto_varnishd_client_packets',`
gen_require(`
- type traceroute_client_packet_t;
+ type varnishd_client_packet_t;
')
- allow $1 traceroute_client_packet_t:packet relabelto;
+ allow $1 varnishd_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send traceroute_server packets.
+## Send varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68586,17 +88964,17 @@ interface(`corenet_relabelto_traceroute_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_traceroute_server_packets',`
+interface(`corenet_send_varnishd_server_packets',`
gen_require(`
- type traceroute_server_packet_t;
+ type varnishd_server_packet_t;
')
- allow $1 traceroute_server_packet_t:packet send;
+ allow $1 varnishd_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send traceroute_server packets.
+## Do not audit attempts to send varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68605,17 +88983,17 @@ interface(`corenet_send_traceroute_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_traceroute_server_packets',`
+interface(`corenet_dontaudit_send_varnishd_server_packets',`
gen_require(`
- type traceroute_server_packet_t;
+ type varnishd_server_packet_t;
')
- dontaudit $1 traceroute_server_packet_t:packet send;
+ dontaudit $1 varnishd_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive traceroute_server packets.
+## Receive varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68624,17 +89002,17 @@ interface(`corenet_dontaudit_send_traceroute_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_traceroute_server_packets',`
+interface(`corenet_receive_varnishd_server_packets',`
gen_require(`
- type traceroute_server_packet_t;
+ type varnishd_server_packet_t;
')
- allow $1 traceroute_server_packet_t:packet recv;
+ allow $1 varnishd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive traceroute_server packets.
+## Do not audit attempts to receive varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68643,17 +89021,17 @@ interface(`corenet_receive_traceroute_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_traceroute_server_packets',`
+interface(`corenet_dontaudit_receive_varnishd_server_packets',`
gen_require(`
- type traceroute_server_packet_t;
+ type varnishd_server_packet_t;
')
- dontaudit $1 traceroute_server_packet_t:packet recv;
+ dontaudit $1 varnishd_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive traceroute_server packets.
+## Send and receive varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68662,14 +89040,14 @@ interface(`corenet_dontaudit_receive_traceroute_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_traceroute_server_packets',`
- corenet_send_traceroute_server_packets($1)
- corenet_receive_traceroute_server_packets($1)
+interface(`corenet_sendrecv_varnishd_server_packets',`
+ corenet_send_varnishd_server_packets($1)
+ corenet_receive_varnishd_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive traceroute_server packets.
+## Do not audit attempts to send and receive varnishd_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68678,14 +89056,14 @@ interface(`corenet_sendrecv_traceroute_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_traceroute_server_packets',`
- corenet_dontaudit_send_traceroute_server_packets($1)
- corenet_dontaudit_receive_traceroute_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_varnishd_server_packets',`
+ corenet_dontaudit_send_varnishd_server_packets($1)
+ corenet_dontaudit_receive_varnishd_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to traceroute_server the packet type.
+## Relabel packets to varnishd_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -68693,12 +89071,12 @@ interface(`corenet_dontaudit_sendrecv_traceroute_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_traceroute_server_packets',`
+interface(`corenet_relabelto_varnishd_server_packets',`
gen_require(`
- type traceroute_server_packet_t;
+ type varnishd_server_packet_t;
')
- allow $1 traceroute_server_packet_t:packet relabelto;
+ allow $1 varnishd_server_packet_t:packet relabelto;
')
@@ -68706,7 +89084,7 @@ interface(`corenet_relabelto_traceroute_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the transproxy port.
+## Send and receive TCP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68715,17 +89093,17 @@ interface(`corenet_relabelto_traceroute_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_transproxy_port',`
+interface(`corenet_tcp_sendrecv_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 virt_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the transproxy port.
+## Send UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68734,17 +89112,17 @@ interface(`corenet_tcp_sendrecv_transproxy_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_transproxy_port',`
+interface(`corenet_udp_send_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:udp_socket send_msg;
+ allow $1 virt_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the transproxy port.
+## Do not audit attempts to send UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68753,17 +89131,17 @@ interface(`corenet_udp_send_transproxy_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_transproxy_port',`
+interface(`corenet_dontaudit_udp_send_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- dontaudit $1 transproxy_port_t:udp_socket send_msg;
+ dontaudit $1 virt_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the transproxy port.
+## Receive UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68772,17 +89150,17 @@ interface(`corenet_dontaudit_udp_send_transproxy_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_transproxy_port',`
+interface(`corenet_udp_receive_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:udp_socket recv_msg;
+ allow $1 virt_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the transproxy port.
+## Do not audit attempts to receive UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68791,17 +89169,17 @@ interface(`corenet_udp_receive_transproxy_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_transproxy_port',`
+interface(`corenet_dontaudit_udp_receive_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- dontaudit $1 transproxy_port_t:udp_socket recv_msg;
+ dontaudit $1 virt_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the transproxy port.
+## Send and receive UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68810,15 +89188,15 @@ interface(`corenet_dontaudit_udp_receive_transproxy_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_transproxy_port',`
- corenet_udp_send_transproxy_port($1)
- corenet_udp_receive_transproxy_port($1)
+interface(`corenet_udp_sendrecv_virt_port',`
+ corenet_udp_send_virt_port($1)
+ corenet_udp_receive_virt_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the transproxy port.
+## UDP traffic on the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68827,14 +89205,14 @@ interface(`corenet_udp_sendrecv_transproxy_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_transproxy_port',`
- corenet_dontaudit_udp_send_transproxy_port($1)
- corenet_dontaudit_udp_receive_transproxy_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_virt_port',`
+ corenet_dontaudit_udp_send_virt_port($1)
+ corenet_dontaudit_udp_receive_virt_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the transproxy port.
+## Bind TCP sockets to the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68843,18 +89221,18 @@ interface(`corenet_dontaudit_udp_sendrecv_transproxy_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_transproxy_port',`
+interface(`corenet_tcp_bind_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:tcp_socket name_bind;
+ allow $1 virt_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the transproxy port.
+## Bind UDP sockets to the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68863,18 +89241,18 @@ interface(`corenet_tcp_bind_transproxy_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_transproxy_port',`
+interface(`corenet_udp_bind_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:udp_socket name_bind;
+ allow $1 virt_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the transproxy port.
+## Make a TCP connection to the virt port.
## </summary>
## <param name="domain">
## <summary>
@@ -68882,18 +89260,18 @@ interface(`corenet_udp_bind_transproxy_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_transproxy_port',`
+interface(`corenet_tcp_connect_virt_port',`
gen_require(`
- type transproxy_port_t;
+ type virt_port_t;
')
- allow $1 transproxy_port_t:tcp_socket name_connect;
+ allow $1 virt_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send transproxy_client packets.
+## Send virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68902,17 +89280,17 @@ interface(`corenet_tcp_connect_transproxy_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_transproxy_client_packets',`
+interface(`corenet_send_virt_client_packets',`
gen_require(`
- type transproxy_client_packet_t;
+ type virt_client_packet_t;
')
- allow $1 transproxy_client_packet_t:packet send;
+ allow $1 virt_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send transproxy_client packets.
+## Do not audit attempts to send virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68921,17 +89299,17 @@ interface(`corenet_send_transproxy_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_transproxy_client_packets',`
+interface(`corenet_dontaudit_send_virt_client_packets',`
gen_require(`
- type transproxy_client_packet_t;
+ type virt_client_packet_t;
')
- dontaudit $1 transproxy_client_packet_t:packet send;
+ dontaudit $1 virt_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive transproxy_client packets.
+## Receive virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68940,17 +89318,17 @@ interface(`corenet_dontaudit_send_transproxy_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_transproxy_client_packets',`
+interface(`corenet_receive_virt_client_packets',`
gen_require(`
- type transproxy_client_packet_t;
+ type virt_client_packet_t;
')
- allow $1 transproxy_client_packet_t:packet recv;
+ allow $1 virt_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive transproxy_client packets.
+## Do not audit attempts to receive virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68959,17 +89337,17 @@ interface(`corenet_receive_transproxy_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_transproxy_client_packets',`
+interface(`corenet_dontaudit_receive_virt_client_packets',`
gen_require(`
- type transproxy_client_packet_t;
+ type virt_client_packet_t;
')
- dontaudit $1 transproxy_client_packet_t:packet recv;
+ dontaudit $1 virt_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive transproxy_client packets.
+## Send and receive virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68978,14 +89356,14 @@ interface(`corenet_dontaudit_receive_transproxy_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_transproxy_client_packets',`
- corenet_send_transproxy_client_packets($1)
- corenet_receive_transproxy_client_packets($1)
+interface(`corenet_sendrecv_virt_client_packets',`
+ corenet_send_virt_client_packets($1)
+ corenet_receive_virt_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive transproxy_client packets.
+## Do not audit attempts to send and receive virt_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -68994,14 +89372,14 @@ interface(`corenet_sendrecv_transproxy_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_transproxy_client_packets',`
- corenet_dontaudit_send_transproxy_client_packets($1)
- corenet_dontaudit_receive_transproxy_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_virt_client_packets',`
+ corenet_dontaudit_send_virt_client_packets($1)
+ corenet_dontaudit_receive_virt_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to transproxy_client the packet type.
+## Relabel packets to virt_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69009,18 +89387,18 @@ interface(`corenet_dontaudit_sendrecv_transproxy_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_transproxy_client_packets',`
+interface(`corenet_relabelto_virt_client_packets',`
gen_require(`
- type transproxy_client_packet_t;
+ type virt_client_packet_t;
')
- allow $1 transproxy_client_packet_t:packet relabelto;
+ allow $1 virt_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send transproxy_server packets.
+## Send virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69029,17 +89407,17 @@ interface(`corenet_relabelto_transproxy_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_transproxy_server_packets',`
+interface(`corenet_send_virt_server_packets',`
gen_require(`
- type transproxy_server_packet_t;
+ type virt_server_packet_t;
')
- allow $1 transproxy_server_packet_t:packet send;
+ allow $1 virt_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send transproxy_server packets.
+## Do not audit attempts to send virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69048,17 +89426,17 @@ interface(`corenet_send_transproxy_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_transproxy_server_packets',`
+interface(`corenet_dontaudit_send_virt_server_packets',`
gen_require(`
- type transproxy_server_packet_t;
+ type virt_server_packet_t;
')
- dontaudit $1 transproxy_server_packet_t:packet send;
+ dontaudit $1 virt_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive transproxy_server packets.
+## Receive virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69067,17 +89445,17 @@ interface(`corenet_dontaudit_send_transproxy_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_transproxy_server_packets',`
+interface(`corenet_receive_virt_server_packets',`
gen_require(`
- type transproxy_server_packet_t;
+ type virt_server_packet_t;
')
- allow $1 transproxy_server_packet_t:packet recv;
+ allow $1 virt_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive transproxy_server packets.
+## Do not audit attempts to receive virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69086,17 +89464,17 @@ interface(`corenet_receive_transproxy_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_transproxy_server_packets',`
+interface(`corenet_dontaudit_receive_virt_server_packets',`
gen_require(`
- type transproxy_server_packet_t;
+ type virt_server_packet_t;
')
- dontaudit $1 transproxy_server_packet_t:packet recv;
+ dontaudit $1 virt_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive transproxy_server packets.
+## Send and receive virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69105,14 +89483,14 @@ interface(`corenet_dontaudit_receive_transproxy_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_transproxy_server_packets',`
- corenet_send_transproxy_server_packets($1)
- corenet_receive_transproxy_server_packets($1)
+interface(`corenet_sendrecv_virt_server_packets',`
+ corenet_send_virt_server_packets($1)
+ corenet_receive_virt_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive transproxy_server packets.
+## Do not audit attempts to send and receive virt_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69121,14 +89499,14 @@ interface(`corenet_sendrecv_transproxy_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_transproxy_server_packets',`
- corenet_dontaudit_send_transproxy_server_packets($1)
- corenet_dontaudit_receive_transproxy_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_virt_server_packets',`
+ corenet_dontaudit_send_virt_server_packets($1)
+ corenet_dontaudit_receive_virt_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to transproxy_server the packet type.
+## Relabel packets to virt_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69136,12 +89514,12 @@ interface(`corenet_dontaudit_sendrecv_transproxy_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_transproxy_server_packets',`
+interface(`corenet_relabelto_virt_server_packets',`
gen_require(`
- type transproxy_server_packet_t;
+ type virt_server_packet_t;
')
- allow $1 transproxy_server_packet_t:packet relabelto;
+ allow $1 virt_server_packet_t:packet relabelto;
')
@@ -69149,7 +89527,7 @@ interface(`corenet_relabelto_transproxy_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the ups port.
+## Send and receive TCP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69158,17 +89536,17 @@ interface(`corenet_relabelto_transproxy_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_ups_port',`
+interface(`corenet_tcp_sendrecv_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 virtual_places_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the ups port.
+## Send UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69177,17 +89555,17 @@ interface(`corenet_tcp_sendrecv_ups_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_ups_port',`
+interface(`corenet_udp_send_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:udp_socket send_msg;
+ allow $1 virtual_places_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the ups port.
+## Do not audit attempts to send UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69196,17 +89574,17 @@ interface(`corenet_udp_send_ups_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_ups_port',`
+interface(`corenet_dontaudit_udp_send_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- dontaudit $1 ups_port_t:udp_socket send_msg;
+ dontaudit $1 virtual_places_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the ups port.
+## Receive UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69215,17 +89593,17 @@ interface(`corenet_dontaudit_udp_send_ups_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_ups_port',`
+interface(`corenet_udp_receive_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:udp_socket recv_msg;
+ allow $1 virtual_places_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the ups port.
+## Do not audit attempts to receive UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69234,17 +89612,17 @@ interface(`corenet_udp_receive_ups_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_ups_port',`
+interface(`corenet_dontaudit_udp_receive_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- dontaudit $1 ups_port_t:udp_socket recv_msg;
+ dontaudit $1 virtual_places_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the ups port.
+## Send and receive UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69253,15 +89631,15 @@ interface(`corenet_dontaudit_udp_receive_ups_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_ups_port',`
- corenet_udp_send_ups_port($1)
- corenet_udp_receive_ups_port($1)
+interface(`corenet_udp_sendrecv_virtual_places_port',`
+ corenet_udp_send_virtual_places_port($1)
+ corenet_udp_receive_virtual_places_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the ups port.
+## UDP traffic on the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69270,14 +89648,14 @@ interface(`corenet_udp_sendrecv_ups_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_ups_port',`
- corenet_dontaudit_udp_send_ups_port($1)
- corenet_dontaudit_udp_receive_ups_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_virtual_places_port',`
+ corenet_dontaudit_udp_send_virtual_places_port($1)
+ corenet_dontaudit_udp_receive_virtual_places_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the ups port.
+## Bind TCP sockets to the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69286,18 +89664,18 @@ interface(`corenet_dontaudit_udp_sendrecv_ups_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_ups_port',`
+interface(`corenet_tcp_bind_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:tcp_socket name_bind;
+ allow $1 virtual_places_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the ups port.
+## Bind UDP sockets to the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69306,18 +89684,18 @@ interface(`corenet_tcp_bind_ups_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_ups_port',`
+interface(`corenet_udp_bind_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:udp_socket name_bind;
+ allow $1 virtual_places_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the ups port.
+## Make a TCP connection to the virtual_places port.
## </summary>
## <param name="domain">
## <summary>
@@ -69325,18 +89703,18 @@ interface(`corenet_udp_bind_ups_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_ups_port',`
+interface(`corenet_tcp_connect_virtual_places_port',`
gen_require(`
- type ups_port_t;
+ type virtual_places_port_t;
')
- allow $1 ups_port_t:tcp_socket name_connect;
+ allow $1 virtual_places_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send ups_client packets.
+## Send virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69345,17 +89723,17 @@ interface(`corenet_tcp_connect_ups_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ups_client_packets',`
+interface(`corenet_send_virtual_places_client_packets',`
gen_require(`
- type ups_client_packet_t;
+ type virtual_places_client_packet_t;
')
- allow $1 ups_client_packet_t:packet send;
+ allow $1 virtual_places_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ups_client packets.
+## Do not audit attempts to send virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69364,17 +89742,17 @@ interface(`corenet_send_ups_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ups_client_packets',`
+interface(`corenet_dontaudit_send_virtual_places_client_packets',`
gen_require(`
- type ups_client_packet_t;
+ type virtual_places_client_packet_t;
')
- dontaudit $1 ups_client_packet_t:packet send;
+ dontaudit $1 virtual_places_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive ups_client packets.
+## Receive virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69383,17 +89761,17 @@ interface(`corenet_dontaudit_send_ups_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ups_client_packets',`
+interface(`corenet_receive_virtual_places_client_packets',`
gen_require(`
- type ups_client_packet_t;
+ type virtual_places_client_packet_t;
')
- allow $1 ups_client_packet_t:packet recv;
+ allow $1 virtual_places_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ups_client packets.
+## Do not audit attempts to receive virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69402,17 +89780,17 @@ interface(`corenet_receive_ups_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ups_client_packets',`
+interface(`corenet_dontaudit_receive_virtual_places_client_packets',`
gen_require(`
- type ups_client_packet_t;
+ type virtual_places_client_packet_t;
')
- dontaudit $1 ups_client_packet_t:packet recv;
+ dontaudit $1 virtual_places_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ups_client packets.
+## Send and receive virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69421,14 +89799,14 @@ interface(`corenet_dontaudit_receive_ups_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ups_client_packets',`
- corenet_send_ups_client_packets($1)
- corenet_receive_ups_client_packets($1)
+interface(`corenet_sendrecv_virtual_places_client_packets',`
+ corenet_send_virtual_places_client_packets($1)
+ corenet_receive_virtual_places_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ups_client packets.
+## Do not audit attempts to send and receive virtual_places_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69437,14 +89815,14 @@ interface(`corenet_sendrecv_ups_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ups_client_packets',`
- corenet_dontaudit_send_ups_client_packets($1)
- corenet_dontaudit_receive_ups_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_virtual_places_client_packets',`
+ corenet_dontaudit_send_virtual_places_client_packets($1)
+ corenet_dontaudit_receive_virtual_places_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to ups_client the packet type.
+## Relabel packets to virtual_places_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69452,18 +89830,18 @@ interface(`corenet_dontaudit_sendrecv_ups_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ups_client_packets',`
+interface(`corenet_relabelto_virtual_places_client_packets',`
gen_require(`
- type ups_client_packet_t;
+ type virtual_places_client_packet_t;
')
- allow $1 ups_client_packet_t:packet relabelto;
+ allow $1 virtual_places_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send ups_server packets.
+## Send virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69472,17 +89850,17 @@ interface(`corenet_relabelto_ups_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_ups_server_packets',`
+interface(`corenet_send_virtual_places_server_packets',`
gen_require(`
- type ups_server_packet_t;
+ type virtual_places_server_packet_t;
')
- allow $1 ups_server_packet_t:packet send;
+ allow $1 virtual_places_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send ups_server packets.
+## Do not audit attempts to send virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69491,17 +89869,17 @@ interface(`corenet_send_ups_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_ups_server_packets',`
+interface(`corenet_dontaudit_send_virtual_places_server_packets',`
gen_require(`
- type ups_server_packet_t;
+ type virtual_places_server_packet_t;
')
- dontaudit $1 ups_server_packet_t:packet send;
+ dontaudit $1 virtual_places_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive ups_server packets.
+## Receive virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69510,17 +89888,17 @@ interface(`corenet_dontaudit_send_ups_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_ups_server_packets',`
+interface(`corenet_receive_virtual_places_server_packets',`
gen_require(`
- type ups_server_packet_t;
+ type virtual_places_server_packet_t;
')
- allow $1 ups_server_packet_t:packet recv;
+ allow $1 virtual_places_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive ups_server packets.
+## Do not audit attempts to receive virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69529,17 +89907,17 @@ interface(`corenet_receive_ups_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_ups_server_packets',`
+interface(`corenet_dontaudit_receive_virtual_places_server_packets',`
gen_require(`
- type ups_server_packet_t;
+ type virtual_places_server_packet_t;
')
- dontaudit $1 ups_server_packet_t:packet recv;
+ dontaudit $1 virtual_places_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive ups_server packets.
+## Send and receive virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69548,14 +89926,14 @@ interface(`corenet_dontaudit_receive_ups_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_ups_server_packets',`
- corenet_send_ups_server_packets($1)
- corenet_receive_ups_server_packets($1)
+interface(`corenet_sendrecv_virtual_places_server_packets',`
+ corenet_send_virtual_places_server_packets($1)
+ corenet_receive_virtual_places_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive ups_server packets.
+## Do not audit attempts to send and receive virtual_places_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69564,14 +89942,14 @@ interface(`corenet_sendrecv_ups_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_ups_server_packets',`
- corenet_dontaudit_send_ups_server_packets($1)
- corenet_dontaudit_receive_ups_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_virtual_places_server_packets',`
+ corenet_dontaudit_send_virtual_places_server_packets($1)
+ corenet_dontaudit_receive_virtual_places_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to ups_server the packet type.
+## Relabel packets to virtual_places_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69579,12 +89957,12 @@ interface(`corenet_dontaudit_sendrecv_ups_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_ups_server_packets',`
+interface(`corenet_relabelto_virtual_places_server_packets',`
gen_require(`
- type ups_server_packet_t;
+ type virtual_places_server_packet_t;
')
- allow $1 ups_server_packet_t:packet relabelto;
+ allow $1 virtual_places_server_packet_t:packet relabelto;
')
@@ -69592,7 +89970,7 @@ interface(`corenet_relabelto_ups_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the utcpserver port.
+## Send and receive TCP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69601,17 +89979,17 @@ interface(`corenet_relabelto_ups_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_utcpserver_port',`
+interface(`corenet_tcp_sendrecv_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 virt_migration_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the utcpserver port.
+## Send UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69620,17 +89998,17 @@ interface(`corenet_tcp_sendrecv_utcpserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_utcpserver_port',`
+interface(`corenet_udp_send_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:udp_socket send_msg;
+ allow $1 virt_migration_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the utcpserver port.
+## Do not audit attempts to send UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69639,17 +90017,17 @@ interface(`corenet_udp_send_utcpserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_utcpserver_port',`
+interface(`corenet_dontaudit_udp_send_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- dontaudit $1 utcpserver_port_t:udp_socket send_msg;
+ dontaudit $1 virt_migration_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the utcpserver port.
+## Receive UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69658,17 +90036,17 @@ interface(`corenet_dontaudit_udp_send_utcpserver_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_utcpserver_port',`
+interface(`corenet_udp_receive_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:udp_socket recv_msg;
+ allow $1 virt_migration_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the utcpserver port.
+## Do not audit attempts to receive UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69677,17 +90055,17 @@ interface(`corenet_udp_receive_utcpserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_utcpserver_port',`
+interface(`corenet_dontaudit_udp_receive_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- dontaudit $1 utcpserver_port_t:udp_socket recv_msg;
+ dontaudit $1 virt_migration_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the utcpserver port.
+## Send and receive UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69696,15 +90074,15 @@ interface(`corenet_dontaudit_udp_receive_utcpserver_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_utcpserver_port',`
- corenet_udp_send_utcpserver_port($1)
- corenet_udp_receive_utcpserver_port($1)
+interface(`corenet_udp_sendrecv_virt_migration_port',`
+ corenet_udp_send_virt_migration_port($1)
+ corenet_udp_receive_virt_migration_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the utcpserver port.
+## UDP traffic on the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69713,14 +90091,14 @@ interface(`corenet_udp_sendrecv_utcpserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_utcpserver_port',`
- corenet_dontaudit_udp_send_utcpserver_port($1)
- corenet_dontaudit_udp_receive_utcpserver_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_virt_migration_port',`
+ corenet_dontaudit_udp_send_virt_migration_port($1)
+ corenet_dontaudit_udp_receive_virt_migration_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the utcpserver port.
+## Bind TCP sockets to the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69729,18 +90107,18 @@ interface(`corenet_dontaudit_udp_sendrecv_utcpserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_utcpserver_port',`
+interface(`corenet_tcp_bind_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:tcp_socket name_bind;
-
+ allow $1 virt_migration_port_t:tcp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the utcpserver port.
+## Bind UDP sockets to the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69749,18 +90127,18 @@ interface(`corenet_tcp_bind_utcpserver_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_utcpserver_port',`
+interface(`corenet_udp_bind_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:udp_socket name_bind;
-
+ allow $1 virt_migration_port_t:udp_socket name_bind;
+ allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the utcpserver port.
+## Make a TCP connection to the virt_migration port.
## </summary>
## <param name="domain">
## <summary>
@@ -69768,18 +90146,18 @@ interface(`corenet_udp_bind_utcpserver_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_utcpserver_port',`
+interface(`corenet_tcp_connect_virt_migration_port',`
gen_require(`
- type utcpserver_port_t;
+ type virt_migration_port_t;
')
- allow $1 utcpserver_port_t:tcp_socket name_connect;
+ allow $1 virt_migration_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send utcpserver_client packets.
+## Send virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69788,17 +90166,17 @@ interface(`corenet_tcp_connect_utcpserver_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_utcpserver_client_packets',`
+interface(`corenet_send_virt_migration_client_packets',`
gen_require(`
- type utcpserver_client_packet_t;
+ type virt_migration_client_packet_t;
')
- allow $1 utcpserver_client_packet_t:packet send;
+ allow $1 virt_migration_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send utcpserver_client packets.
+## Do not audit attempts to send virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69807,17 +90185,17 @@ interface(`corenet_send_utcpserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_utcpserver_client_packets',`
+interface(`corenet_dontaudit_send_virt_migration_client_packets',`
gen_require(`
- type utcpserver_client_packet_t;
+ type virt_migration_client_packet_t;
')
- dontaudit $1 utcpserver_client_packet_t:packet send;
+ dontaudit $1 virt_migration_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive utcpserver_client packets.
+## Receive virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69826,17 +90204,17 @@ interface(`corenet_dontaudit_send_utcpserver_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_utcpserver_client_packets',`
+interface(`corenet_receive_virt_migration_client_packets',`
gen_require(`
- type utcpserver_client_packet_t;
+ type virt_migration_client_packet_t;
')
- allow $1 utcpserver_client_packet_t:packet recv;
+ allow $1 virt_migration_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive utcpserver_client packets.
+## Do not audit attempts to receive virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69845,17 +90223,17 @@ interface(`corenet_receive_utcpserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_utcpserver_client_packets',`
+interface(`corenet_dontaudit_receive_virt_migration_client_packets',`
gen_require(`
- type utcpserver_client_packet_t;
+ type virt_migration_client_packet_t;
')
- dontaudit $1 utcpserver_client_packet_t:packet recv;
+ dontaudit $1 virt_migration_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive utcpserver_client packets.
+## Send and receive virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69864,14 +90242,14 @@ interface(`corenet_dontaudit_receive_utcpserver_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_utcpserver_client_packets',`
- corenet_send_utcpserver_client_packets($1)
- corenet_receive_utcpserver_client_packets($1)
+interface(`corenet_sendrecv_virt_migration_client_packets',`
+ corenet_send_virt_migration_client_packets($1)
+ corenet_receive_virt_migration_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive utcpserver_client packets.
+## Do not audit attempts to send and receive virt_migration_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69880,14 +90258,14 @@ interface(`corenet_sendrecv_utcpserver_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_utcpserver_client_packets',`
- corenet_dontaudit_send_utcpserver_client_packets($1)
- corenet_dontaudit_receive_utcpserver_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_virt_migration_client_packets',`
+ corenet_dontaudit_send_virt_migration_client_packets($1)
+ corenet_dontaudit_receive_virt_migration_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to utcpserver_client the packet type.
+## Relabel packets to virt_migration_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -69895,18 +90273,18 @@ interface(`corenet_dontaudit_sendrecv_utcpserver_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_utcpserver_client_packets',`
+interface(`corenet_relabelto_virt_migration_client_packets',`
gen_require(`
- type utcpserver_client_packet_t;
+ type virt_migration_client_packet_t;
')
- allow $1 utcpserver_client_packet_t:packet relabelto;
+ allow $1 virt_migration_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send utcpserver_server packets.
+## Send virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69915,17 +90293,17 @@ interface(`corenet_relabelto_utcpserver_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_utcpserver_server_packets',`
+interface(`corenet_send_virt_migration_server_packets',`
gen_require(`
- type utcpserver_server_packet_t;
+ type virt_migration_server_packet_t;
')
- allow $1 utcpserver_server_packet_t:packet send;
+ allow $1 virt_migration_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send utcpserver_server packets.
+## Do not audit attempts to send virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69934,17 +90312,17 @@ interface(`corenet_send_utcpserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_utcpserver_server_packets',`
+interface(`corenet_dontaudit_send_virt_migration_server_packets',`
gen_require(`
- type utcpserver_server_packet_t;
+ type virt_migration_server_packet_t;
')
- dontaudit $1 utcpserver_server_packet_t:packet send;
+ dontaudit $1 virt_migration_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive utcpserver_server packets.
+## Receive virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69953,17 +90331,17 @@ interface(`corenet_dontaudit_send_utcpserver_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_utcpserver_server_packets',`
+interface(`corenet_receive_virt_migration_server_packets',`
gen_require(`
- type utcpserver_server_packet_t;
+ type virt_migration_server_packet_t;
')
- allow $1 utcpserver_server_packet_t:packet recv;
+ allow $1 virt_migration_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive utcpserver_server packets.
+## Do not audit attempts to receive virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69972,17 +90350,17 @@ interface(`corenet_receive_utcpserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_utcpserver_server_packets',`
+interface(`corenet_dontaudit_receive_virt_migration_server_packets',`
gen_require(`
- type utcpserver_server_packet_t;
+ type virt_migration_server_packet_t;
')
- dontaudit $1 utcpserver_server_packet_t:packet recv;
+ dontaudit $1 virt_migration_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive utcpserver_server packets.
+## Send and receive virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -69991,14 +90369,14 @@ interface(`corenet_dontaudit_receive_utcpserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_utcpserver_server_packets',`
- corenet_send_utcpserver_server_packets($1)
- corenet_receive_utcpserver_server_packets($1)
+interface(`corenet_sendrecv_virt_migration_server_packets',`
+ corenet_send_virt_migration_server_packets($1)
+ corenet_receive_virt_migration_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive utcpserver_server packets.
+## Do not audit attempts to send and receive virt_migration_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70007,14 +90385,14 @@ interface(`corenet_sendrecv_utcpserver_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_utcpserver_server_packets',`
- corenet_dontaudit_send_utcpserver_server_packets($1)
- corenet_dontaudit_receive_utcpserver_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_virt_migration_server_packets',`
+ corenet_dontaudit_send_virt_migration_server_packets($1)
+ corenet_dontaudit_receive_virt_migration_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to utcpserver_server the packet type.
+## Relabel packets to virt_migration_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70022,20 +90400,20 @@ interface(`corenet_dontaudit_sendrecv_utcpserver_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_utcpserver_server_packets',`
+interface(`corenet_relabelto_virt_migration_server_packets',`
gen_require(`
- type utcpserver_server_packet_t;
+ type virt_migration_server_packet_t;
')
- allow $1 utcpserver_server_packet_t:packet relabelto;
+ allow $1 virt_migration_server_packet_t:packet relabelto;
')
- # no defined portcon
+
########################################
## <summary>
-## Send and receive TCP traffic on the uucpd port.
+## Send and receive TCP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70044,17 +90422,17 @@ interface(`corenet_relabelto_utcpserver_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_uucpd_port',`
+interface(`corenet_tcp_sendrecv_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 vnc_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the uucpd port.
+## Send UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70063,17 +90441,17 @@ interface(`corenet_tcp_sendrecv_uucpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_uucpd_port',`
+interface(`corenet_udp_send_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:udp_socket send_msg;
+ allow $1 vnc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the uucpd port.
+## Do not audit attempts to send UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70082,17 +90460,17 @@ interface(`corenet_udp_send_uucpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_uucpd_port',`
+interface(`corenet_dontaudit_udp_send_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- dontaudit $1 uucpd_port_t:udp_socket send_msg;
+ dontaudit $1 vnc_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the uucpd port.
+## Receive UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70101,17 +90479,17 @@ interface(`corenet_dontaudit_udp_send_uucpd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_uucpd_port',`
+interface(`corenet_udp_receive_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:udp_socket recv_msg;
+ allow $1 vnc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the uucpd port.
+## Do not audit attempts to receive UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70120,17 +90498,17 @@ interface(`corenet_udp_receive_uucpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_uucpd_port',`
+interface(`corenet_dontaudit_udp_receive_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- dontaudit $1 uucpd_port_t:udp_socket recv_msg;
+ dontaudit $1 vnc_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the uucpd port.
+## Send and receive UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70139,15 +90517,15 @@ interface(`corenet_dontaudit_udp_receive_uucpd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_uucpd_port',`
- corenet_udp_send_uucpd_port($1)
- corenet_udp_receive_uucpd_port($1)
+interface(`corenet_udp_sendrecv_vnc_port',`
+ corenet_udp_send_vnc_port($1)
+ corenet_udp_receive_vnc_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the uucpd port.
+## UDP traffic on the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70156,14 +90534,14 @@ interface(`corenet_udp_sendrecv_uucpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_uucpd_port',`
- corenet_dontaudit_udp_send_uucpd_port($1)
- corenet_dontaudit_udp_receive_uucpd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_vnc_port',`
+ corenet_dontaudit_udp_send_vnc_port($1)
+ corenet_dontaudit_udp_receive_vnc_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the uucpd port.
+## Bind TCP sockets to the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70172,18 +90550,18 @@ interface(`corenet_dontaudit_udp_sendrecv_uucpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_uucpd_port',`
+interface(`corenet_tcp_bind_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 vnc_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the uucpd port.
+## Bind UDP sockets to the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70192,18 +90570,18 @@ interface(`corenet_tcp_bind_uucpd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_uucpd_port',`
+interface(`corenet_udp_bind_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 vnc_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the uucpd port.
+## Make a TCP connection to the vnc port.
## </summary>
## <param name="domain">
## <summary>
@@ -70211,18 +90589,18 @@ interface(`corenet_udp_bind_uucpd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_uucpd_port',`
+interface(`corenet_tcp_connect_vnc_port',`
gen_require(`
- type uucpd_port_t;
+ type vnc_port_t;
')
- allow $1 uucpd_port_t:tcp_socket name_connect;
+ allow $1 vnc_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send uucpd_client packets.
+## Send vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70231,17 +90609,17 @@ interface(`corenet_tcp_connect_uucpd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_uucpd_client_packets',`
+interface(`corenet_send_vnc_client_packets',`
gen_require(`
- type uucpd_client_packet_t;
+ type vnc_client_packet_t;
')
- allow $1 uucpd_client_packet_t:packet send;
+ allow $1 vnc_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send uucpd_client packets.
+## Do not audit attempts to send vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70250,17 +90628,17 @@ interface(`corenet_send_uucpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_uucpd_client_packets',`
+interface(`corenet_dontaudit_send_vnc_client_packets',`
gen_require(`
- type uucpd_client_packet_t;
+ type vnc_client_packet_t;
')
- dontaudit $1 uucpd_client_packet_t:packet send;
+ dontaudit $1 vnc_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive uucpd_client packets.
+## Receive vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70269,17 +90647,17 @@ interface(`corenet_dontaudit_send_uucpd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_uucpd_client_packets',`
+interface(`corenet_receive_vnc_client_packets',`
gen_require(`
- type uucpd_client_packet_t;
+ type vnc_client_packet_t;
')
- allow $1 uucpd_client_packet_t:packet recv;
+ allow $1 vnc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive uucpd_client packets.
+## Do not audit attempts to receive vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70288,17 +90666,17 @@ interface(`corenet_receive_uucpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_uucpd_client_packets',`
+interface(`corenet_dontaudit_receive_vnc_client_packets',`
gen_require(`
- type uucpd_client_packet_t;
+ type vnc_client_packet_t;
')
- dontaudit $1 uucpd_client_packet_t:packet recv;
+ dontaudit $1 vnc_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive uucpd_client packets.
+## Send and receive vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70307,14 +90685,14 @@ interface(`corenet_dontaudit_receive_uucpd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_uucpd_client_packets',`
- corenet_send_uucpd_client_packets($1)
- corenet_receive_uucpd_client_packets($1)
+interface(`corenet_sendrecv_vnc_client_packets',`
+ corenet_send_vnc_client_packets($1)
+ corenet_receive_vnc_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive uucpd_client packets.
+## Do not audit attempts to send and receive vnc_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70323,14 +90701,14 @@ interface(`corenet_sendrecv_uucpd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_uucpd_client_packets',`
- corenet_dontaudit_send_uucpd_client_packets($1)
- corenet_dontaudit_receive_uucpd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_vnc_client_packets',`
+ corenet_dontaudit_send_vnc_client_packets($1)
+ corenet_dontaudit_receive_vnc_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to uucpd_client the packet type.
+## Relabel packets to vnc_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70338,18 +90716,18 @@ interface(`corenet_dontaudit_sendrecv_uucpd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_uucpd_client_packets',`
+interface(`corenet_relabelto_vnc_client_packets',`
gen_require(`
- type uucpd_client_packet_t;
+ type vnc_client_packet_t;
')
- allow $1 uucpd_client_packet_t:packet relabelto;
+ allow $1 vnc_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send uucpd_server packets.
+## Send vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70358,17 +90736,17 @@ interface(`corenet_relabelto_uucpd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_uucpd_server_packets',`
+interface(`corenet_send_vnc_server_packets',`
gen_require(`
- type uucpd_server_packet_t;
+ type vnc_server_packet_t;
')
- allow $1 uucpd_server_packet_t:packet send;
+ allow $1 vnc_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send uucpd_server packets.
+## Do not audit attempts to send vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70377,17 +90755,17 @@ interface(`corenet_send_uucpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_uucpd_server_packets',`
+interface(`corenet_dontaudit_send_vnc_server_packets',`
gen_require(`
- type uucpd_server_packet_t;
+ type vnc_server_packet_t;
')
- dontaudit $1 uucpd_server_packet_t:packet send;
+ dontaudit $1 vnc_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive uucpd_server packets.
+## Receive vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70396,17 +90774,17 @@ interface(`corenet_dontaudit_send_uucpd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_uucpd_server_packets',`
+interface(`corenet_receive_vnc_server_packets',`
gen_require(`
- type uucpd_server_packet_t;
+ type vnc_server_packet_t;
')
- allow $1 uucpd_server_packet_t:packet recv;
+ allow $1 vnc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive uucpd_server packets.
+## Do not audit attempts to receive vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70415,17 +90793,17 @@ interface(`corenet_receive_uucpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_uucpd_server_packets',`
+interface(`corenet_dontaudit_receive_vnc_server_packets',`
gen_require(`
- type uucpd_server_packet_t;
+ type vnc_server_packet_t;
')
- dontaudit $1 uucpd_server_packet_t:packet recv;
+ dontaudit $1 vnc_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive uucpd_server packets.
+## Send and receive vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70434,14 +90812,14 @@ interface(`corenet_dontaudit_receive_uucpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_uucpd_server_packets',`
- corenet_send_uucpd_server_packets($1)
- corenet_receive_uucpd_server_packets($1)
+interface(`corenet_sendrecv_vnc_server_packets',`
+ corenet_send_vnc_server_packets($1)
+ corenet_receive_vnc_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive uucpd_server packets.
+## Do not audit attempts to send and receive vnc_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70450,14 +90828,14 @@ interface(`corenet_sendrecv_uucpd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_uucpd_server_packets',`
- corenet_dontaudit_send_uucpd_server_packets($1)
- corenet_dontaudit_receive_uucpd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_vnc_server_packets',`
+ corenet_dontaudit_send_vnc_server_packets($1)
+ corenet_dontaudit_receive_vnc_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to uucpd_server the packet type.
+## Relabel packets to vnc_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70465,12 +90843,12 @@ interface(`corenet_dontaudit_sendrecv_uucpd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_uucpd_server_packets',`
+interface(`corenet_relabelto_vnc_server_packets',`
gen_require(`
- type uucpd_server_packet_t;
+ type vnc_server_packet_t;
')
- allow $1 uucpd_server_packet_t:packet relabelto;
+ allow $1 vnc_server_packet_t:packet relabelto;
')
@@ -70478,7 +90856,7 @@ interface(`corenet_relabelto_uucpd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the varnishd port.
+## Send and receive TCP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70487,17 +90865,17 @@ interface(`corenet_relabelto_uucpd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_varnishd_port',`
+interface(`corenet_tcp_sendrecv_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 wccp_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the varnishd port.
+## Send UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70506,17 +90884,17 @@ interface(`corenet_tcp_sendrecv_varnishd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_varnishd_port',`
+interface(`corenet_udp_send_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:udp_socket send_msg;
+ allow $1 wccp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the varnishd port.
+## Do not audit attempts to send UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70525,17 +90903,17 @@ interface(`corenet_udp_send_varnishd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_varnishd_port',`
+interface(`corenet_dontaudit_udp_send_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- dontaudit $1 varnishd_port_t:udp_socket send_msg;
+ dontaudit $1 wccp_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the varnishd port.
+## Receive UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70544,17 +90922,17 @@ interface(`corenet_dontaudit_udp_send_varnishd_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_varnishd_port',`
+interface(`corenet_udp_receive_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:udp_socket recv_msg;
+ allow $1 wccp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the varnishd port.
+## Do not audit attempts to receive UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70563,17 +90941,17 @@ interface(`corenet_udp_receive_varnishd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_varnishd_port',`
+interface(`corenet_dontaudit_udp_receive_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- dontaudit $1 varnishd_port_t:udp_socket recv_msg;
+ dontaudit $1 wccp_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the varnishd port.
+## Send and receive UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70582,15 +90960,15 @@ interface(`corenet_dontaudit_udp_receive_varnishd_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_varnishd_port',`
- corenet_udp_send_varnishd_port($1)
- corenet_udp_receive_varnishd_port($1)
+interface(`corenet_udp_sendrecv_wccp_port',`
+ corenet_udp_send_wccp_port($1)
+ corenet_udp_receive_wccp_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the varnishd port.
+## UDP traffic on the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70599,14 +90977,14 @@ interface(`corenet_udp_sendrecv_varnishd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_varnishd_port',`
- corenet_dontaudit_udp_send_varnishd_port($1)
- corenet_dontaudit_udp_receive_varnishd_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_wccp_port',`
+ corenet_dontaudit_udp_send_wccp_port($1)
+ corenet_dontaudit_udp_receive_wccp_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the varnishd port.
+## Bind TCP sockets to the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70615,18 +90993,18 @@ interface(`corenet_dontaudit_udp_sendrecv_varnishd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_varnishd_port',`
+interface(`corenet_tcp_bind_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 wccp_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the varnishd port.
+## Bind UDP sockets to the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70635,18 +91013,18 @@ interface(`corenet_tcp_bind_varnishd_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_varnishd_port',`
+interface(`corenet_udp_bind_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 wccp_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the varnishd port.
+## Make a TCP connection to the wccp port.
## </summary>
## <param name="domain">
## <summary>
@@ -70654,18 +91032,18 @@ interface(`corenet_udp_bind_varnishd_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_varnishd_port',`
+interface(`corenet_tcp_connect_wccp_port',`
gen_require(`
- type varnishd_port_t;
+ type wccp_port_t;
')
- allow $1 varnishd_port_t:tcp_socket name_connect;
+ allow $1 wccp_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send varnishd_client packets.
+## Send wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70674,17 +91052,17 @@ interface(`corenet_tcp_connect_varnishd_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_varnishd_client_packets',`
+interface(`corenet_send_wccp_client_packets',`
gen_require(`
- type varnishd_client_packet_t;
+ type wccp_client_packet_t;
')
- allow $1 varnishd_client_packet_t:packet send;
+ allow $1 wccp_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send varnishd_client packets.
+## Do not audit attempts to send wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70693,17 +91071,17 @@ interface(`corenet_send_varnishd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_varnishd_client_packets',`
+interface(`corenet_dontaudit_send_wccp_client_packets',`
gen_require(`
- type varnishd_client_packet_t;
+ type wccp_client_packet_t;
')
- dontaudit $1 varnishd_client_packet_t:packet send;
+ dontaudit $1 wccp_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive varnishd_client packets.
+## Receive wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70712,17 +91090,17 @@ interface(`corenet_dontaudit_send_varnishd_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_varnishd_client_packets',`
+interface(`corenet_receive_wccp_client_packets',`
gen_require(`
- type varnishd_client_packet_t;
+ type wccp_client_packet_t;
')
- allow $1 varnishd_client_packet_t:packet recv;
+ allow $1 wccp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive varnishd_client packets.
+## Do not audit attempts to receive wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70731,17 +91109,17 @@ interface(`corenet_receive_varnishd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_varnishd_client_packets',`
+interface(`corenet_dontaudit_receive_wccp_client_packets',`
gen_require(`
- type varnishd_client_packet_t;
+ type wccp_client_packet_t;
')
- dontaudit $1 varnishd_client_packet_t:packet recv;
+ dontaudit $1 wccp_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive varnishd_client packets.
+## Send and receive wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70750,14 +91128,14 @@ interface(`corenet_dontaudit_receive_varnishd_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_varnishd_client_packets',`
- corenet_send_varnishd_client_packets($1)
- corenet_receive_varnishd_client_packets($1)
+interface(`corenet_sendrecv_wccp_client_packets',`
+ corenet_send_wccp_client_packets($1)
+ corenet_receive_wccp_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive varnishd_client packets.
+## Do not audit attempts to send and receive wccp_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70766,14 +91144,14 @@ interface(`corenet_sendrecv_varnishd_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_varnishd_client_packets',`
- corenet_dontaudit_send_varnishd_client_packets($1)
- corenet_dontaudit_receive_varnishd_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_wccp_client_packets',`
+ corenet_dontaudit_send_wccp_client_packets($1)
+ corenet_dontaudit_receive_wccp_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to varnishd_client the packet type.
+## Relabel packets to wccp_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70781,18 +91159,18 @@ interface(`corenet_dontaudit_sendrecv_varnishd_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_varnishd_client_packets',`
+interface(`corenet_relabelto_wccp_client_packets',`
gen_require(`
- type varnishd_client_packet_t;
+ type wccp_client_packet_t;
')
- allow $1 varnishd_client_packet_t:packet relabelto;
+ allow $1 wccp_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send varnishd_server packets.
+## Send wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70801,17 +91179,17 @@ interface(`corenet_relabelto_varnishd_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_varnishd_server_packets',`
+interface(`corenet_send_wccp_server_packets',`
gen_require(`
- type varnishd_server_packet_t;
+ type wccp_server_packet_t;
')
- allow $1 varnishd_server_packet_t:packet send;
+ allow $1 wccp_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send varnishd_server packets.
+## Do not audit attempts to send wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70820,17 +91198,17 @@ interface(`corenet_send_varnishd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_varnishd_server_packets',`
+interface(`corenet_dontaudit_send_wccp_server_packets',`
gen_require(`
- type varnishd_server_packet_t;
+ type wccp_server_packet_t;
')
- dontaudit $1 varnishd_server_packet_t:packet send;
+ dontaudit $1 wccp_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive varnishd_server packets.
+## Receive wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70839,17 +91217,17 @@ interface(`corenet_dontaudit_send_varnishd_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_varnishd_server_packets',`
+interface(`corenet_receive_wccp_server_packets',`
gen_require(`
- type varnishd_server_packet_t;
+ type wccp_server_packet_t;
')
- allow $1 varnishd_server_packet_t:packet recv;
+ allow $1 wccp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive varnishd_server packets.
+## Do not audit attempts to receive wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70858,17 +91236,17 @@ interface(`corenet_receive_varnishd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_varnishd_server_packets',`
+interface(`corenet_dontaudit_receive_wccp_server_packets',`
gen_require(`
- type varnishd_server_packet_t;
+ type wccp_server_packet_t;
')
- dontaudit $1 varnishd_server_packet_t:packet recv;
+ dontaudit $1 wccp_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive varnishd_server packets.
+## Send and receive wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70877,14 +91255,14 @@ interface(`corenet_dontaudit_receive_varnishd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_varnishd_server_packets',`
- corenet_send_varnishd_server_packets($1)
- corenet_receive_varnishd_server_packets($1)
+interface(`corenet_sendrecv_wccp_server_packets',`
+ corenet_send_wccp_server_packets($1)
+ corenet_receive_wccp_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive varnishd_server packets.
+## Do not audit attempts to send and receive wccp_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -70893,14 +91271,14 @@ interface(`corenet_sendrecv_varnishd_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_varnishd_server_packets',`
- corenet_dontaudit_send_varnishd_server_packets($1)
- corenet_dontaudit_receive_varnishd_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_wccp_server_packets',`
+ corenet_dontaudit_send_wccp_server_packets($1)
+ corenet_dontaudit_receive_wccp_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to varnishd_server the packet type.
+## Relabel packets to wccp_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -70908,12 +91286,12 @@ interface(`corenet_dontaudit_sendrecv_varnishd_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_varnishd_server_packets',`
+interface(`corenet_relabelto_wccp_server_packets',`
gen_require(`
- type varnishd_server_packet_t;
+ type wccp_server_packet_t;
')
- allow $1 varnishd_server_packet_t:packet relabelto;
+ allow $1 wccp_server_packet_t:packet relabelto;
')
@@ -70921,7 +91299,7 @@ interface(`corenet_relabelto_varnishd_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the virt port.
+## Send and receive TCP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -70930,17 +91308,17 @@ interface(`corenet_relabelto_varnishd_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_virt_port',`
+interface(`corenet_tcp_sendrecv_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 websm_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the virt port.
+## Send UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -70949,17 +91327,17 @@ interface(`corenet_tcp_sendrecv_virt_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_virt_port',`
+interface(`corenet_udp_send_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:udp_socket send_msg;
+ allow $1 websm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the virt port.
+## Do not audit attempts to send UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -70968,17 +91346,17 @@ interface(`corenet_udp_send_virt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_virt_port',`
+interface(`corenet_dontaudit_udp_send_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- dontaudit $1 virt_port_t:udp_socket send_msg;
+ dontaudit $1 websm_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the virt port.
+## Receive UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -70987,17 +91365,17 @@ interface(`corenet_dontaudit_udp_send_virt_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_virt_port',`
+interface(`corenet_udp_receive_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:udp_socket recv_msg;
+ allow $1 websm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the virt port.
+## Do not audit attempts to receive UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71006,17 +91384,17 @@ interface(`corenet_udp_receive_virt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_virt_port',`
+interface(`corenet_dontaudit_udp_receive_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- dontaudit $1 virt_port_t:udp_socket recv_msg;
+ dontaudit $1 websm_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the virt port.
+## Send and receive UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71025,15 +91403,15 @@ interface(`corenet_dontaudit_udp_receive_virt_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_virt_port',`
- corenet_udp_send_virt_port($1)
- corenet_udp_receive_virt_port($1)
+interface(`corenet_udp_sendrecv_websm_port',`
+ corenet_udp_send_websm_port($1)
+ corenet_udp_receive_websm_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the virt port.
+## UDP traffic on the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71042,14 +91420,14 @@ interface(`corenet_udp_sendrecv_virt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_virt_port',`
- corenet_dontaudit_udp_send_virt_port($1)
- corenet_dontaudit_udp_receive_virt_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_websm_port',`
+ corenet_dontaudit_udp_send_websm_port($1)
+ corenet_dontaudit_udp_receive_websm_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the virt port.
+## Bind TCP sockets to the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71058,18 +91436,18 @@ interface(`corenet_dontaudit_udp_sendrecv_virt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_virt_port',`
+interface(`corenet_tcp_bind_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:tcp_socket name_bind;
+ allow $1 websm_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the virt port.
+## Bind UDP sockets to the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71078,18 +91456,18 @@ interface(`corenet_tcp_bind_virt_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_virt_port',`
+interface(`corenet_udp_bind_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:udp_socket name_bind;
+ allow $1 websm_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the virt port.
+## Make a TCP connection to the websm port.
## </summary>
## <param name="domain">
## <summary>
@@ -71097,18 +91475,18 @@ interface(`corenet_udp_bind_virt_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_virt_port',`
+interface(`corenet_tcp_connect_websm_port',`
gen_require(`
- type virt_port_t;
+ type websm_port_t;
')
- allow $1 virt_port_t:tcp_socket name_connect;
+ allow $1 websm_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send virt_client packets.
+## Send websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71117,17 +91495,17 @@ interface(`corenet_tcp_connect_virt_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_virt_client_packets',`
+interface(`corenet_send_websm_client_packets',`
gen_require(`
- type virt_client_packet_t;
+ type websm_client_packet_t;
')
- allow $1 virt_client_packet_t:packet send;
+ allow $1 websm_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send virt_client packets.
+## Do not audit attempts to send websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71136,17 +91514,17 @@ interface(`corenet_send_virt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_virt_client_packets',`
+interface(`corenet_dontaudit_send_websm_client_packets',`
gen_require(`
- type virt_client_packet_t;
+ type websm_client_packet_t;
')
- dontaudit $1 virt_client_packet_t:packet send;
+ dontaudit $1 websm_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive virt_client packets.
+## Receive websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71155,17 +91533,17 @@ interface(`corenet_dontaudit_send_virt_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_virt_client_packets',`
+interface(`corenet_receive_websm_client_packets',`
gen_require(`
- type virt_client_packet_t;
+ type websm_client_packet_t;
')
- allow $1 virt_client_packet_t:packet recv;
+ allow $1 websm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive virt_client packets.
+## Do not audit attempts to receive websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71174,17 +91552,17 @@ interface(`corenet_receive_virt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_virt_client_packets',`
+interface(`corenet_dontaudit_receive_websm_client_packets',`
gen_require(`
- type virt_client_packet_t;
+ type websm_client_packet_t;
')
- dontaudit $1 virt_client_packet_t:packet recv;
+ dontaudit $1 websm_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive virt_client packets.
+## Send and receive websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71193,14 +91571,14 @@ interface(`corenet_dontaudit_receive_virt_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_virt_client_packets',`
- corenet_send_virt_client_packets($1)
- corenet_receive_virt_client_packets($1)
+interface(`corenet_sendrecv_websm_client_packets',`
+ corenet_send_websm_client_packets($1)
+ corenet_receive_websm_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive virt_client packets.
+## Do not audit attempts to send and receive websm_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71209,14 +91587,14 @@ interface(`corenet_sendrecv_virt_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_virt_client_packets',`
- corenet_dontaudit_send_virt_client_packets($1)
- corenet_dontaudit_receive_virt_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_websm_client_packets',`
+ corenet_dontaudit_send_websm_client_packets($1)
+ corenet_dontaudit_receive_websm_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to virt_client the packet type.
+## Relabel packets to websm_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71224,18 +91602,18 @@ interface(`corenet_dontaudit_sendrecv_virt_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_virt_client_packets',`
+interface(`corenet_relabelto_websm_client_packets',`
gen_require(`
- type virt_client_packet_t;
+ type websm_client_packet_t;
')
- allow $1 virt_client_packet_t:packet relabelto;
+ allow $1 websm_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send virt_server packets.
+## Send websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71244,17 +91622,17 @@ interface(`corenet_relabelto_virt_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_virt_server_packets',`
+interface(`corenet_send_websm_server_packets',`
gen_require(`
- type virt_server_packet_t;
+ type websm_server_packet_t;
')
- allow $1 virt_server_packet_t:packet send;
+ allow $1 websm_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send virt_server packets.
+## Do not audit attempts to send websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71263,17 +91641,17 @@ interface(`corenet_send_virt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_virt_server_packets',`
+interface(`corenet_dontaudit_send_websm_server_packets',`
gen_require(`
- type virt_server_packet_t;
+ type websm_server_packet_t;
')
- dontaudit $1 virt_server_packet_t:packet send;
+ dontaudit $1 websm_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive virt_server packets.
+## Receive websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71282,17 +91660,17 @@ interface(`corenet_dontaudit_send_virt_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_virt_server_packets',`
+interface(`corenet_receive_websm_server_packets',`
gen_require(`
- type virt_server_packet_t;
+ type websm_server_packet_t;
')
- allow $1 virt_server_packet_t:packet recv;
+ allow $1 websm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive virt_server packets.
+## Do not audit attempts to receive websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71301,17 +91679,17 @@ interface(`corenet_receive_virt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_virt_server_packets',`
+interface(`corenet_dontaudit_receive_websm_server_packets',`
gen_require(`
- type virt_server_packet_t;
+ type websm_server_packet_t;
')
- dontaudit $1 virt_server_packet_t:packet recv;
+ dontaudit $1 websm_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive virt_server packets.
+## Send and receive websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71320,14 +91698,14 @@ interface(`corenet_dontaudit_receive_virt_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_virt_server_packets',`
- corenet_send_virt_server_packets($1)
- corenet_receive_virt_server_packets($1)
+interface(`corenet_sendrecv_websm_server_packets',`
+ corenet_send_websm_server_packets($1)
+ corenet_receive_websm_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive virt_server packets.
+## Do not audit attempts to send and receive websm_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71336,14 +91714,14 @@ interface(`corenet_sendrecv_virt_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_virt_server_packets',`
- corenet_dontaudit_send_virt_server_packets($1)
- corenet_dontaudit_receive_virt_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_websm_server_packets',`
+ corenet_dontaudit_send_websm_server_packets($1)
+ corenet_dontaudit_receive_websm_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to virt_server the packet type.
+## Relabel packets to websm_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71351,12 +91729,12 @@ interface(`corenet_dontaudit_sendrecv_virt_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_virt_server_packets',`
+interface(`corenet_relabelto_websm_server_packets',`
gen_require(`
- type virt_server_packet_t;
+ type websm_server_packet_t;
')
- allow $1 virt_server_packet_t:packet relabelto;
+ allow $1 websm_server_packet_t:packet relabelto;
')
@@ -71364,7 +91742,7 @@ interface(`corenet_relabelto_virt_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the virt_migration port.
+## Send and receive TCP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71373,17 +91751,17 @@ interface(`corenet_relabelto_virt_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_virt_migration_port',`
+interface(`corenet_tcp_sendrecv_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 whois_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the virt_migration port.
+## Send UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71392,17 +91770,17 @@ interface(`corenet_tcp_sendrecv_virt_migration_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_virt_migration_port',`
+interface(`corenet_udp_send_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:udp_socket send_msg;
+ allow $1 whois_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the virt_migration port.
+## Do not audit attempts to send UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71411,17 +91789,17 @@ interface(`corenet_udp_send_virt_migration_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_virt_migration_port',`
+interface(`corenet_dontaudit_udp_send_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- dontaudit $1 virt_migration_port_t:udp_socket send_msg;
+ dontaudit $1 whois_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the virt_migration port.
+## Receive UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71430,17 +91808,17 @@ interface(`corenet_dontaudit_udp_send_virt_migration_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_virt_migration_port',`
+interface(`corenet_udp_receive_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:udp_socket recv_msg;
+ allow $1 whois_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the virt_migration port.
+## Do not audit attempts to receive UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71449,17 +91827,17 @@ interface(`corenet_udp_receive_virt_migration_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_virt_migration_port',`
+interface(`corenet_dontaudit_udp_receive_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- dontaudit $1 virt_migration_port_t:udp_socket recv_msg;
+ dontaudit $1 whois_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the virt_migration port.
+## Send and receive UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71468,15 +91846,15 @@ interface(`corenet_dontaudit_udp_receive_virt_migration_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_virt_migration_port',`
- corenet_udp_send_virt_migration_port($1)
- corenet_udp_receive_virt_migration_port($1)
+interface(`corenet_udp_sendrecv_whois_port',`
+ corenet_udp_send_whois_port($1)
+ corenet_udp_receive_whois_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the virt_migration port.
+## UDP traffic on the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71485,14 +91863,14 @@ interface(`corenet_udp_sendrecv_virt_migration_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_virt_migration_port',`
- corenet_dontaudit_udp_send_virt_migration_port($1)
- corenet_dontaudit_udp_receive_virt_migration_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_whois_port',`
+ corenet_dontaudit_udp_send_whois_port($1)
+ corenet_dontaudit_udp_receive_whois_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the virt_migration port.
+## Bind TCP sockets to the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71501,18 +91879,18 @@ interface(`corenet_dontaudit_udp_sendrecv_virt_migration_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_virt_migration_port',`
+interface(`corenet_tcp_bind_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:tcp_socket name_bind;
+ allow $1 whois_port_t:tcp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Bind UDP sockets to the virt_migration port.
+## Bind UDP sockets to the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71521,18 +91899,18 @@ interface(`corenet_tcp_bind_virt_migration_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_virt_migration_port',`
+interface(`corenet_udp_bind_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:udp_socket name_bind;
+ allow $1 whois_port_t:udp_socket name_bind;
allow $1 self:capability net_bind_service;
')
########################################
## <summary>
-## Make a TCP connection to the virt_migration port.
+## Make a TCP connection to the whois port.
## </summary>
## <param name="domain">
## <summary>
@@ -71540,18 +91918,18 @@ interface(`corenet_udp_bind_virt_migration_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_virt_migration_port',`
+interface(`corenet_tcp_connect_whois_port',`
gen_require(`
- type virt_migration_port_t;
+ type whois_port_t;
')
- allow $1 virt_migration_port_t:tcp_socket name_connect;
+ allow $1 whois_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send virt_migration_client packets.
+## Send whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71560,17 +91938,17 @@ interface(`corenet_tcp_connect_virt_migration_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_virt_migration_client_packets',`
+interface(`corenet_send_whois_client_packets',`
gen_require(`
- type virt_migration_client_packet_t;
+ type whois_client_packet_t;
')
- allow $1 virt_migration_client_packet_t:packet send;
+ allow $1 whois_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send virt_migration_client packets.
+## Do not audit attempts to send whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71579,17 +91957,17 @@ interface(`corenet_send_virt_migration_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_virt_migration_client_packets',`
+interface(`corenet_dontaudit_send_whois_client_packets',`
gen_require(`
- type virt_migration_client_packet_t;
+ type whois_client_packet_t;
')
- dontaudit $1 virt_migration_client_packet_t:packet send;
+ dontaudit $1 whois_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive virt_migration_client packets.
+## Receive whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71598,17 +91976,17 @@ interface(`corenet_dontaudit_send_virt_migration_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_virt_migration_client_packets',`
+interface(`corenet_receive_whois_client_packets',`
gen_require(`
- type virt_migration_client_packet_t;
+ type whois_client_packet_t;
')
- allow $1 virt_migration_client_packet_t:packet recv;
+ allow $1 whois_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive virt_migration_client packets.
+## Do not audit attempts to receive whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71617,17 +91995,17 @@ interface(`corenet_receive_virt_migration_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_virt_migration_client_packets',`
+interface(`corenet_dontaudit_receive_whois_client_packets',`
gen_require(`
- type virt_migration_client_packet_t;
+ type whois_client_packet_t;
')
- dontaudit $1 virt_migration_client_packet_t:packet recv;
+ dontaudit $1 whois_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive virt_migration_client packets.
+## Send and receive whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71636,14 +92014,14 @@ interface(`corenet_dontaudit_receive_virt_migration_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_virt_migration_client_packets',`
- corenet_send_virt_migration_client_packets($1)
- corenet_receive_virt_migration_client_packets($1)
+interface(`corenet_sendrecv_whois_client_packets',`
+ corenet_send_whois_client_packets($1)
+ corenet_receive_whois_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive virt_migration_client packets.
+## Do not audit attempts to send and receive whois_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71652,14 +92030,14 @@ interface(`corenet_sendrecv_virt_migration_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_virt_migration_client_packets',`
- corenet_dontaudit_send_virt_migration_client_packets($1)
- corenet_dontaudit_receive_virt_migration_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_whois_client_packets',`
+ corenet_dontaudit_send_whois_client_packets($1)
+ corenet_dontaudit_receive_whois_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to virt_migration_client the packet type.
+## Relabel packets to whois_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71667,18 +92045,18 @@ interface(`corenet_dontaudit_sendrecv_virt_migration_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_virt_migration_client_packets',`
+interface(`corenet_relabelto_whois_client_packets',`
gen_require(`
- type virt_migration_client_packet_t;
+ type whois_client_packet_t;
')
- allow $1 virt_migration_client_packet_t:packet relabelto;
+ allow $1 whois_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send virt_migration_server packets.
+## Send whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71687,17 +92065,17 @@ interface(`corenet_relabelto_virt_migration_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_virt_migration_server_packets',`
+interface(`corenet_send_whois_server_packets',`
gen_require(`
- type virt_migration_server_packet_t;
+ type whois_server_packet_t;
')
- allow $1 virt_migration_server_packet_t:packet send;
+ allow $1 whois_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send virt_migration_server packets.
+## Do not audit attempts to send whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71706,17 +92084,17 @@ interface(`corenet_send_virt_migration_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_virt_migration_server_packets',`
+interface(`corenet_dontaudit_send_whois_server_packets',`
gen_require(`
- type virt_migration_server_packet_t;
+ type whois_server_packet_t;
')
- dontaudit $1 virt_migration_server_packet_t:packet send;
+ dontaudit $1 whois_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive virt_migration_server packets.
+## Receive whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71725,17 +92103,17 @@ interface(`corenet_dontaudit_send_virt_migration_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_virt_migration_server_packets',`
+interface(`corenet_receive_whois_server_packets',`
gen_require(`
- type virt_migration_server_packet_t;
+ type whois_server_packet_t;
')
- allow $1 virt_migration_server_packet_t:packet recv;
+ allow $1 whois_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive virt_migration_server packets.
+## Do not audit attempts to receive whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71744,17 +92122,17 @@ interface(`corenet_receive_virt_migration_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_virt_migration_server_packets',`
+interface(`corenet_dontaudit_receive_whois_server_packets',`
gen_require(`
- type virt_migration_server_packet_t;
+ type whois_server_packet_t;
')
- dontaudit $1 virt_migration_server_packet_t:packet recv;
+ dontaudit $1 whois_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive virt_migration_server packets.
+## Send and receive whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71763,14 +92141,14 @@ interface(`corenet_dontaudit_receive_virt_migration_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_virt_migration_server_packets',`
- corenet_send_virt_migration_server_packets($1)
- corenet_receive_virt_migration_server_packets($1)
+interface(`corenet_sendrecv_whois_server_packets',`
+ corenet_send_whois_server_packets($1)
+ corenet_receive_whois_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive virt_migration_server packets.
+## Do not audit attempts to send and receive whois_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -71779,14 +92157,14 @@ interface(`corenet_sendrecv_virt_migration_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_virt_migration_server_packets',`
- corenet_dontaudit_send_virt_migration_server_packets($1)
- corenet_dontaudit_receive_virt_migration_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_whois_server_packets',`
+ corenet_dontaudit_send_whois_server_packets($1)
+ corenet_dontaudit_receive_whois_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to virt_migration_server the packet type.
+## Relabel packets to whois_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -71794,12 +92172,12 @@ interface(`corenet_dontaudit_sendrecv_virt_migration_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_virt_migration_server_packets',`
+interface(`corenet_relabelto_whois_server_packets',`
gen_require(`
- type virt_migration_server_packet_t;
+ type whois_server_packet_t;
')
- allow $1 virt_migration_server_packet_t:packet relabelto;
+ allow $1 whois_server_packet_t:packet relabelto;
')
@@ -71807,7 +92185,7 @@ interface(`corenet_relabelto_virt_migration_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the vnc port.
+## Send and receive TCP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71816,17 +92194,17 @@ interface(`corenet_relabelto_virt_migration_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_vnc_port',`
+interface(`corenet_tcp_sendrecv_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 winshadow_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the vnc port.
+## Send UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71835,17 +92213,17 @@ interface(`corenet_tcp_sendrecv_vnc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_vnc_port',`
+interface(`corenet_udp_send_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:udp_socket send_msg;
+ allow $1 winshadow_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the vnc port.
+## Do not audit attempts to send UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71854,17 +92232,17 @@ interface(`corenet_udp_send_vnc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_vnc_port',`
+interface(`corenet_dontaudit_udp_send_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- dontaudit $1 vnc_port_t:udp_socket send_msg;
+ dontaudit $1 winshadow_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the vnc port.
+## Receive UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71873,17 +92251,17 @@ interface(`corenet_dontaudit_udp_send_vnc_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_vnc_port',`
+interface(`corenet_udp_receive_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:udp_socket recv_msg;
+ allow $1 winshadow_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the vnc port.
+## Do not audit attempts to receive UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71892,17 +92270,17 @@ interface(`corenet_udp_receive_vnc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_vnc_port',`
+interface(`corenet_dontaudit_udp_receive_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- dontaudit $1 vnc_port_t:udp_socket recv_msg;
+ dontaudit $1 winshadow_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the vnc port.
+## Send and receive UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71911,15 +92289,15 @@ interface(`corenet_dontaudit_udp_receive_vnc_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_vnc_port',`
- corenet_udp_send_vnc_port($1)
- corenet_udp_receive_vnc_port($1)
+interface(`corenet_udp_sendrecv_winshadow_port',`
+ corenet_udp_send_winshadow_port($1)
+ corenet_udp_receive_winshadow_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the vnc port.
+## UDP traffic on the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71928,14 +92306,14 @@ interface(`corenet_udp_sendrecv_vnc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_vnc_port',`
- corenet_dontaudit_udp_send_vnc_port($1)
- corenet_dontaudit_udp_receive_vnc_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_winshadow_port',`
+ corenet_dontaudit_udp_send_winshadow_port($1)
+ corenet_dontaudit_udp_receive_winshadow_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the vnc port.
+## Bind TCP sockets to the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71944,18 +92322,18 @@ interface(`corenet_dontaudit_udp_sendrecv_vnc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_vnc_port',`
+interface(`corenet_tcp_bind_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:tcp_socket name_bind;
+ allow $1 winshadow_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the vnc port.
+## Bind UDP sockets to the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71964,18 +92342,18 @@ interface(`corenet_tcp_bind_vnc_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_vnc_port',`
+interface(`corenet_udp_bind_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:udp_socket name_bind;
+ allow $1 winshadow_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the vnc port.
+## Make a TCP connection to the winshadow port.
## </summary>
## <param name="domain">
## <summary>
@@ -71983,18 +92361,18 @@ interface(`corenet_udp_bind_vnc_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_vnc_port',`
+interface(`corenet_tcp_connect_winshadow_port',`
gen_require(`
- type vnc_port_t;
+ type winshadow_port_t;
')
- allow $1 vnc_port_t:tcp_socket name_connect;
+ allow $1 winshadow_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send vnc_client packets.
+## Send winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72003,17 +92381,17 @@ interface(`corenet_tcp_connect_vnc_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_vnc_client_packets',`
+interface(`corenet_send_winshadow_client_packets',`
gen_require(`
- type vnc_client_packet_t;
+ type winshadow_client_packet_t;
')
- allow $1 vnc_client_packet_t:packet send;
+ allow $1 winshadow_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send vnc_client packets.
+## Do not audit attempts to send winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72022,17 +92400,17 @@ interface(`corenet_send_vnc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_vnc_client_packets',`
+interface(`corenet_dontaudit_send_winshadow_client_packets',`
gen_require(`
- type vnc_client_packet_t;
+ type winshadow_client_packet_t;
')
- dontaudit $1 vnc_client_packet_t:packet send;
+ dontaudit $1 winshadow_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive vnc_client packets.
+## Receive winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72041,17 +92419,17 @@ interface(`corenet_dontaudit_send_vnc_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_vnc_client_packets',`
+interface(`corenet_receive_winshadow_client_packets',`
gen_require(`
- type vnc_client_packet_t;
+ type winshadow_client_packet_t;
')
- allow $1 vnc_client_packet_t:packet recv;
+ allow $1 winshadow_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive vnc_client packets.
+## Do not audit attempts to receive winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72060,17 +92438,17 @@ interface(`corenet_receive_vnc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_vnc_client_packets',`
+interface(`corenet_dontaudit_receive_winshadow_client_packets',`
gen_require(`
- type vnc_client_packet_t;
+ type winshadow_client_packet_t;
')
- dontaudit $1 vnc_client_packet_t:packet recv;
+ dontaudit $1 winshadow_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive vnc_client packets.
+## Send and receive winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72079,14 +92457,14 @@ interface(`corenet_dontaudit_receive_vnc_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_vnc_client_packets',`
- corenet_send_vnc_client_packets($1)
- corenet_receive_vnc_client_packets($1)
+interface(`corenet_sendrecv_winshadow_client_packets',`
+ corenet_send_winshadow_client_packets($1)
+ corenet_receive_winshadow_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive vnc_client packets.
+## Do not audit attempts to send and receive winshadow_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72095,14 +92473,14 @@ interface(`corenet_sendrecv_vnc_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_vnc_client_packets',`
- corenet_dontaudit_send_vnc_client_packets($1)
- corenet_dontaudit_receive_vnc_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_winshadow_client_packets',`
+ corenet_dontaudit_send_winshadow_client_packets($1)
+ corenet_dontaudit_receive_winshadow_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to vnc_client the packet type.
+## Relabel packets to winshadow_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72110,18 +92488,18 @@ interface(`corenet_dontaudit_sendrecv_vnc_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_vnc_client_packets',`
+interface(`corenet_relabelto_winshadow_client_packets',`
gen_require(`
- type vnc_client_packet_t;
+ type winshadow_client_packet_t;
')
- allow $1 vnc_client_packet_t:packet relabelto;
+ allow $1 winshadow_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send vnc_server packets.
+## Send winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72130,17 +92508,17 @@ interface(`corenet_relabelto_vnc_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_vnc_server_packets',`
+interface(`corenet_send_winshadow_server_packets',`
gen_require(`
- type vnc_server_packet_t;
+ type winshadow_server_packet_t;
')
- allow $1 vnc_server_packet_t:packet send;
+ allow $1 winshadow_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send vnc_server packets.
+## Do not audit attempts to send winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72149,17 +92527,17 @@ interface(`corenet_send_vnc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_vnc_server_packets',`
+interface(`corenet_dontaudit_send_winshadow_server_packets',`
gen_require(`
- type vnc_server_packet_t;
+ type winshadow_server_packet_t;
')
- dontaudit $1 vnc_server_packet_t:packet send;
+ dontaudit $1 winshadow_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive vnc_server packets.
+## Receive winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72168,17 +92546,17 @@ interface(`corenet_dontaudit_send_vnc_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_vnc_server_packets',`
+interface(`corenet_receive_winshadow_server_packets',`
gen_require(`
- type vnc_server_packet_t;
+ type winshadow_server_packet_t;
')
- allow $1 vnc_server_packet_t:packet recv;
+ allow $1 winshadow_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive vnc_server packets.
+## Do not audit attempts to receive winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72187,17 +92565,17 @@ interface(`corenet_receive_vnc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_vnc_server_packets',`
+interface(`corenet_dontaudit_receive_winshadow_server_packets',`
gen_require(`
- type vnc_server_packet_t;
+ type winshadow_server_packet_t;
')
- dontaudit $1 vnc_server_packet_t:packet recv;
+ dontaudit $1 winshadow_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive vnc_server packets.
+## Send and receive winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72206,14 +92584,14 @@ interface(`corenet_dontaudit_receive_vnc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_vnc_server_packets',`
- corenet_send_vnc_server_packets($1)
- corenet_receive_vnc_server_packets($1)
+interface(`corenet_sendrecv_winshadow_server_packets',`
+ corenet_send_winshadow_server_packets($1)
+ corenet_receive_winshadow_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive vnc_server packets.
+## Do not audit attempts to send and receive winshadow_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72222,14 +92600,14 @@ interface(`corenet_sendrecv_vnc_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_vnc_server_packets',`
- corenet_dontaudit_send_vnc_server_packets($1)
- corenet_dontaudit_receive_vnc_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_winshadow_server_packets',`
+ corenet_dontaudit_send_winshadow_server_packets($1)
+ corenet_dontaudit_receive_winshadow_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to vnc_server the packet type.
+## Relabel packets to winshadow_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72237,12 +92615,12 @@ interface(`corenet_dontaudit_sendrecv_vnc_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_vnc_server_packets',`
+interface(`corenet_relabelto_winshadow_server_packets',`
gen_require(`
- type vnc_server_packet_t;
+ type winshadow_server_packet_t;
')
- allow $1 vnc_server_packet_t:packet relabelto;
+ allow $1 winshadow_server_packet_t:packet relabelto;
')
@@ -72250,7 +92628,7 @@ interface(`corenet_relabelto_vnc_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the wccp port.
+## Send and receive TCP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72259,17 +92637,17 @@ interface(`corenet_relabelto_vnc_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_wccp_port',`
+interface(`corenet_tcp_sendrecv_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 wsdapi_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the wccp port.
+## Send UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72278,17 +92656,17 @@ interface(`corenet_tcp_sendrecv_wccp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_wccp_port',`
+interface(`corenet_udp_send_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:udp_socket send_msg;
+ allow $1 wsdapi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the wccp port.
+## Do not audit attempts to send UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72297,17 +92675,17 @@ interface(`corenet_udp_send_wccp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_wccp_port',`
+interface(`corenet_dontaudit_udp_send_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- dontaudit $1 wccp_port_t:udp_socket send_msg;
+ dontaudit $1 wsdapi_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the wccp port.
+## Receive UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72316,17 +92694,17 @@ interface(`corenet_dontaudit_udp_send_wccp_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_wccp_port',`
+interface(`corenet_udp_receive_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:udp_socket recv_msg;
+ allow $1 wsdapi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the wccp port.
+## Do not audit attempts to receive UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72335,17 +92713,17 @@ interface(`corenet_udp_receive_wccp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_wccp_port',`
+interface(`corenet_dontaudit_udp_receive_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- dontaudit $1 wccp_port_t:udp_socket recv_msg;
+ dontaudit $1 wsdapi_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the wccp port.
+## Send and receive UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72354,15 +92732,15 @@ interface(`corenet_dontaudit_udp_receive_wccp_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_wccp_port',`
- corenet_udp_send_wccp_port($1)
- corenet_udp_receive_wccp_port($1)
+interface(`corenet_udp_sendrecv_wsdapi_port',`
+ corenet_udp_send_wsdapi_port($1)
+ corenet_udp_receive_wsdapi_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the wccp port.
+## UDP traffic on the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72371,14 +92749,14 @@ interface(`corenet_udp_sendrecv_wccp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_wccp_port',`
- corenet_dontaudit_udp_send_wccp_port($1)
- corenet_dontaudit_udp_receive_wccp_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_wsdapi_port',`
+ corenet_dontaudit_udp_send_wsdapi_port($1)
+ corenet_dontaudit_udp_receive_wsdapi_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the wccp port.
+## Bind TCP sockets to the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72387,18 +92765,18 @@ interface(`corenet_dontaudit_udp_sendrecv_wccp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_wccp_port',`
+interface(`corenet_tcp_bind_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:tcp_socket name_bind;
+ allow $1 wsdapi_port_t:tcp_socket name_bind;
')
########################################
## <summary>
-## Bind UDP sockets to the wccp port.
+## Bind UDP sockets to the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72407,18 +92785,18 @@ interface(`corenet_tcp_bind_wccp_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_wccp_port',`
+interface(`corenet_udp_bind_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:udp_socket name_bind;
+ allow $1 wsdapi_port_t:udp_socket name_bind;
')
########################################
## <summary>
-## Make a TCP connection to the wccp port.
+## Make a TCP connection to the wsdapi port.
## </summary>
## <param name="domain">
## <summary>
@@ -72426,18 +92804,18 @@ interface(`corenet_udp_bind_wccp_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_wccp_port',`
+interface(`corenet_tcp_connect_wsdapi_port',`
gen_require(`
- type wccp_port_t;
+ type wsdapi_port_t;
')
- allow $1 wccp_port_t:tcp_socket name_connect;
+ allow $1 wsdapi_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send wccp_client packets.
+## Send wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72446,17 +92824,17 @@ interface(`corenet_tcp_connect_wccp_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_wccp_client_packets',`
+interface(`corenet_send_wsdapi_client_packets',`
gen_require(`
- type wccp_client_packet_t;
+ type wsdapi_client_packet_t;
')
- allow $1 wccp_client_packet_t:packet send;
+ allow $1 wsdapi_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send wccp_client packets.
+## Do not audit attempts to send wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72465,17 +92843,17 @@ interface(`corenet_send_wccp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_wccp_client_packets',`
+interface(`corenet_dontaudit_send_wsdapi_client_packets',`
gen_require(`
- type wccp_client_packet_t;
+ type wsdapi_client_packet_t;
')
- dontaudit $1 wccp_client_packet_t:packet send;
+ dontaudit $1 wsdapi_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive wccp_client packets.
+## Receive wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72484,17 +92862,17 @@ interface(`corenet_dontaudit_send_wccp_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_wccp_client_packets',`
+interface(`corenet_receive_wsdapi_client_packets',`
gen_require(`
- type wccp_client_packet_t;
+ type wsdapi_client_packet_t;
')
- allow $1 wccp_client_packet_t:packet recv;
+ allow $1 wsdapi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive wccp_client packets.
+## Do not audit attempts to receive wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72503,17 +92881,17 @@ interface(`corenet_receive_wccp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_wccp_client_packets',`
+interface(`corenet_dontaudit_receive_wsdapi_client_packets',`
gen_require(`
- type wccp_client_packet_t;
+ type wsdapi_client_packet_t;
')
- dontaudit $1 wccp_client_packet_t:packet recv;
+ dontaudit $1 wsdapi_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive wccp_client packets.
+## Send and receive wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72522,14 +92900,14 @@ interface(`corenet_dontaudit_receive_wccp_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_wccp_client_packets',`
- corenet_send_wccp_client_packets($1)
- corenet_receive_wccp_client_packets($1)
+interface(`corenet_sendrecv_wsdapi_client_packets',`
+ corenet_send_wsdapi_client_packets($1)
+ corenet_receive_wsdapi_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive wccp_client packets.
+## Do not audit attempts to send and receive wsdapi_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72538,14 +92916,14 @@ interface(`corenet_sendrecv_wccp_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_wccp_client_packets',`
- corenet_dontaudit_send_wccp_client_packets($1)
- corenet_dontaudit_receive_wccp_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_wsdapi_client_packets',`
+ corenet_dontaudit_send_wsdapi_client_packets($1)
+ corenet_dontaudit_receive_wsdapi_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to wccp_client the packet type.
+## Relabel packets to wsdapi_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72553,18 +92931,18 @@ interface(`corenet_dontaudit_sendrecv_wccp_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_wccp_client_packets',`
+interface(`corenet_relabelto_wsdapi_client_packets',`
gen_require(`
- type wccp_client_packet_t;
+ type wsdapi_client_packet_t;
')
- allow $1 wccp_client_packet_t:packet relabelto;
+ allow $1 wsdapi_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send wccp_server packets.
+## Send wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72573,17 +92951,17 @@ interface(`corenet_relabelto_wccp_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_wccp_server_packets',`
+interface(`corenet_send_wsdapi_server_packets',`
gen_require(`
- type wccp_server_packet_t;
+ type wsdapi_server_packet_t;
')
- allow $1 wccp_server_packet_t:packet send;
+ allow $1 wsdapi_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send wccp_server packets.
+## Do not audit attempts to send wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72592,17 +92970,17 @@ interface(`corenet_send_wccp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_wccp_server_packets',`
+interface(`corenet_dontaudit_send_wsdapi_server_packets',`
gen_require(`
- type wccp_server_packet_t;
+ type wsdapi_server_packet_t;
')
- dontaudit $1 wccp_server_packet_t:packet send;
+ dontaudit $1 wsdapi_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive wccp_server packets.
+## Receive wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72611,17 +92989,17 @@ interface(`corenet_dontaudit_send_wccp_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_wccp_server_packets',`
+interface(`corenet_receive_wsdapi_server_packets',`
gen_require(`
- type wccp_server_packet_t;
+ type wsdapi_server_packet_t;
')
- allow $1 wccp_server_packet_t:packet recv;
+ allow $1 wsdapi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive wccp_server packets.
+## Do not audit attempts to receive wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72630,17 +93008,17 @@ interface(`corenet_receive_wccp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_wccp_server_packets',`
+interface(`corenet_dontaudit_receive_wsdapi_server_packets',`
gen_require(`
- type wccp_server_packet_t;
+ type wsdapi_server_packet_t;
')
- dontaudit $1 wccp_server_packet_t:packet recv;
+ dontaudit $1 wsdapi_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive wccp_server packets.
+## Send and receive wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72649,14 +93027,14 @@ interface(`corenet_dontaudit_receive_wccp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_wccp_server_packets',`
- corenet_send_wccp_server_packets($1)
- corenet_receive_wccp_server_packets($1)
+interface(`corenet_sendrecv_wsdapi_server_packets',`
+ corenet_send_wsdapi_server_packets($1)
+ corenet_receive_wsdapi_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive wccp_server packets.
+## Do not audit attempts to send and receive wsdapi_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72665,14 +93043,14 @@ interface(`corenet_sendrecv_wccp_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_wccp_server_packets',`
- corenet_dontaudit_send_wccp_server_packets($1)
- corenet_dontaudit_receive_wccp_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_wsdapi_server_packets',`
+ corenet_dontaudit_send_wsdapi_server_packets($1)
+ corenet_dontaudit_receive_wsdapi_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to wccp_server the packet type.
+## Relabel packets to wsdapi_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72680,12 +93058,12 @@ interface(`corenet_dontaudit_sendrecv_wccp_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_wccp_server_packets',`
+interface(`corenet_relabelto_wsdapi_server_packets',`
gen_require(`
- type wccp_server_packet_t;
+ type wsdapi_server_packet_t;
')
- allow $1 wccp_server_packet_t:packet relabelto;
+ allow $1 wsdapi_server_packet_t:packet relabelto;
')
@@ -72693,7 +93071,7 @@ interface(`corenet_relabelto_wccp_server_packets',`
########################################
## <summary>
-## Send and receive TCP traffic on the whois port.
+## Send and receive TCP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72702,17 +93080,17 @@ interface(`corenet_relabelto_wccp_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_tcp_sendrecv_whois_port',`
+interface(`corenet_tcp_sendrecv_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:tcp_socket { send_msg recv_msg };
+ allow $1 wsicopy_port_t:tcp_socket { send_msg recv_msg };
')
########################################
## <summary>
-## Send UDP traffic on the whois port.
+## Send UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72721,17 +93099,17 @@ interface(`corenet_tcp_sendrecv_whois_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_udp_send_whois_port',`
+interface(`corenet_udp_send_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:udp_socket send_msg;
+ allow $1 wsicopy_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Do not audit attempts to send UDP traffic on the whois port.
+## Do not audit attempts to send UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72740,17 +93118,17 @@ interface(`corenet_udp_send_whois_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_send_whois_port',`
+interface(`corenet_dontaudit_udp_send_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- dontaudit $1 whois_port_t:udp_socket send_msg;
+ dontaudit $1 wsicopy_port_t:udp_socket send_msg;
')
########################################
## <summary>
-## Receive UDP traffic on the whois port.
+## Receive UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72759,17 +93137,17 @@ interface(`corenet_dontaudit_udp_send_whois_port',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_udp_receive_whois_port',`
+interface(`corenet_udp_receive_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:udp_socket recv_msg;
+ allow $1 wsicopy_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Do not audit attempts to receive UDP traffic on the whois port.
+## Do not audit attempts to receive UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72778,17 +93156,17 @@ interface(`corenet_udp_receive_whois_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_receive_whois_port',`
+interface(`corenet_dontaudit_udp_receive_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- dontaudit $1 whois_port_t:udp_socket recv_msg;
+ dontaudit $1 wsicopy_port_t:udp_socket recv_msg;
')
########################################
## <summary>
-## Send and receive UDP traffic on the whois port.
+## Send and receive UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72797,15 +93175,15 @@ interface(`corenet_dontaudit_udp_receive_whois_port',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_udp_sendrecv_whois_port',`
- corenet_udp_send_whois_port($1)
- corenet_udp_receive_whois_port($1)
+interface(`corenet_udp_sendrecv_wsicopy_port',`
+ corenet_udp_send_wsicopy_port($1)
+ corenet_udp_receive_wsicopy_port($1)
')
########################################
## <summary>
## Do not audit attempts to send and receive
-## UDP traffic on the whois port.
+## UDP traffic on the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72814,14 +93192,14 @@ interface(`corenet_udp_sendrecv_whois_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_udp_sendrecv_whois_port',`
- corenet_dontaudit_udp_send_whois_port($1)
- corenet_dontaudit_udp_receive_whois_port($1)
+interface(`corenet_dontaudit_udp_sendrecv_wsicopy_port',`
+ corenet_dontaudit_udp_send_wsicopy_port($1)
+ corenet_dontaudit_udp_receive_wsicopy_port($1)
')
########################################
## <summary>
-## Bind TCP sockets to the whois port.
+## Bind TCP sockets to the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72830,18 +93208,18 @@ interface(`corenet_dontaudit_udp_sendrecv_whois_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_tcp_bind_whois_port',`
+interface(`corenet_tcp_bind_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:tcp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 wsicopy_port_t:tcp_socket name_bind;
+
')
########################################
## <summary>
-## Bind UDP sockets to the whois port.
+## Bind UDP sockets to the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72850,18 +93228,18 @@ interface(`corenet_tcp_bind_whois_port',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_udp_bind_whois_port',`
+interface(`corenet_udp_bind_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:udp_socket name_bind;
- allow $1 self:capability net_bind_service;
+ allow $1 wsicopy_port_t:udp_socket name_bind;
+
')
########################################
## <summary>
-## Make a TCP connection to the whois port.
+## Make a TCP connection to the wsicopy port.
## </summary>
## <param name="domain">
## <summary>
@@ -72869,18 +93247,18 @@ interface(`corenet_udp_bind_whois_port',`
## </summary>
## </param>
#
-interface(`corenet_tcp_connect_whois_port',`
+interface(`corenet_tcp_connect_wsicopy_port',`
gen_require(`
- type whois_port_t;
+ type wsicopy_port_t;
')
- allow $1 whois_port_t:tcp_socket name_connect;
+ allow $1 wsicopy_port_t:tcp_socket name_connect;
')
########################################
## <summary>
-## Send whois_client packets.
+## Send wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72889,17 +93267,17 @@ interface(`corenet_tcp_connect_whois_port',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_whois_client_packets',`
+interface(`corenet_send_wsicopy_client_packets',`
gen_require(`
- type whois_client_packet_t;
+ type wsicopy_client_packet_t;
')
- allow $1 whois_client_packet_t:packet send;
+ allow $1 wsicopy_client_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send whois_client packets.
+## Do not audit attempts to send wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72908,17 +93286,17 @@ interface(`corenet_send_whois_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_whois_client_packets',`
+interface(`corenet_dontaudit_send_wsicopy_client_packets',`
gen_require(`
- type whois_client_packet_t;
+ type wsicopy_client_packet_t;
')
- dontaudit $1 whois_client_packet_t:packet send;
+ dontaudit $1 wsicopy_client_packet_t:packet send;
')
########################################
## <summary>
-## Receive whois_client packets.
+## Receive wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72927,17 +93305,17 @@ interface(`corenet_dontaudit_send_whois_client_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_whois_client_packets',`
+interface(`corenet_receive_wsicopy_client_packets',`
gen_require(`
- type whois_client_packet_t;
+ type wsicopy_client_packet_t;
')
- allow $1 whois_client_packet_t:packet recv;
+ allow $1 wsicopy_client_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive whois_client packets.
+## Do not audit attempts to receive wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72946,17 +93324,17 @@ interface(`corenet_receive_whois_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_whois_client_packets',`
+interface(`corenet_dontaudit_receive_wsicopy_client_packets',`
gen_require(`
- type whois_client_packet_t;
+ type wsicopy_client_packet_t;
')
- dontaudit $1 whois_client_packet_t:packet recv;
+ dontaudit $1 wsicopy_client_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive whois_client packets.
+## Send and receive wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72965,14 +93343,14 @@ interface(`corenet_dontaudit_receive_whois_client_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_whois_client_packets',`
- corenet_send_whois_client_packets($1)
- corenet_receive_whois_client_packets($1)
+interface(`corenet_sendrecv_wsicopy_client_packets',`
+ corenet_send_wsicopy_client_packets($1)
+ corenet_receive_wsicopy_client_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive whois_client packets.
+## Do not audit attempts to send and receive wsicopy_client packets.
## </summary>
## <param name="domain">
## <summary>
@@ -72981,14 +93359,14 @@ interface(`corenet_sendrecv_whois_client_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_whois_client_packets',`
- corenet_dontaudit_send_whois_client_packets($1)
- corenet_dontaudit_receive_whois_client_packets($1)
+interface(`corenet_dontaudit_sendrecv_wsicopy_client_packets',`
+ corenet_dontaudit_send_wsicopy_client_packets($1)
+ corenet_dontaudit_receive_wsicopy_client_packets($1)
')
########################################
## <summary>
-## Relabel packets to whois_client the packet type.
+## Relabel packets to wsicopy_client the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -72996,18 +93374,18 @@ interface(`corenet_dontaudit_sendrecv_whois_client_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_whois_client_packets',`
+interface(`corenet_relabelto_wsicopy_client_packets',`
gen_require(`
- type whois_client_packet_t;
+ type wsicopy_client_packet_t;
')
- allow $1 whois_client_packet_t:packet relabelto;
+ allow $1 wsicopy_client_packet_t:packet relabelto;
')
########################################
## <summary>
-## Send whois_server packets.
+## Send wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73016,17 +93394,17 @@ interface(`corenet_relabelto_whois_client_packets',`
## </param>
## <infoflow type="write" weight="10"/>
#
-interface(`corenet_send_whois_server_packets',`
+interface(`corenet_send_wsicopy_server_packets',`
gen_require(`
- type whois_server_packet_t;
+ type wsicopy_server_packet_t;
')
- allow $1 whois_server_packet_t:packet send;
+ allow $1 wsicopy_server_packet_t:packet send;
')
########################################
## <summary>
-## Do not audit attempts to send whois_server packets.
+## Do not audit attempts to send wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73035,17 +93413,17 @@ interface(`corenet_send_whois_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_send_whois_server_packets',`
+interface(`corenet_dontaudit_send_wsicopy_server_packets',`
gen_require(`
- type whois_server_packet_t;
+ type wsicopy_server_packet_t;
')
- dontaudit $1 whois_server_packet_t:packet send;
+ dontaudit $1 wsicopy_server_packet_t:packet send;
')
########################################
## <summary>
-## Receive whois_server packets.
+## Receive wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73054,17 +93432,17 @@ interface(`corenet_dontaudit_send_whois_server_packets',`
## </param>
## <infoflow type="read" weight="10"/>
#
-interface(`corenet_receive_whois_server_packets',`
+interface(`corenet_receive_wsicopy_server_packets',`
gen_require(`
- type whois_server_packet_t;
+ type wsicopy_server_packet_t;
')
- allow $1 whois_server_packet_t:packet recv;
+ allow $1 wsicopy_server_packet_t:packet recv;
')
########################################
## <summary>
-## Do not audit attempts to receive whois_server packets.
+## Do not audit attempts to receive wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73073,17 +93451,17 @@ interface(`corenet_receive_whois_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_receive_whois_server_packets',`
+interface(`corenet_dontaudit_receive_wsicopy_server_packets',`
gen_require(`
- type whois_server_packet_t;
+ type wsicopy_server_packet_t;
')
- dontaudit $1 whois_server_packet_t:packet recv;
+ dontaudit $1 wsicopy_server_packet_t:packet recv;
')
########################################
## <summary>
-## Send and receive whois_server packets.
+## Send and receive wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73092,14 +93470,14 @@ interface(`corenet_dontaudit_receive_whois_server_packets',`
## </param>
## <infoflow type="both" weight="10"/>
#
-interface(`corenet_sendrecv_whois_server_packets',`
- corenet_send_whois_server_packets($1)
- corenet_receive_whois_server_packets($1)
+interface(`corenet_sendrecv_wsicopy_server_packets',`
+ corenet_send_wsicopy_server_packets($1)
+ corenet_receive_wsicopy_server_packets($1)
')
########################################
## <summary>
-## Do not audit attempts to send and receive whois_server packets.
+## Do not audit attempts to send and receive wsicopy_server packets.
## </summary>
## <param name="domain">
## <summary>
@@ -73108,14 +93486,14 @@ interface(`corenet_sendrecv_whois_server_packets',`
## </param>
## <infoflow type="none"/>
#
-interface(`corenet_dontaudit_sendrecv_whois_server_packets',`
- corenet_dontaudit_send_whois_server_packets($1)
- corenet_dontaudit_receive_whois_server_packets($1)
+interface(`corenet_dontaudit_sendrecv_wsicopy_server_packets',`
+ corenet_dontaudit_send_wsicopy_server_packets($1)
+ corenet_dontaudit_receive_wsicopy_server_packets($1)
')
########################################
## <summary>
-## Relabel packets to whois_server the packet type.
+## Relabel packets to wsicopy_server the packet type.
## </summary>
## <param name="domain">
## <summary>
@@ -73123,12 +93501,12 @@ interface(`corenet_dontaudit_sendrecv_whois_server_packets',`
## </summary>
## </param>
#
-interface(`corenet_relabelto_whois_server_packets',`
+interface(`corenet_relabelto_wsicopy_server_packets',`
gen_require(`
- type whois_server_packet_t;
+ type wsicopy_server_packet_t;
')
- allow $1 whois_server_packet_t:packet relabelto;
+ allow $1 wsicopy_server_packet_t:packet relabelto;
')
@@ -78009,6 +98387,449 @@ interface(`corenet_relabelto_zebra_server_packets',`
########################################
## <summary>
+## Send and receive TCP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_tcp_sendrecv_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:tcp_socket { send_msg recv_msg };
+')
+
+########################################
+## <summary>
+## Send UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_udp_send_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_send_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ dontaudit $1 zented_port_t:udp_socket send_msg;
+')
+
+########################################
+## <summary>
+## Receive UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_udp_receive_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_receive_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ dontaudit $1 zented_port_t:udp_socket recv_msg;
+')
+
+########################################
+## <summary>
+## Send and receive UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_udp_sendrecv_zented_port',`
+ corenet_udp_send_zented_port($1)
+ corenet_udp_receive_zented_port($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive
+## UDP traffic on the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_udp_sendrecv_zented_port',`
+ corenet_dontaudit_udp_send_zented_port($1)
+ corenet_dontaudit_udp_receive_zented_port($1)
+')
+
+########################################
+## <summary>
+## Bind TCP sockets to the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_tcp_bind_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:tcp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Bind UDP sockets to the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_udp_bind_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:udp_socket name_bind;
+
+')
+
+########################################
+## <summary>
+## Make a TCP connection to the zented port.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_tcp_connect_zented_port',`
+ gen_require(`
+ type zented_port_t;
+ ')
+
+ allow $1 zented_port_t:tcp_socket name_connect;
+')
+
+
+########################################
+## <summary>
+## Send zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_zented_client_packets',`
+ gen_require(`
+ type zented_client_packet_t;
+ ')
+
+ allow $1 zented_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_zented_client_packets',`
+ gen_require(`
+ type zented_client_packet_t;
+ ')
+
+ dontaudit $1 zented_client_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_zented_client_packets',`
+ gen_require(`
+ type zented_client_packet_t;
+ ')
+
+ allow $1 zented_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_zented_client_packets',`
+ gen_require(`
+ type zented_client_packet_t;
+ ')
+
+ dontaudit $1 zented_client_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_zented_client_packets',`
+ corenet_send_zented_client_packets($1)
+ corenet_receive_zented_client_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive zented_client packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_zented_client_packets',`
+ corenet_dontaudit_send_zented_client_packets($1)
+ corenet_dontaudit_receive_zented_client_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to zented_client the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_zented_client_packets',`
+ gen_require(`
+ type zented_client_packet_t;
+ ')
+
+ allow $1 zented_client_packet_t:packet relabelto;
+')
+
+
+########################################
+## <summary>
+## Send zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="write" weight="10"/>
+#
+interface(`corenet_send_zented_server_packets',`
+ gen_require(`
+ type zented_server_packet_t;
+ ')
+
+ allow $1 zented_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_send_zented_server_packets',`
+ gen_require(`
+ type zented_server_packet_t;
+ ')
+
+ dontaudit $1 zented_server_packet_t:packet send;
+')
+
+########################################
+## <summary>
+## Receive zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="read" weight="10"/>
+#
+interface(`corenet_receive_zented_server_packets',`
+ gen_require(`
+ type zented_server_packet_t;
+ ')
+
+ allow $1 zented_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Do not audit attempts to receive zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_receive_zented_server_packets',`
+ gen_require(`
+ type zented_server_packet_t;
+ ')
+
+ dontaudit $1 zented_server_packet_t:packet recv;
+')
+
+########################################
+## <summary>
+## Send and receive zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+## <infoflow type="both" weight="10"/>
+#
+interface(`corenet_sendrecv_zented_server_packets',`
+ corenet_send_zented_server_packets($1)
+ corenet_receive_zented_server_packets($1)
+')
+
+########################################
+## <summary>
+## Do not audit attempts to send and receive zented_server packets.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`corenet_dontaudit_sendrecv_zented_server_packets',`
+ corenet_dontaudit_send_zented_server_packets($1)
+ corenet_dontaudit_receive_zented_server_packets($1)
+')
+
+########################################
+## <summary>
+## Relabel packets to zented_server the packet type.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`corenet_relabelto_zented_server_packets',`
+ gen_require(`
+ type zented_server_packet_t;
+ ')
+
+ allow $1 zented_server_packet_t:packet relabelto;
+')
+
+
+
+
+########################################
+## <summary>
## Send and receive TCP traffic on the zope port.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-12-08 18:21 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-12-08 18:21 UTC (permalink / raw
To: gentoo-commits
commit: d7f900e101575196f8b954e4594aeda28bc9a627
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Dec 8 18:21:12 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat Dec 8 18:21:12 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d7f900e1
Module version bump for zfs labeling
---
policy/modules/kernel/filesystem.te | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index e746ee5..9e603f5 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -1,4 +1,4 @@
-policy_module(filesystem, 1.16.1)
+policy_module(filesystem, 1.16.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-12-03 9:35 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-12-03 9:35 UTC (permalink / raw
To: gentoo-commits
commit: 4d9b87288b809ee292924727226a47ac735bc3da
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed Nov 28 21:26:27 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Dec 3 09:34:20 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=4d9b8728
Module version bump for mcs_constrained from Dominick Grift.
---
policy/modules/kernel/mcs.te | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/mcs.te b/policy/modules/kernel/mcs.te
index c608a8b..5cbeb54 100644
--- a/policy/modules/kernel/mcs.te
+++ b/policy/modules/kernel/mcs.te
@@ -1,4 +1,4 @@
-policy_module(mcs, 1.2.0)
+policy_module(mcs, 1.2.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-12-03 9:35 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-12-03 9:35 UTC (permalink / raw
To: gentoo-commits
commit: 6fa9d73b6bc377111ff9d5af4f5c538b1344fcbe
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed Nov 28 21:26:05 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Dec 3 09:34:18 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6fa9d73b
Move mcs_constrained() impementation.
---
policy/modules/kernel/mcs.if | 56 +++++++++++++++++++++---------------------
1 files changed, 28 insertions(+), 28 deletions(-)
diff --git a/policy/modules/kernel/mcs.if b/policy/modules/kernel/mcs.if
index 508e609..b08a6e8 100644
--- a/policy/modules/kernel/mcs.if
+++ b/policy/modules/kernel/mcs.if
@@ -5,6 +5,34 @@
########################################
## <summary>
+## Constrain by category access control (MCS).
+## </summary>
+## <desc>
+## <p>
+## Constrain the specified type by category based
+## access control (MCS) This prevents this domain from
+## interacting with subjects and operating on objects
+## that it otherwise would be able to interact
+## with or operate on respectively.
+## </p>
+## </desc>
+## <param name="domain">
+## <summary>
+## Type to be constrained by MCS.
+## </summary>
+## </param>
+## <infoflow type="none"/>
+#
+interface(`mcs_constrained',`
+ gen_require(`
+ attribute mcs_constrained_type;
+ ')
+
+ typeattribute $1 mcs_constrained_type;
+')
+
+########################################
+## <summary>
## This domain is allowed to read files and directories
## regardless of their MCS category set.
## </summary>
@@ -102,31 +130,3 @@ interface(`mcs_process_set_categories',`
typeattribute $1 mcssetcats;
')
-
-########################################
-## <summary>
-## Constrain by category access control (MCS).
-## </summary>
-## <desc>
-## <p>
-## Constrain the specified type by category based
-## access control (MCS) This prevents this domain from
-## interacting with subjects and operating on objects
-## that it otherwise would be able to interact
-## with or operate on respectively.
-## </p>
-## </desc>
-## <param name="domain">
-## <summary>
-## Type to be constrained by MCS.
-## </summary>
-## </param>
-## <infoflow type="none"/>
-#
-interface(`mcs_constrained',`
- gen_require(`
- attribute mcs_constrained_type;
- ')
-
- typeattribute $1 mcs_constrained_type;
-')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-11-12 21:19 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-11-12 21:19 UTC (permalink / raw
To: gentoo-commits
commit: 0d57c39de1cfc73bea6c8a8e5fa68ed34acc00db
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Mon Nov 12 21:19:05 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Mon Nov 12 21:19:05 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0d57c39d
Use etc_t instead of etc_runtime_t in the require list - thanks to feandil for noticing
---
policy/modules/kernel/files.if | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 552459b..a8663b5 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -2660,7 +2660,7 @@ interface(`files_manage_etc_dirs',`
#
interface(`files_dontaudit_read_etc_files',`
gen_require(`
- type etc_runtime_t;
+ type etc_t;
')
dontaudit $1 etc_t:file { getattr read };
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-11-10 17:40 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-11-10 17:40 UTC (permalink / raw
To: gentoo-commits
commit: b4f378f3f4e663fb7ce645c33b71c999e91414fb
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Nov 10 17:40:09 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat Nov 10 17:40:09 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b4f378f3
Bug #402667 - Add in xattr marking for ZFS file system
---
policy/modules/kernel/filesystem.te | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/filesystem.te b/policy/modules/kernel/filesystem.te
index 6bd38c8..e746ee5 100644
--- a/policy/modules/kernel/filesystem.te
+++ b/policy/modules/kernel/filesystem.te
@@ -33,6 +33,7 @@ fs_use_xattr jffs2 gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr jfs gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr lustre gen_context(system_u:object_r:fs_t,s0);
fs_use_xattr xfs gen_context(system_u:object_r:fs_t,s0);
+fs_use_xattr zfs gen_context(system_u:object_r:fs_t,s0);
# Use the allocating task SID to label inodes in the following filesystem
# types, and label the filesystem itself with the specified context.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-31 18:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-31 18:04 UTC (permalink / raw
To: gentoo-commits
commit: f6dd933120853968d7def610958d9e25e229cdf3
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Wed Oct 31 15:49:23 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Oct 31 18:01:22 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f6dd9331
Rearrange files interfaces.
---
policy/modules/kernel/files.if | 80 ++++++++++++++++++++--------------------
1 files changed, 40 insertions(+), 40 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index b1c7e5d..552459b 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6251,27 +6251,6 @@ interface(`files_dontaudit_getattr_all_pids',`
########################################
## <summary>
-## Create, read, write and delete all
-## var_run (pid) content
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain alloed access.
-## </summary>
-## </param>
-#
-interface(`files_manage_all_pids',`
- gen_require(`
- attribute pidfile;
- ')
-
- manage_dirs_pattern($1, pidfile, pidfile)
- manage_files_pattern($1, pidfile, pidfile)
- manage_lnk_files_pattern($1, pidfile, pidfile)
-')
-
-########################################
-## <summary>
## Do not audit attempts to write to daemon runtime data files.
## </summary>
## <param name="domain">
@@ -6333,25 +6312,6 @@ interface(`files_read_all_pids',`
########################################
## <summary>
-## Mount filesystems on all polyinstantiation
-## member directories.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_mounton_all_poly_members',`
- gen_require(`
- attribute polymember;
- ')
-
- allow $1 polymember:dir mounton;
-')
-
-########################################
-## <summary>
## Create PID directories.
## </summary>
## <param name="domain">
@@ -6419,6 +6379,46 @@ interface(`files_delete_all_pid_dirs',`
########################################
## <summary>
+## Create, read, write and delete all
+## var_run (pid) content
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain alloed access.
+## </summary>
+## </param>
+#
+interface(`files_manage_all_pids',`
+ gen_require(`
+ attribute pidfile;
+ ')
+
+ manage_dirs_pattern($1, pidfile, pidfile)
+ manage_files_pattern($1, pidfile, pidfile)
+ manage_lnk_files_pattern($1, pidfile, pidfile)
+')
+
+########################################
+## <summary>
+## Mount filesystems on all polyinstantiation
+## member directories.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_mounton_all_poly_members',`
+ gen_require(`
+ attribute polymember;
+ ')
+
+ allow $1 polymember:dir mounton;
+')
+
+########################################
+## <summary>
## Search the contents of generic spool
## directories (/var/spool).
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-31 18:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-31 18:04 UTC (permalink / raw
To: gentoo-commits
commit: e099120d06ab99f7210f1800b2fc1d89753ca092
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Oct 30 21:51:54 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Oct 31 17:59:30 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e099120d
Introduce files_manage_all_pids interface
This interface will be used by domains that need to manage the various pidfile
content (*_var_run_t).
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/files.if | 21 +++++++++++++++++++++
1 files changed, 21 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index a223f56..40ed96f 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -6250,6 +6250,27 @@ interface(`files_dontaudit_getattr_all_pids',`
########################################
## <summary>
+## Create, read, write and delete all
+## var_run (pid) content
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain alloed access.
+## </summary>
+## </param>
+#
+interface(`files_manage_all_pids',`
+ gen_require(`
+ attribute pidfile;
+ ')
+
+ manage_dirs_pattern($1, pidfile, pidfile)
+ manage_files_pattern($1, pidfile, pidfile)
+ manage_lnk_files_pattern($1, pidfile, pidfile)
+')
+
+########################################
+## <summary>
## Do not audit attempts to write to daemon runtime data files.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-31 18:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-31 18:04 UTC (permalink / raw
To: gentoo-commits
commit: f6525253d524b401f10e3496aaa1a08eb69ff61f
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Tue Oct 30 21:51:56 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Oct 31 17:59:34 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f6525253
Update files_manage_generic_locks with directory permissions
Currently, the files_manage_generic_locks only handles the lock files. If a
domain needs to manage both lock files and the lock directories (like specific
subdirectories in /var/lock that are not owned by a single other domain, such as
Gentoo's /var/lock/subsys location) it also needs the manage permissions on the
directory.
This is to support OpenRC's migration of /var/lock to /run/lock which otherwise
fails:
* Migrating /var/lock to /run/lock
cp: cannot create directory '/run/lock/subsys': Permission denied
rm: cannot remove '/var/lock/subsys': Permission denied
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>
---
policy/modules/kernel/files.if | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 40ed96f..b1c7e5d 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -5877,6 +5877,7 @@ interface(`files_manage_generic_locks',`
allow $1 var_t:dir search_dir_perms;
allow $1 var_lock_t:lnk_file read_lnk_file_perms;
+ manage_dirs_pattern($1, var_lock_t, var_lock_t)
manage_files_pattern($1, var_lock_t, var_lock_t)
')
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-30 20:24 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-30 20:24 UTC (permalink / raw
To: gentoo-commits
commit: a87d68a2faa0a075bb115686d31300b1ec0e9aea
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Tue Oct 30 20:11:32 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Tue Oct 30 20:21:12 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=a87d68a2
Rearrange devices interfaces.
---
policy/modules/kernel/devices.if | 16 ++++++++--------
1 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 6c92734..8d2504b 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4242,7 +4242,7 @@ interface(`dev_read_generic_usb_dev',`
########################################
## <summary>
-## Relabel generic the USB devices.
+## Read and write generic the USB devices.
## </summary>
## <param name="domain">
## <summary>
@@ -4250,17 +4250,17 @@ interface(`dev_read_generic_usb_dev',`
## </summary>
## </param>
#
-interface(`dev_relabel_generic_usb_dev',`
+interface(`dev_rw_generic_usb_dev',`
gen_require(`
- type usb_device_t;
+ type device_t, usb_device_t;
')
- relabel_chr_files_pattern($1, device_t, usb_device_t)
+ rw_chr_files_pattern($1, device_t, usb_device_t)
')
########################################
## <summary>
-## Read and write generic the USB devices.
+## Relabel generic the USB devices.
## </summary>
## <param name="domain">
## <summary>
@@ -4268,12 +4268,12 @@ interface(`dev_relabel_generic_usb_dev',`
## </summary>
## </param>
#
-interface(`dev_rw_generic_usb_dev',`
+interface(`dev_relabel_generic_usb_dev',`
gen_require(`
- type device_t, usb_device_t;
+ type usb_device_t;
')
- rw_chr_files_pattern($1, device_t, usb_device_t)
+ relabel_chr_files_pattern($1, device_t, usb_device_t)
')
########################################
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-30 20:24 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-30 20:24 UTC (permalink / raw
To: gentoo-commits
commit: 1d096aa2bd256944778188052f2aee24448b308b
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Tue Oct 30 18:39:44 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Tue Oct 30 20:17:54 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=1d096aa2
For virtd
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/devices.if | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 8276ab0..6c92734 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -4242,6 +4242,24 @@ interface(`dev_read_generic_usb_dev',`
########################################
## <summary>
+## Relabel generic the USB devices.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_relabel_generic_usb_dev',`
+ gen_require(`
+ type usb_device_t;
+ ')
+
+ relabel_chr_files_pattern($1, device_t, usb_device_t)
+')
+
+########################################
+## <summary>
## Read and write generic the USB devices.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-19 15:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-19 15:06 UTC (permalink / raw
To: gentoo-commits
commit: 19ae2cca2d144fee084ba76626f673ad86d9a3a9
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Fri Oct 19 13:18:53 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Oct 19 15:04:02 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=19ae2cca
Module version bump for kernel_stream_connect() from Dominick Grift.
---
policy/modules/kernel/kernel.te | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 8d29e0a..754e0e9 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -1,4 +1,4 @@
-policy_module(kernel, 1.16.0)
+policy_module(kernel, 1.16.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-19 15:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-19 15:06 UTC (permalink / raw
To: gentoo-commits
commit: c3ec24892e444740137b414c736b9805be5515c7
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Fri Oct 19 13:18:19 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Oct 19 15:03:59 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=c3ec2489
Move kernel_stream_connect() declaration.
---
policy/modules/kernel/kernel.if | 38 +++++++++++++++++++-------------------
1 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index 881aaa1..ee01f48 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -254,6 +254,25 @@ interface(`kernel_rw_pipes',`
########################################
## <summary>
+## Connect to kernel using a unix
+## domain stream socket.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_stream_connect',`
+ gen_require(`
+ type kernel_t;
+ ')
+
+ allow $1 kernel_t:unix_stream_socket connectto;
+')
+
+########################################
+## <summary>
## Read and write kernel unix datagram sockets.
## </summary>
## <param name="domain">
@@ -565,25 +584,6 @@ interface(`kernel_dontaudit_request_load_module',`
########################################
## <summary>
-## Connect to kernel using a unix
-## domain stream socket.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`kernel_stream_connect',`
- gen_require(`
- type kernel_t;
- ')
-
- allow $1 kernel_t:unix_stream_socket connectto;
-')
-
-########################################
-## <summary>
## Get information on all System V IPC objects.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-19 15:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-19 15:06 UTC (permalink / raw
To: gentoo-commits
commit: f9d0d35f1e596cfb361ae4b40ff970e51292a235
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Wed Oct 17 12:29:18 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Oct 19 15:03:58 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=f9d0d35f
Changes to the kernel policy module
Interface is needed by at least plymouth
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/kernel.if | 19 +++++++++++++++++++
1 files changed, 19 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index b28953e..881aaa1 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -565,6 +565,25 @@ interface(`kernel_dontaudit_request_load_module',`
########################################
## <summary>
+## Connect to kernel using a unix
+## domain stream socket.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`kernel_stream_connect',`
+ gen_require(`
+ type kernel_t;
+ ')
+
+ allow $1 kernel_t:unix_stream_socket connectto;
+')
+
+########################################
+## <summary>
## Get information on all System V IPC objects.
## </summary>
## <param name="domain">
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-19 15:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-19 15:06 UTC (permalink / raw
To: gentoo-commits
commit: 6b4086a99d297902a3b567ff26aa56f9f1c40ff9
Author: Mika Pflüger <debian <AT> mikapflueger <DOT> de>
AuthorDate: Mon Oct 15 21:31:42 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Oct 19 15:03:46 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6b4086a9
Debian locations of gvfs and kde4 libexec binaries in /usr/lib
---
policy/modules/kernel/corecommands.fc | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 96891b2..57fd2ed 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -216,7 +216,9 @@ ifdef(`distro_gentoo',`
/usr/lib/dpkg/.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/emacsen-common/.* gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gimp/.*/plug-ins(/.*)? gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/gvfs/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ipsec/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/kde4/libexec/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/mailman/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/mailman/mail(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/mediawiki/math/texvc.* gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-10 19:52 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-10 19:52 UTC (permalink / raw
To: gentoo-commits
commit: 444683c11286c9786b87e0eefa24f98d4a620d8c
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Thu Sep 27 19:46:08 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Oct 10 19:49:08 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=444683c1
Declare a cslistener port type for phpfpm
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/corenetwork.te.in | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index 3dd11e8..76f4a50 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -107,6 +107,7 @@ network_port(commplex_main, tcp,5000,s0, udp,5000,s0)
network_port(comsat, udp,512,s0)
network_port(condor, tcp,9618,s0, udp,9618,s0)
network_port(couchdb, tcp,5984,s0, udp,5984,s0)
+network_port(cslistener, tcp,9000,s0, udp,9000,s0)
network_port(ctdb, tcp,4379,s0, udp,4397,s0)
network_port(cvs, tcp,2401,s0, udp,2401,s0)
network_port(cyphesis, tcp,6767,s0, tcp,6769,s0, tcp,6780-6799,s0, udp,32771,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-04 17:36 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-04 17:36 UTC (permalink / raw
To: gentoo-commits
commit: 150d310916e7605f76040a31ad26f8658a46428b
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Sun Sep 23 15:15:40 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Oct 4 17:33:52 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=150d3109
Implement files_create_all_files_as() for cachefilesd
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/files.if | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 6b7cc92..78360f0 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1182,6 +1182,24 @@ interface(`files_list_all',`
########################################
## <summary>
+## Create all files as is.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`files_create_all_files_as',`
+ gen_require(`
+ attribute file_type;
+ ')
+
+ allow $1 file_type:kernel_service create_files_as;
+')
+
+########################################
+## <summary>
## Do not audit attempts to search the
## contents of any directories on extended
## attribute filesystems.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-04 17:36 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-04 17:36 UTC (permalink / raw
To: gentoo-commits
commit: 18beeb25a6f3956c339af1a0c888239a9cadc380
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Oct 4 12:24:57 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Oct 4 17:33:55 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=18beeb25
Rename cachefiles_dev_t to cachefiles_device_t.
---
policy/modules/kernel/devices.fc | 2 +-
policy/modules/kernel/devices.if | 4 ++--
policy/modules/kernel/devices.te | 4 ++--
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index ddbfa12..b31c054 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -17,7 +17,7 @@
/dev/autofs.* -c gen_context(system_u:object_r:autofs_device_t,s0)
/dev/beep -c gen_context(system_u:object_r:sound_device_t,s0)
/dev/btrfs-control -c gen_context(system_u:object_r:lvm_control_t,s0)
-/dev/cachefiles -c gen_context(system_u:object_r:cachefiles_dev_t,s0)
+/dev/cachefiles -c gen_context(system_u:object_r:cachefiles_device_t,s0)
/dev/controlD64 -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
/dev/crash -c gen_context(system_u:object_r:crash_device_t,mls_systemhigh)
/dev/dahdi/.* -c gen_context(system_u:object_r:sound_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 1a3c036..8276ab0 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -1590,10 +1590,10 @@ interface(`dev_relabel_autofs_dev',`
#
interface(`dev_rw_cachefiles',`
gen_require(`
- type device_t, cachefiles_dev_t;
+ type device_t, cachefiles_device_t;
')
- rw_chr_files_pattern($1, device_t, cachefiles_dev_t)
+ rw_chr_files_pattern($1, device_t, cachefiles_device_t)
')
########################################
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 52519e3..61c30aa 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -43,8 +43,8 @@ type cardmgr_dev_t;
dev_node(cardmgr_dev_t)
files_tmp_file(cardmgr_dev_t)
-type cachefiles_dev_t;
-dev_node(cachefiles_dev_t)
+type cachefiles_device_t;
+dev_node(cachefiles_device_t)
#
# clock_device_t is the type of
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-04 17:36 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-04 17:36 UTC (permalink / raw
To: gentoo-commits
commit: 626234c405250d8e3c1125ad52904d8d96041033
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Thu Oct 4 12:25:19 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Oct 4 17:33:58 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=626234c4
Module version bump for cachefiles core support.
---
policy/modules/kernel/devices.te | 2 +-
policy/modules/kernel/files.te | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 61c30aa..8357a00 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.14.3)
+policy_module(devices, 1.14.4)
########################################
#
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 1f89fe2..8246d84 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.17.2)
+policy_module(files, 1.17.3)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-10-04 17:36 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-10-04 17:36 UTC (permalink / raw
To: gentoo-commits
commit: aa614c1513bf59c3945b2e1629567da030080008
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Sun Sep 23 15:15:39 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Oct 4 17:33:49 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=aa614c15
Declare a cachfiles device node type
Used by kernel to communicate with user space (cachefilesd)
Label the character file accordingly
Create a dev_rw_cachefiles_dev() for cachefilesd
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.if | 19 +++++++++++++++++++
policy/modules/kernel/devices.te | 3 +++
3 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 5214c08..ddbfa12 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -17,6 +17,7 @@
/dev/autofs.* -c gen_context(system_u:object_r:autofs_device_t,s0)
/dev/beep -c gen_context(system_u:object_r:sound_device_t,s0)
/dev/btrfs-control -c gen_context(system_u:object_r:lvm_control_t,s0)
+/dev/cachefiles -c gen_context(system_u:object_r:cachefiles_dev_t,s0)
/dev/controlD64 -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
/dev/crash -c gen_context(system_u:object_r:crash_device_t,mls_systemhigh)
/dev/dahdi/.* -c gen_context(system_u:object_r:sound_device_t,s0)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 399ceaf..1a3c036 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -1579,6 +1579,25 @@ interface(`dev_relabel_autofs_dev',`
########################################
## <summary>
+## Read and write cachefiles character
+## device nodes.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`dev_rw_cachefiles',`
+ gen_require(`
+ type device_t, cachefiles_dev_t;
+ ')
+
+ rw_chr_files_pattern($1, device_t, cachefiles_dev_t)
+')
+
+########################################
+## <summary>
## Read and write the PCMCIA card manager device.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 108b68b..52519e3 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -43,6 +43,9 @@ type cardmgr_dev_t;
dev_node(cardmgr_dev_t)
files_tmp_file(cardmgr_dev_t)
+type cachefiles_dev_t;
+dev_node(cachefiles_dev_t)
+
#
# clock_device_t is the type of
# /dev/rtc.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-09-28 17:57 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-09-28 17:57 UTC (permalink / raw
To: gentoo-commits
commit: efa503e226b18c13da9f213a3d946cb7e10989dc
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com>
AuthorDate: Mon Sep 10 15:12:33 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Sep 28 17:50:58 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=efa503e2
Declare port types for ports used by Fedora but use /etc/services for port names rather than using fedora port names. If /etc/services does not have a port name for a port used by Fedora, skip for now.
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/corenetwork.te.in | 55 +++++++++++++++++++++++++++---
1 files changed, 49 insertions(+), 6 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index fe2ee5e..a0fa1ac 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -78,6 +78,7 @@ network_port(afs_fs, tcp,2040,s0, udp,7000,s0, udp,7005,s0)
network_port(afs_ka, udp,7004,s0)
network_port(afs_pt, udp,7002,s0)
network_port(afs_vl, udp,7003,s0)
+network_port(afs3_callback, tcp,7001,s0, udp,7001,s0)
network_port(agentx, udp,705,s0, tcp,705,s0)
network_port(amanda, udp,10080-10082,s0, tcp,10080-10083,s0)
network_port(amavisd_recv, tcp,10024,s0)
@@ -85,19 +86,28 @@ network_port(amavisd_send, tcp,10025,s0)
network_port(amqp, udp,5671-5672,s0, tcp,5671-5672,s0)
network_port(aol, udp,5190-5193,s0, tcp,5190-5193,s0)
network_port(apcupsd, tcp,3551,s0, udp,3551,s0)
+network_port(apertus_ldp, tcp,539,s0, udp,539,s0)
+network_port(armtechdaemon, tcp,9292,s0, udp,9292,s0)
network_port(asterisk, tcp,1720,s0, udp,2427,s0, udp,2727,s0, udp,4569,s0)
network_port(audit, tcp,60,s0)
network_port(auth, tcp,113,s0)
network_port(bgp, tcp,179,s0, udp,179,s0, tcp,2605,s0, udp,2605,s0)
network_port(boinc, tcp,31416,s0)
+network_port(boinc_client, tcp,1043,s0, udp,1034,s0)
network_port(biff) # no defined portcon
network_port(certmaster, tcp,51235,s0)
network_port(chronyd, udp,323,s0)
network_port(clamd, tcp,3310,s0)
network_port(clockspeed, udp,4041,s0)
network_port(cluster, tcp,5149,s0, udp,5149,s0, tcp,40040,s0, tcp,50006-50008,s0, udp,50006-50008,s0)
+network_port(cma, tcp,1050,s0, udp,1050,s0)
network_port(cobbler, tcp,25151,s0)
+network_port(commplex_link, tcp,5001,s0, udp,5001,s0)
+network_port(commplex_main, tcp,5000,s0, udp,5000,s0)
network_port(comsat, udp,512,s0)
+network_port(condor, tcp,9618,s0, udp,9618,s0)
+network_port(couchdb, tcp,5984,s0, udp,5984,s0)
+network_port(ctdb, tcp,4379,s0, udp,4397,s0)
network_port(cvs, tcp,2401,s0, udp,2401,s0)
network_port(cyphesis, tcp,6767,s0, tcp,6769,s0, tcp,6780-6799,s0, udp,32771,s0)
network_port(daap, tcp,3689,s0, udp,3689,s0)
@@ -108,12 +118,16 @@ network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0)
network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0, tcp,647,s0, udp,647,s0, tcp,847,s0, udp,847,s0, tcp,7911,s0)
network_port(dict, tcp,2628,s0)
network_port(distccd, tcp,3632,s0)
-network_port(dns, udp,53,s0, tcp,53,s0)
+network_port(dns, tcp,53,s0, udp,53,s0)
+network_port(efs, tcp,520,s0)
+network_port(embrace_dp_c, tcp,3198,s0, udp,3198,s0)
network_port(epmap, tcp,135,s0, udp,135,s0)
+network_port(epmd, tcp,4369,s0, udp,4369,s0)
network_port(fingerd, tcp,79,s0)
network_port(ftp, tcp,21,s0, tcp,990,s0, udp,990,s0)
network_port(ftp_data, tcp,20,s0)
network_port(gatekeeper, udp,1718,s0, udp,1719,s0, tcp,1721,s0, tcp,7000,s0)
+network_port(gds_db, tcp,3050,s0, udp,3050,s0)
network_port(giftd, tcp,1213,s0)
network_port(git, tcp,9418,s0, udp,9418,s0)
network_port(glance_registry, tcp,9191,s0, udp,9191,s0)
@@ -123,13 +137,15 @@ network_port(hadoop_datanode, tcp,50010,s0)
network_port(hadoop_namenode, tcp,8020,s0)
network_port(hddtemp, tcp,7634,s0)
network_port(howl, tcp,5335,s0, udp,5353,s0)
-network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0, tcp,9292,s0)
+network_port(hplip, tcp,1782,s0, tcp,2207,s0, tcp,2208,s0, tcp, 8290,s0, tcp,50000,s0, tcp,50002,s0, tcp,8292,s0, tcp,9100,s0, tcp,9101,s0, tcp,9102,s0, tcp,9220,s0, tcp,9221,s0, tcp,9222,s0, tcp,9280,s0, tcp,9281,s0, tcp,9282,s0, tcp,9290,s0, tcp,9291,s0)
network_port(http, tcp,80,s0, tcp,443,s0, tcp,488,s0, tcp,8008,s0, tcp,8009,s0, tcp,8443,s0) #8443 is mod_nss default port
network_port(http_cache, tcp,3128,s0, udp,3130,s0, tcp,8080,s0, tcp,8118,s0, tcp,10001-10010,s0) # 8118 is for privoxy
network_port(i18n_input, tcp,9010,s0)
network_port(imaze, tcp,5323,s0, udp,5323,s0)
network_port(inetd_child, tcp,1,s0, udp,1,s0, tcp,7,s0, udp,7,s0, tcp,9,s0, udp,9,s0, tcp,13,s0, udp,13,s0, tcp,19,s0, udp,19,s0, tcp,37,s0, udp,37,s0, tcp,512,s0, tcp,543,s0, tcp,544,s0, tcp,891,s0, udp,891,s0, tcp,892,s0, udp,892,s0, tcp,2105,s0, tcp,5666,s0)
network_port(innd, tcp,119,s0)
+network_port(interwise, tcp,7778,s0, udp,7778,s0)
+network_port(ionixnetmon, tcp,7410,s0, udp,7410,s0)
network_port(ipmi, udp,623,s0, udp,664,s0)
network_port(ipp, tcp,631,s0, udp,631,s0, tcp,8610-8614,s0, udp,8610-8614,s0)
network_port(ipsecnat, tcp,4500,s0, udp,4500,s0)
@@ -139,12 +155,14 @@ network_port(iscsi, tcp,3260,s0)
network_port(isns, tcp,3205,s0, udp,3205,s0)
network_port(jabber_client, tcp,5222,s0, tcp,5223,s0)
network_port(jabber_interserver, tcp,5269,s0)
+network_port(jboss_iiop, tcp,3528,s0, udp,3528,s0)
network_port(kerberos, tcp,88,s0, udp,88,s0, tcp,750,s0, udp,750,s0)
network_port(kerberos_admin, tcp,464,s0, udp,464,s0, tcp,749,s0)
network_port(kerberos_master, tcp,4444,s0, udp,4444,s0)
network_port(kismet, tcp,2501,s0)
network_port(kprop, tcp,754,s0)
network_port(ktalkd, udp,517,s0, udp,518,s0)
+network_port(l2tp, tcp,1701,s0, udp,1701,s0)
network_port(ldap, tcp,389,s0, udp,389,s0, tcp,636,s0, udp,636,s0, tcp,3268,s0)
network_port(lirc, tcp,8765,s0)
network_port(lmtp, tcp,24,s0, udp,24,s0)
@@ -155,30 +173,42 @@ network_port(memcache, tcp,11211,s0, udp,11211,s0)
network_port(milter) # no defined portcon
network_port(mmcc, tcp,5050,s0, udp,5050,s0)
network_port(monopd, tcp,1234,s0)
+network_port(mountd, tcp,20048,s0, udp,20048,s0)
+network_port(movaz_ssc, tcp,5252,s0, udp,5252,s0)
network_port(mpd, tcp,6600,s0)
+network_port(msgsrvr, tcp,8787,s0, udp,8787,s0)
network_port(msnp, tcp,1863,s0, udp,1863,s0)
network_port(mssql, tcp,1433-1434,s0, udp,1433-1434,s0)
+network_port(ms_streaming, tcp,1755,s0, udp,1755,s0)
network_port(munin, tcp,4949,s0, udp,4949,s0)
+network_port(mxi, tcp,8005,s0, udp,8005,s0)
network_port(mysqld, tcp,1186,s0, tcp,3306,s0, tcp,63132-63164,s0)
network_port(mysqlmanagerd, tcp,2273,s0)
network_port(nessus, tcp,1241,s0)
network_port(netport, tcp,3129,s0, udp,3129,s0)
network_port(netsupport, tcp,5404,s0, udp,5404,s0, tcp,5405,s0, udp,5405,s0)
+network_port(nfs, tcp,2049,s0, udp,2049,s0)
+network_port(nfsrdma, tcp,20049,s0, udp,20049,s0)
network_port(nmbd, udp,137,s0, udp,138,s0)
network_port(ntop, tcp,3000-3001,s0, udp,3000-3001,s0)
network_port(ntp, udp,123,s0)
+network_port(oa_system, tcp,8022,s0, udp,8022,s0)
network_port(oracledb, tcp, 1521,s0,udp, 1521,s0, tcp,2483,s0,udp,2483,s0, tcp,2484,s0, udp,2484,s0)
network_port(ocsp, tcp,9080,s0)
+network_port(openhpid, tcp,4743,s0, udp,4743,s0)
network_port(openvpn, tcp,1194,s0, udp,1194,s0)
+network_port(pdps, tcp,1314,s0, udp,1314,s0)
network_port(pegasus_http, tcp,5988,s0)
network_port(pegasus_https, tcp,5989,s0)
network_port(pgpkeyserver, udp, 11371,s0, tcp,11371,s0)
network_port(pingd, tcp,9125,s0)
+network_port(pktcable_cops, tcp,2126,s0, udp,2126,s0)
network_port(pop, tcp,106,s0, tcp,109,s0, tcp,110,s0, tcp,143,s0, tcp,220,s0, tcp,993,s0, tcp,995,s0, tcp,1109,s0)
network_port(portmap, udp,111,s0, tcp,111,s0)
network_port(postfix_policyd, tcp,10031,s0)
network_port(postgresql, tcp,5432,s0)
network_port(postgrey, tcp,60000,s0)
+network_port(pptp, tcp,1723,s0, udp,1723,s0)
network_port(prelude, tcp,4690,s0, udp,4690,s0)
network_port(presence, tcp,5298-5299,s0, udp,5298-5299,s0)
network_port(printer, tcp,515,s0)
@@ -195,42 +225,54 @@ network_port(repository, tcp, 6363, s0)
network_port(ricci, tcp,11111,s0, udp,11111,s0)
network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
network_port(rlogind, tcp,513,s0)
-network_port(rndc, tcp,953,s0)
+network_port(rndc, tcp,953,s0, udp,953,s0)
network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
network_port(rsh, tcp,514,s0)
network_port(rsync, tcp,873,s0, udp,873,s0)
+network_port(rtsp, tcp,554,s0, udp,554,s0)
network_port(rwho, udp,513,s0)
network_port(sap, tcp,9875,s0, udp,9875,s0)
+network_port(servistaitsm, tcp,3636,s0, udp,3636,s0)
network_port(sieve, tcp,4190,s0)
network_port(sip, tcp,5060,s0, udp,5060,s0, tcp,5061,s0, udp,5061,s0)
network_port(sixxsconfig, tcp,3874,s0, udp,3874,s0)
network_port(smbd, tcp,137-139,s0, tcp,445,s0)
network_port(smtp, tcp,25,s0, tcp,465,s0, tcp,587,s0)
-network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0, tcp, 1161, s0)
+network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0, tcp,1161,s0)
network_port(socks) # no defined portcon
network_port(soundd, tcp,8000,s0, tcp,9433,s0, tcp, 16001, s0)
network_port(spamd, tcp,783,s0)
network_port(speech, tcp,8036,s0)
network_port(squid, udp,3401,s0, tcp,3401,s0, udp,4827,s0, tcp,4827,s0) # snmp and htcp
+network_port(ssdp, tcp,1900,s0, udp,1900,s0)
network_port(ssh, tcp,22,s0)
network_port(stunnel) # no defined portcon
+network_port(svn, tcp,3690,s0, udp,3690,s0)
network_port(swat, tcp,901,s0)
+network_port(sype_transport, tcp,9911,s0, udp,9911,s0)
network_port(syslogd, udp,514,s0)
+network_port(syslog_tls, tcp,6514,s0, udp,6514,s0)
network_port(tcs, tcp, 30003, s0)
network_port(telnetd, tcp,23,s0)
network_port(tftp, udp,69,s0)
-network_port(tor, tcp, 6969, s0, tcp,9001,s0, tcp,9030,s0, tcp,9050,s0, tcp,9051,s0)
+network_port(tor, tcp,6969,s0, tcp,9001,s0, tcp,9030,s0, tcp,9050,s0, tcp,9051,s0)
network_port(traceroute, udp,64000-64010,s0)
network_port(transproxy, tcp,8081,s0)
+network_port(trisoap, tcp,10200,s0, udp,10200,s0)
network_port(ups, tcp,3493,s0)
network_port(utcpserver) # no defined portcon
network_port(uucpd, tcp,540,s0)
network_port(varnishd, tcp,6081-6082,s0)
network_port(virt, tcp,16509,s0, udp,16509,s0, tcp,16514,s0, udp,16514,s0)
+network_port(virtual_places, tcp,1533,s0, udp,1533,s0)
network_port(virt_migration, tcp,49152-49216,s0)
network_port(vnc, tcp,5900,s0)
network_port(wccp, udp,2048,s0)
-network_port(whois, tcp,43,s0, udp,43,s0, tcp, 4321, s0 , udp, 4321, s0 )
+network_port(websm, tcp,9090,s0, udp,9090,s0)
+network_port(whois, tcp,43,s0, udp,43,s0, tcp,4321,s0, udp,4321,s0)
+network_port(winshadow, tcp,3161,s0, udp,3261,s0)
+network_port(wsdapi, tcp,5357,s0, udp,5357,s0)
+network_port(wsicopy, tcp,3378,s0, udp,3378,s0)
network_port(xdmcp, udp,177,s0, tcp,177,s0)
network_port(xen, tcp,8002,s0)
network_port(xfs, tcp,7100,s0)
@@ -242,6 +284,7 @@ network_port(zookeeper_client, tcp,2181,s0)
network_port(zookeeper_election, tcp,3888,s0)
network_port(zookeeper_leader, tcp,2888,s0)
network_port(zebra, tcp,2600-2604,s0, tcp,2606,s0, udp,2600-2604,s0, udp,2606,s0)
+network_port(zented, tcp,1229,s0, udp,1229,s0)
network_port(zope, tcp,8021,s0)
# Defaults for reserved ports. Earlier portcon entries take precedence;
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-09-28 17:57 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-09-28 17:57 UTC (permalink / raw
To: gentoo-commits
commit: 7b6c9a63c42f43057fc74742bacbf6a5408424cb
Author: Chris PeBenito <cpebenito <AT> tresys <DOT> com>
AuthorDate: Mon Sep 17 14:30:26 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Sep 28 17:51:05 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=7b6c9a63
Module version bump for ports update from Dominick Grift.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index a0fa1ac..a15f0a9 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -1,4 +1,4 @@
-policy_module(corenetwork, 1.18.0)
+policy_module(corenetwork, 1.18.1)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-09-28 17:57 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-09-28 17:57 UTC (permalink / raw
To: gentoo-commits
commit: d91c34c15cb4e12534b41ac888991dec59b3a324
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be>
AuthorDate: Mon Sep 10 16:11:14 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Sep 28 17:54:31 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=d91c34c1
Add Debian location for udisks helpers
---
policy/modules/kernel/corecommands.fc | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 2596ca3..96891b2 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -323,6 +323,7 @@ ifdef(`distro_gentoo',`
ifdef(`distro_debian',`
/usr/lib/ConsoleKit/.* -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/gdm3/.* -- gen_context(system_u:object_r:bin_t,s0)
+/usr/lib/udisks/.* -- gen_context(system_u:object_r:bin_t,s0)
')
ifdef(`distro_gentoo', `
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-09-08 17:30 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-09-08 17:30 UTC (permalink / raw
To: gentoo-commits
commit: 05ac9f232b24d57b3ac501b1ff627f3399639359
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat Sep 8 15:53:07 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat Sep 8 15:53:07 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=05ac9f23
Declare a loop control device node type and label /dev/loop-control accordingly
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.te | 5 ++++-
2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 84e7337..5214c08 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -57,6 +57,7 @@
/dev/lirc[0-9]+ -c gen_context(system_u:object_r:lirc_device_t,s0)
/dev/lircm -c gen_context(system_u:object_r:mouse_device_t,s0)
/dev/logibm -c gen_context(system_u:object_r:mouse_device_t,s0)
+/dev/loop-control -c gen_context(system_u:object_r:loop_control_device_t,s0)
/dev/lp.* -c gen_context(system_u:object_r:printer_device_t,s0)
/dev/mcelog -c gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
/dev/mei -c gen_context(system_u:object_r:mei_device_t,s0)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 17e0915..108b68b 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.14.2)
+policy_module(devices, 1.14.3)
########################################
#
@@ -115,6 +115,9 @@ dev_node(kvm_device_t)
type lirc_device_t;
dev_node(lirc_device_t)
+type loop_control_device_t;
+dev_node(loop_control_device_t)
+
#
# Type for /dev/mapper/control
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-08-29 18:48 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-08-29 18:48 UTC (permalink / raw
To: gentoo-commits
commit: 92db564a8296c2db25db7acdcc7d8fe9940c963f
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 29 18:03:05 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Aug 29 18:03:05 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=92db564a
Merge with refpolicy / add lost+found filesystem labels to support NSA security guidelines from Guido Trentalancia
---
policy/modules/kernel/files.fc | 6 ++++++
policy/modules/kernel/files.te | 2 +-
2 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index dd95387..554f157 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -243,6 +243,12 @@ ifndef(`distro_redhat',`
/var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0)
+/var/log/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
+/var/log/lost\+found/.* <<none>>
+
+/var/log/audit/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
+/var/log/audit/lost\+found/.* <<none>>
+
/var/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/lost\+found/.* <<none>>
diff --git a/policy/modules/kernel/files.te b/policy/modules/kernel/files.te
index 52ef84e..1f89fe2 100644
--- a/policy/modules/kernel/files.te
+++ b/policy/modules/kernel/files.te
@@ -1,4 +1,4 @@
-policy_module(files, 1.17.0)
+policy_module(files, 1.17.2)
########################################
#
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-08-28 17:28 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-08-28 17:28 UTC (permalink / raw
To: gentoo-commits
commit: 192d62b2cb238dbb5c3f61220e94bfac3ec772d0
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 24 16:38:16 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Aug 24 16:38:16 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=192d62b2
Backport potential typos in device contexts
---
policy/modules/kernel/devices.fc | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 297e250..84e7337 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -126,8 +126,8 @@ ifdef(`distro_suse', `
/dev/vrtpanel -c gen_context(system_u:object_r:mouse_device_t,s0)
/dev/vttuner -c gen_context(system_u:object_r:v4l_device_t,s0)
/dev/vtx.* -c gen_context(system_u:object_r:v4l_device_t,s0)
-/dev/watchdog -c gen_context(system_u:object_r:watchdog_device_t,s0)
-/dev/winradio. -c gen_context(system_u:object_r:v4l_device_t,s0)
+/dev/watchdog.* -c gen_context(system_u:object_r:watchdog_device_t,s0)
+/dev/winradio.* -c gen_context(system_u:object_r:v4l_device_t,s0)
/dev/z90crypt -c gen_context(system_u:object_r:crypt_device_t,s0)
/dev/zero -c gen_context(system_u:object_r:zero_device_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-08-28 17:28 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-08-28 17:28 UTC (permalink / raw
To: gentoo-commits
commit: 3b9033ffba1283a75ae990d26ee68bf3a9fcbc0d
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 24 16:58:43 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Aug 24 16:58:43 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=3b9033ff
Mark /etc/env.d as runtime etc file
The /etc/env.d location held the use of etc_runtime_t for files. However,
gcc-config creates symbolic links within (/etc/env.d/gcc) and only holds the
rights to manipulate etc_runtime_t.
Although not purely runtime information (as in /etc/mtab related information),
it is more dynamic than regular /etc files (etc_t), so marking as such.
---
policy/modules/kernel/files.fc | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/files.fc b/policy/modules/kernel/files.fc
index 1975fc4..dd95387 100644
--- a/policy/modules/kernel/files.fc
+++ b/policy/modules/kernel/files.fc
@@ -75,7 +75,7 @@ ifdef(`distro_suse',`
ifdef(`distro_gentoo', `
/etc/profile\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
/etc/csh\.env -- gen_context(system_u:object_r:etc_runtime_t,s0)
-/etc/env\.d/.* -- gen_context(system_u:object_r:etc_runtime_t,s0)
+/etc/env\.d(/.*)? gen_context(system_u:object_r:etc_runtime_t,s0)
')
ifdef(`distro_redhat',`
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-08-28 17:28 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-08-28 17:28 UTC (permalink / raw
To: gentoo-commits
commit: fec9076c9737065e1086229ba4e5eac65a0458fd
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 24 16:34:30 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Aug 24 16:34:30 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=fec9076c
Backport Intel Active Management Technology support
Intel® Active Management Technology
Intel® AMT Linux support includes two components that allow interaction
between the Intel® AMT FW and the Linux OS: Intel® MEI (Intel® Management Engine Interface)
driver and LMS (Local Management Service) driver. Intel® MEI driver
allows application to communicate with the FW using host interface,
and LMS driver allows applications to access the Intel® AMT FW via the
local Intel® Management Engine Interface (Intel® MEI).
In addition, Intel has validated a kernel patch to enable
IDE-redirection. This is a community maintained patch, but Intel is
distributing the version used in the validation of the other Intel® AMT
components released here:
http://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers/
Declare a mei_device_t device node tyoe and label /dev/mei accordingly.
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com>
---
policy/modules/kernel/devices.fc | 1 +
policy/modules/kernel/devices.te | 5 ++++-
2 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index 02b7ac1..297e250 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -59,6 +59,7 @@
/dev/logibm -c gen_context(system_u:object_r:mouse_device_t,s0)
/dev/lp.* -c gen_context(system_u:object_r:printer_device_t,s0)
/dev/mcelog -c gen_context(system_u:object_r:kmsg_device_t,mls_systemhigh)
+/dev/mei -c gen_context(system_u:object_r:mei_device_t,s0)
/dev/mem -c gen_context(system_u:object_r:memory_device_t,mls_systemhigh)
/dev/mergemem -c gen_context(system_u:object_r:memory_device_t,mls_systemhigh)
/dev/mga_vid.* -c gen_context(system_u:object_r:xserver_misc_device_t,s0)
diff --git a/policy/modules/kernel/devices.te b/policy/modules/kernel/devices.te
index 06eda45..17e0915 100644
--- a/policy/modules/kernel/devices.te
+++ b/policy/modules/kernel/devices.te
@@ -1,4 +1,4 @@
-policy_module(devices, 1.14.0)
+policy_module(devices, 1.14.2)
########################################
#
@@ -121,6 +121,9 @@ dev_node(lirc_device_t)
type lvm_control_t;
dev_node(lvm_control_t)
+type mei_device_t;
+dev_node(mei_device_t)
+
#
# memory_device_t is the type of /dev/kmem,
# /dev/mem and /dev/port.
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-08-15 13:04 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-08-15 13:04 UTC (permalink / raw
To: gentoo-commits
commit: 15989d0dd38a6bbb7a69794846e92626e1a08e80
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed Aug 15 13:01:18 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed Aug 15 13:01:18 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=15989d0d
Introduce interface to dontaudit getattr on tmpfs file systems
---
policy/modules/kernel/filesystem.if | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
index 7c6b791..d7207dd 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -3815,6 +3815,24 @@ interface(`fs_unmount_tmpfs',`
########################################
## <summary>
+## Do not audit getting the attributes of a tmpfs filesystem
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit
+## </summary>
+## </param>
+#
+interface(`fs_dontaudit_getattr_tmpfs',`
+ gen_require(`
+ type tmpfs_t;
+ ')
+
+ dontaudit $1 tmpfs_t:filesystem getattr;
+')
+
+########################################
+## <summary>
## Get the attributes of a tmpfs
## filesystem.
## </summary>
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-05-26 17:06 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-05-26 17:06 UTC (permalink / raw
To: gentoo-commits
commit: 8fa1dacb48538779f0ca3f95f883ea7c3882d0ab
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Sat May 26 17:06:08 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Sat May 26 17:06:08 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=8fa1dacb
Allow kdevtmpfs to setattr on device files
---
policy/modules/kernel/devices.if | 19 +++++++++++++++++++
policy/modules/kernel/kernel.te | 1 +
2 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 5f341b0..9b389a6 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -588,6 +588,25 @@ interface(`dev_dontaudit_setattr_generic_chr_files',`
########################################
## <summary>
+## Setattr for generic character device files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## </summary>
+## </param>
+#
+interface(`dev_setattr_generic_chr_files',`
+ gen_require(`
+ type device_t;
+ ')
+
+ allow $1 device_t:chr_file setattr;
+')
+
+
+########################################
+## <summary>
## Read generic character device files.
## </summary>
## <param name="domain">
diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index b689316..1fd114e 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -254,6 +254,7 @@ dev_delete_generic_dirs(kernel_t)
dev_create_generic_blk_files(kernel_t)
dev_delete_generic_blk_files(kernel_t)
dev_create_generic_chr_files(kernel_t)
+dev_setattr_generic_chr_files(kernel_t)
dev_delete_generic_chr_files(kernel_t)
dev_mounton(kernel_t)
^ permalink raw reply related [flat|nested] 268+ messages in thread
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
@ 2012-05-16 18:34 Sven Vermeulen
0 siblings, 0 replies; 268+ messages in thread
From: Sven Vermeulen @ 2012-05-16 18:34 UTC (permalink / raw
To: gentoo-commits
commit: b4e442ce3eb057501c065415a05377cb78cecd7e
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Wed May 16 06:50:13 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Wed May 16 06:50:13 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b4e442ce
Remove duplicate context definition
---
policy/modules/kernel/corecommands.fc | 1 -
1 files changed, 0 insertions(+), 1 deletions(-)
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index 4d8b96b..b69af4d 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -200,7 +200,6 @@ ifdef(`distro_gentoo',`
/usr/lib/pgsql/test/regress/.*\.sh -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/qt.*/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/wicd/monitor\.py -- gen_context(system_u:object_r:bin_t, s0)
-/usr/lib/[^/]*firefox[^/]*/firefox -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/apt/methods.+ -- gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ConsoleKit/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
/usr/lib/ConsoleKit/run-session.d(/.*)? gen_context(system_u:object_r:bin_t,s0)
^ permalink raw reply related [flat|nested] 268+ messages in thread
end of thread, other threads:[~2024-09-22 0:03 UTC | newest]
Thread overview: 268+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-23 18:36 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/ Jason Zaman
-- strict thread matches above, loose matches on Subject: below --
2024-09-22 0:03 Jason Zaman
2024-03-01 19:56 Kenton Groombridge
2024-03-01 19:56 Kenton Groombridge
2023-02-13 15:35 Kenton Groombridge
2023-02-13 15:35 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-09-03 19:54 Jason Zaman
2022-02-07 2:14 Jason Zaman
2022-01-30 1:22 Jason Zaman
2021-11-21 23:02 Jason Zaman
2021-11-21 19:33 Jason Zaman
2021-11-21 3:00 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-09-05 16:00 Jason Zaman
2021-09-05 16:00 Jason Zaman
2021-04-03 3:10 Jason Zaman
2021-04-03 3:10 Jason Zaman
2021-04-03 3:10 Jason Zaman
2021-04-03 3:10 Jason Zaman
2021-04-03 3:10 Jason Zaman
2021-03-21 22:10 Jason Zaman
2021-03-21 22:10 Jason Zaman
2021-01-11 1:27 Jason Zaman
2021-01-11 1:27 Jason Zaman
2020-10-13 3:02 Jason Zaman
2020-02-15 7:33 Jason Zaman
2019-07-13 7:01 Jason Zaman
2019-07-13 7:01 Jason Zaman
2019-03-26 10:17 Jason Zaman
2019-03-26 10:17 Jason Zaman
2019-02-10 6:18 Jason Zaman
2019-02-10 4:14 Jason Zaman
2019-02-10 4:14 Jason Zaman
2019-02-10 4:14 Jason Zaman
2018-09-11 9:06 Jason Zaman
2018-09-11 9:06 Jason Zaman
2018-07-12 14:37 Jason Zaman
2018-06-09 5:24 Jason Zaman
2018-01-18 16:37 Sven Vermeulen
2018-01-18 16:37 Sven Vermeulen
2017-12-14 5:15 Jason Zaman
2017-12-12 7:59 Jason Zaman
2017-11-05 8:01 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-09-09 2:43 Jason Zaman
2017-09-09 2:43 Jason Zaman
2017-09-09 2:43 Jason Zaman
2017-09-09 2:43 Jason Zaman
2017-06-05 17:34 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-05-18 17:03 Sven Vermeulen
2017-05-07 16:09 Jason Zaman
2017-03-30 17:06 Jason Zaman
2017-03-02 10:17 Sven Vermeulen
2017-03-02 10:17 Sven Vermeulen
2017-03-02 10:17 Sven Vermeulen
2017-02-27 11:40 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-27 10:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-21 7:11 Jason Zaman
2017-02-21 7:11 Jason Zaman
2017-02-17 8:44 Jason Zaman
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-01 16:44 Jason Zaman
2017-01-01 16:37 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-01-01 16:36 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-01-01 16:36 Jason Zaman
2017-01-01 16:36 Jason Zaman
2016-12-08 4:47 Jason Zaman
2016-12-08 4:47 Jason Zaman
2016-12-06 12:26 Jason Zaman
2016-08-31 16:38 Jason Zaman
2016-08-31 16:38 Jason Zaman
2016-08-13 18:35 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-07-31 10:40 Sven Vermeulen
2016-07-31 10:40 Sven Vermeulen
2016-07-03 11:34 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-07-03 11:34 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-06-23 15:59 Jason Zaman
2016-06-02 6:32 Jason Zaman
2016-06-02 6:32 Jason Zaman
2016-05-13 5:37 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-02-12 3:51 Jason Zaman
2016-02-12 3:51 Jason Zaman
2016-02-12 3:51 Jason Zaman
2016-02-12 3:51 Jason Zaman
2016-02-12 3:51 Jason Zaman
2016-01-30 17:21 Jason Zaman
2016-01-30 17:21 Jason Zaman
2016-01-30 17:21 Jason Zaman
2015-12-17 18:49 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 16:10 Jason Zaman
2015-12-17 16:10 Jason Zaman
2015-10-14 18:36 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-13 14:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-11 10:48 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-09-20 7:00 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-09-20 7:00 Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 18:58 Jason Zaman
2015-07-13 17:35 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2015-07-13 17:42 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-06-07 9:31 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-06-09 10:52 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-05-30 16:15 Jason Zaman
2015-05-22 19:32 Jason Zaman
2015-05-22 19:32 Jason Zaman
2015-03-05 13:15 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-03-04 19:34 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-03-04 15:35 Sven Vermeulen
2015-03-04 15:20 Sven Vermeulen
2015-02-15 18:36 Sven Vermeulen
2015-02-15 17:39 Sven Vermeulen
2015-01-25 13:46 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-01-25 13:45 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-01-25 13:45 Sven Vermeulen
2014-12-15 18:52 Sven Vermeulen
2014-12-15 18:40 Sven Vermeulen
2014-11-28 10:04 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2014-11-22 18:24 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-11-22 18:24 Sven Vermeulen
2014-11-22 17:43 Sven Vermeulen
2014-11-22 17:43 Sven Vermeulen
2014-10-25 19:21 Jason Zaman
2014-10-25 19:21 Jason Zaman
2014-08-31 18:27 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-19 20:23 Sven Vermeulen
2014-08-19 20:07 Sven Vermeulen
2014-08-19 20:07 Sven Vermeulen
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-19 9:19 Jason Zaman
2014-08-15 14:51 Sven Vermeulen
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
2014-08-15 10:04 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
2014-08-15 14:51 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-08 8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-08 8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-08 8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-08 8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-08 8:48 Sven Vermeulen
2014-08-07 9:41 Sven Vermeulen
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-07 8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-07 8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-06-25 19:06 Sven Vermeulen
2014-06-25 19:06 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-07 18:20 Sven Vermeulen
2014-06-07 18:12 Sven Vermeulen
2014-05-01 18:59 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-17 18:21 Sven Vermeulen
2014-04-11 17:48 Sven Vermeulen
2014-04-11 17:48 Sven Vermeulen
2014-04-08 16:12 Sven Vermeulen
2014-04-08 16:02 Sven Vermeulen
2014-04-08 16:02 Sven Vermeulen
2014-03-17 8:24 Sven Vermeulen
2014-02-17 19:55 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-01-23 20:00 Sven Vermeulen
2014-01-19 19:01 Sven Vermeulen
2013-12-06 17:33 Sven Vermeulen
2013-11-03 11:19 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 6:50 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-08-15 17:23 Sven Vermeulen
2013-08-15 9:22 Sven Vermeulen
2013-08-13 18:16 Sven Vermeulen
2013-05-16 9:06 Sven Vermeulen
2013-05-01 19:32 Sven Vermeulen
2013-05-01 18:42 Sven Vermeulen
2013-04-11 18:04 Sven Vermeulen
2013-04-11 17:30 Sven Vermeulen
2013-03-11 18:53 Sven Vermeulen
2013-03-10 15:29 Sven Vermeulen
2013-02-18 18:11 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2012-12-29 18:24 Sven Vermeulen
2012-12-17 16:56 Sven Vermeulen
2012-12-08 18:21 Sven Vermeulen
2012-12-03 9:35 Sven Vermeulen
2012-12-03 9:35 Sven Vermeulen
2012-11-12 21:19 Sven Vermeulen
2012-11-10 17:40 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-30 20:24 Sven Vermeulen
2012-10-30 20:24 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-10 19:52 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-08 17:30 Sven Vermeulen
2012-08-29 18:48 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-15 13:04 Sven Vermeulen
2012-05-26 17:06 Sven Vermeulen
2012-05-16 18:34 Sven Vermeulen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox