� m��Vc @ s| d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d S( s= type TEMPLATETYPE_port_t; corenet_port(TEMPLATETYPE_port_t) sW sysnet_dns_name_resolve(TEMPLATETYPE_t) corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t) s� allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms; corenet_tcp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_tcp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t) s. corenet_tcp_bind_generic_node(TEMPLATETYPE_t) s? allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind; sB allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect; s� allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen }; corenet_udp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_udp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t) s. corenet_udp_bind_generic_node(TEMPLATETYPE_t) s? allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind; s. corenet_tcp_connect_all_ports(TEMPLATETYPE_t) s2 corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t) s9 corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t) s+ corenet_tcp_bind_all_ports(TEMPLATETYPE_t) s/ corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t) s6 corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t) s+ corenet_udp_bind_all_ports(TEMPLATETYPE_t) s/ corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t) s6 corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) s�) ######################################## ## <summary> ## Send and receive TCP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_tcp_sendrecv_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket { send_msg recv_msg }; ') ######################################## ## <summary> ## Send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Do not audit attempts to send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Do not audit attempts to receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Send and receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_udp_sendrecv_TEMPLATETYPE_port',` corenet_udp_send_TEMPLATETYPE_port($1) corenet_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive ## UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_sendrecv_TEMPLATETYPE_port',` corenet_dontaudit_udp_send_TEMPLATETYPE_port($1) corenet_dontaudit_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Bind TCP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_tcp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_bind; ') ######################################## ## <summary> ## Bind UDP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Do not audit attempts to sbind to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Make a TCP connection to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Do not audit attempts to make a TCP connection to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_dontaudit_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_client_packets',` corenet_send_TEMPLATETYPE_client_packets($1) corenet_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_client_packets',` corenet_dontaudit_send_TEMPLATETYPE_client_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_client the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet relabelto; ') ######################################## ## <summary> ## Send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_server_packets',` corenet_send_TEMPLATETYPE_server_packets($1) corenet_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_server_packets',` corenet_dontaudit_send_TEMPLATETYPE_server_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_server the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet relabelto; ') t N( t te_typest te_networkt te_tcpt te_in_tcpt te_in_need_port_tcpt te_out_need_port_tcpt te_udpt te_in_udpt te_in_need_port_udpt te_out_all_ports_tcpt te_out_reserved_ports_tcpt te_out_unreserved_ports_tcpt te_in_all_ports_tcpt te_in_reserved_ports_tcpt te_in_unreserved_ports_tcpt te_in_all_ports_udpt te_in_reserved_ports_udpt te_in_unreserved_ports_udpt if_rulest te_rules( ( ( s@ /usr/lib64/python2.7/site-packages/sepolicy/templates/network.pyt <module> s( � �
Name | Type | Size | Permission | Actions |
---|---|---|---|---|
.__init__.pyo.40009 | File | 152 B | 0644 |
|
.boolean.pyo.40009 | File | 331 B | 0644 |
|
.etc_rw.pyo.40009 | File | 2.87 KB | 0644 |
|
.executable.pyo.40009 | File | 8.99 KB | 0644 |
|
.network.pyo.40009 | File | 12.58 KB | 0644 |
|
.rw.pyo.40009 | File | 2.93 KB | 0644 |
|
.script.pyo.40009 | File | 3.39 KB | 0644 |
|
.semodule.pyo.40009 | File | 479 B | 0644 |
|
.spec.pyo.40009 | File | 2.26 KB | 0644 |
|
.test_module.pyo.40009 | File | 2.76 KB | 0644 |
|
.tmp.pyo.40009 | File | 2.58 KB | 0644 |
|
.unit_file.pyo.40009 | File | 1.2 KB | 0644 |
|
.user.pyo.40009 | File | 3.49 KB | 0644 |
|
.var_cache.pyo.40009 | File | 3.06 KB | 0644 |
|
.var_lib.pyo.40009 | File | 3.2 KB | 0644 |
|
.var_log.pyo.40009 | File | 2.16 KB | 0644 |
|
.var_run.pyo.40009 | File | 2.09 KB | 0644 |
|
.var_spool.pyo.40009 | File | 3.04 KB | 0644 |
|
__init__.py | File | 724 B | 0644 |
|
__init__.pyc | File | 152 B | 0644 |
|
__init__.pyo | File | 152 B | 0644 |
|
boolean.py | File | 1.15 KB | 0644 |
|
boolean.pyc | File | 331 B | 0644 |
|
boolean.pyo | File | 331 B | 0644 |
|
etc_rw.py | File | 3.86 KB | 0644 |
|
etc_rw.pyc | File | 2.87 KB | 0644 |
|
etc_rw.pyo | File | 2.87 KB | 0644 |
|
executable.py | File | 9.66 KB | 0644 |
|
executable.pyc | File | 8.99 KB | 0644 |
|
executable.pyo | File | 8.99 KB | 0644 |
|
network.py | File | 13.28 KB | 0644 |
|
network.pyc | File | 12.58 KB | 0644 |
|
network.pyo | File | 12.58 KB | 0644 |
|
rw.py | File | 3.84 KB | 0644 |
|
rw.pyc | File | 2.93 KB | 0644 |
|
rw.pyo | File | 2.93 KB | 0644 |
|
script.py | File | 4.16 KB | 0644 |
|
script.pyc | File | 3.39 KB | 0644 |
|
script.pyo | File | 3.39 KB | 0644 |
|
semodule.py | File | 1.28 KB | 0644 |
|
semodule.pyc | File | 479 B | 0644 |
|
semodule.pyo | File | 479 B | 0644 |
|
spec.py | File | 2.09 KB | 0644 |
|
spec.pyc | File | 2.26 KB | 0644 |
|
spec.pyo | File | 2.26 KB | 0644 |
|
test_module.py | File | 4.35 KB | 0644 |
|
test_module.pyc | File | 2.76 KB | 0644 |
|
test_module.pyo | File | 2.76 KB | 0644 |
|
tmp.py | File | 3.38 KB | 0644 |
|
tmp.pyc | File | 2.58 KB | 0644 |
|
tmp.pyo | File | 2.58 KB | 0644 |
|
unit_file.py | File | 2.21 KB | 0644 |
|
unit_file.pyc | File | 1.2 KB | 0644 |
|
unit_file.pyo | File | 1.2 KB | 0644 |
|
user.py | File | 4.21 KB | 0644 |
|
user.pyc | File | 3.49 KB | 0644 |
|
user.pyo | File | 3.49 KB | 0644 |
|
var_cache.py | File | 4.05 KB | 0644 |
|
var_cache.pyc | File | 3.06 KB | 0644 |
|
var_cache.pyo | File | 3.06 KB | 0644 |
|
var_lib.py | File | 4.2 KB | 0644 |
|
var_lib.pyc | File | 3.2 KB | 0644 |
|
var_lib.pyo | File | 3.2 KB | 0644 |
|
var_log.py | File | 3.18 KB | 0644 |
|
var_log.pyc | File | 2.16 KB | 0644 |
|
var_log.pyo | File | 2.16 KB | 0644 |
|
var_run.py | File | 2.86 KB | 0644 |
|
var_run.pyc | File | 2.09 KB | 0644 |
|
var_run.pyo | File | 2.09 KB | 0644 |
|
var_spool.py | File | 4.04 KB | 0644 |
|
var_spool.pyc | File | 3.04 KB | 0644 |
|
var_spool.pyo | File | 3.04 KB | 0644 |
|