ok
Direktori : /lib64/python2.7/site-packages/sepolicy/templates/ |
Current File : //lib64/python2.7/site-packages/sepolicy/templates/network.pyo |
� m��Vc @ s| d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d Z d S( s= type TEMPLATETYPE_port_t; corenet_port(TEMPLATETYPE_port_t) sW sysnet_dns_name_resolve(TEMPLATETYPE_t) corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t) s� allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms; corenet_tcp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_tcp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t) s. corenet_tcp_bind_generic_node(TEMPLATETYPE_t) s? allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind; sB allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect; s� allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen }; corenet_udp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_udp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t) s. corenet_udp_bind_generic_node(TEMPLATETYPE_t) s? allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind; s. corenet_tcp_connect_all_ports(TEMPLATETYPE_t) s2 corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t) s9 corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t) s+ corenet_tcp_bind_all_ports(TEMPLATETYPE_t) s/ corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t) s6 corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t) s+ corenet_udp_bind_all_ports(TEMPLATETYPE_t) s/ corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t) s6 corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) s�) ######################################## ## <summary> ## Send and receive TCP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_tcp_sendrecv_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket { send_msg recv_msg }; ') ######################################## ## <summary> ## Send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Do not audit attempts to send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Do not audit attempts to receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Send and receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_udp_sendrecv_TEMPLATETYPE_port',` corenet_udp_send_TEMPLATETYPE_port($1) corenet_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive ## UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_sendrecv_TEMPLATETYPE_port',` corenet_dontaudit_udp_send_TEMPLATETYPE_port($1) corenet_dontaudit_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Bind TCP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_tcp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_bind; ') ######################################## ## <summary> ## Bind UDP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Do not audit attempts to sbind to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Make a TCP connection to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Do not audit attempts to make a TCP connection to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_dontaudit_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_client_packets',` corenet_send_TEMPLATETYPE_client_packets($1) corenet_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_client_packets',` corenet_dontaudit_send_TEMPLATETYPE_client_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_client the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet relabelto; ') ######################################## ## <summary> ## Send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_server_packets',` corenet_send_TEMPLATETYPE_server_packets($1) corenet_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_server_packets',` corenet_dontaudit_send_TEMPLATETYPE_server_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_server the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet relabelto; ') t N( t te_typest te_networkt te_tcpt te_in_tcpt te_in_need_port_tcpt te_out_need_port_tcpt te_udpt te_in_udpt te_in_need_port_udpt te_out_all_ports_tcpt te_out_reserved_ports_tcpt te_out_unreserved_ports_tcpt te_in_all_ports_tcpt te_in_reserved_ports_tcpt te_in_unreserved_ports_tcpt te_in_all_ports_udpt te_in_reserved_ports_udpt te_in_unreserved_ports_udpt if_rulest te_rules( ( ( s@ /usr/lib64/python2.7/site-packages/sepolicy/templates/network.pyt <module> s( � �