Skip to content
Snippets Groups Projects
Select Git revision
  • aa145bf6f1cb45ad66250c40da3cd708956cf71e
  • passt default
  • master
  • pu
  • todo
  • next
  • maint
  • v2.8.0-rc1
  • v2.8.0-rc0
  • v2.7.2
  • v2.7.1
  • v2.7.0
  • v2.6.5
  • v2.7.0-rc3
  • v2.7.0-rc2
  • v2.7.0-rc1
  • v2.7.0-rc0
  • v2.6.4
  • v2.6.3
  • v2.6.2
  • v2.6.1
  • v2.3.10
  • v2.5.4
  • v2.4.10
  • v2.6.0
  • v2.6.0-rc3
  • v2.5.3
27 results

blob.h

Blame
  • net.te 852 B
    # Network types
    type node, node_type;
    type netif, netif_type;
    type port, port_type;
    
    # Use network sockets.
    allow netdomain self:tcp_socket create_stream_socket_perms;
    allow netdomain self:{ udp_socket rawip_socket } create_socket_perms;
    # Connect to ports.
    allow netdomain port_type:tcp_socket name_connect;
    # Bind to ports.
    allow netdomain node_type:{ tcp_socket udp_socket } node_bind;
    allow netdomain port_type:udp_socket name_bind;
    allow netdomain port_type:tcp_socket name_bind;
    # See changes to the routing table.
    allow netdomain self:netlink_route_socket { create_socket_perms nlmsg_read };
    
    # Talks to netd via dnsproxyd socket.
    unix_socket_connect(netdomain, dnsproxyd, netd)
    
    # Talks to netd via fwmarkd socket.
    unix_socket_connect(netdomain, fwmarkd, netd)
    
    # Connect to mdnsd via mdnsd socket.
    unix_socket_connect(netdomain, mdnsd, mdnsd)