diff --git a/dumpstate.te b/dumpstate.te
index ac94e4c8229a14b5a5567786d455b3c71d7adfab..318755528e663ff839d78d85c07c5067f033cdd4 100644
--- a/dumpstate.te
+++ b/dumpstate.te
@@ -13,8 +13,13 @@ allow dumpstate self:capability { setuid setgid sys_resource };
 # Allow dumpstate to scan through /proc/pid for all processes
 r_dir_file(dumpstate, domain)
 
-# Send signals to processes
-allow dumpstate self:capability kill;
+allow dumpstate self:capability {
+    # Send signals to processes
+    kill
+    # Run iptables
+    net_raw
+    net_admin
+};
 
 # Allow executing files on system, such as:
 #   /system/bin/toolbox