diff --git a/wificond.te b/wificond.te
index acdf522baf3c39e3eae82f65aec93fe146082c2c..f17d743b530b90a5ad8ad979a52f509be659244d 100644
--- a/wificond.te
+++ b/wificond.te
@@ -16,6 +16,7 @@ set_prop(wificond, wifi_prop)
 
 # create sockets to set interfaces up and down
 allow wificond self:udp_socket create_socket_perms;
-allow wificond self:capability net_raw;
+allow wificond self:capability { net_admin net_raw };
+allow wificond self:netlink_socket create_socket_perms;
 
 r_dir_file(wificond, proc_net)