diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index 8dac5cd2..722f767d 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,4 @@
+- Updated comments in mls file from Chad Hanson.
 - Added modules:
 	amavis (Erich Schubert)
 	apt (Erich Schubert)
diff --git a/refpolicy/policy/mls b/refpolicy/policy/mls
index 6f585f6a..3a35bde5 100644
--- a/refpolicy/policy/mls
+++ b/refpolicy/policy/mls
@@ -293,8 +293,14 @@ mlsconstrain { socket tcp_socket udp_socket rawip_socket netlink_socket packet_s
 #
 # { tcp_socket unix_stream_socket } { connectto newconn acceptfrom }
 #
+# tcp_socket name_connect
+#
 # { netlink_route_socket netlink_firewall_socket netlink_tcpdiag_socket netlink_xfrm_socket netlink_audit_socket netlink_ip6fw_socket } nlmsg_write
 #
+# netlink_audit_socket { nlmsg_relay nlmsg_readpriv }
+#
+# netlink_kobject_uevent_socket *
+#
 
 
 
@@ -365,7 +371,7 @@ mlsconstrain { netif node } { tcp_send udp_send rawip_send }
 	(( l1 dom l2 ) and ( l1 domby h2 ));
 
 # these access vectors have no MLS restrictions
-# { netif node } { enforce_dest }
+# node enforce_dest
 
 
 
@@ -397,7 +403,7 @@ mlsconstrain process { sigkill sigstop signal setsched setpgid setcap setexec se
 	 ( t1 == mlsprocwrite ));
 
 # these access vectors have no MLS restrictions
-# process { fork sigchld signull noatsecure siginh setrlimit rlimitinh execmem }
+# process { fork sigchld signull noatsecure siginh setrlimit rlimitinh execmem execstack execheap }
 
 
 
@@ -663,6 +669,6 @@ mlsconstrain xinput { setattr relabelinput }
 #
 
 # these access vectors have no MLS restrictions
-# association { sendto recvfrom }
+# association *
 
 ') dnl end enable_mls