use network_port()s to declare packets, since packets match up with these ports

refpolicy/policy/modules/kernel/corenetwork.if.m4

@@ -580,6 +580,8 @@ define(`create_port_attrib_interfaces',`create_port_interfaces($1,port,attribute
 #
 define(`network_port',`
 create_port_type_interfaces($*)
+create_packet_interfaces($1_client)
+create_packet_interfaces($1_server)
 ')
 
 #

refpolicy/policy/modules/kernel/corenetwork.te.in

@@ -26,9 +26,14 @@ dev_node(tun_tap_device_t)
 
 ########################################
 #
-# Ports
+# Ports and packets
 #
 
+#
+# packet_t is the default type of IPv4 and IPv6 packets.
+#
+type packet_t, packet_type;
+
 #
 # port_t is the default type of INET port numbers.
 #
@@ -126,7 +131,7 @@ network_port(syslogd, udp,514,s0)
 network_port(telnetd, tcp,23,s0)
 network_port(tftp, udp,69,s0)
 network_port(tor, tcp,9001,s0, tcp,9030,s0, tcp,9050,s0)
-network_port(traceroute, udp,64000-64010,s0)
+network_port(traceroute, udp,64000,s0, udp,64001,s0, udp,64002,s0, udp,64003,s0, udp,64004,s0, udp,64005,s0, udp,64006,s0, udp,64007,s0, udp,64008,s0, udp,64009,s0, udp,64010,s0)
 network_port(transproxy, tcp,8081,s0)
 type utcpserver_port_t, port_type; dnl network_port(utcpserver) # no defined portcon
 network_port(uucpd, tcp,540,s0)
@@ -179,15 +184,6 @@ ifdef(`enable_mls',`
 network_interface(lo, lo,s0 - s15:c0.c255)
 ')
 
-########################################
-#
-# Network Packets
-#
-
-network_packet(dns)
-network_packet(ldap)
-network_packet(portmap)
-
 ########################################
 #
 # Unconfined access to this module

refpolicy/policy/modules/kernel/corenetwork.te.m4

@@ -60,6 +60,8 @@ ifelse(`$5',`',`',`declare_ports($1,shiftn(4,$*))')dnl
 #
 define(`network_port',`
 type $1_port_t, port_type;
+type $1_client_packet_t, packet_type;
+type $1_server_packet_t, packet_type;
 declare_ports($1_port_t,shift($*))
 ')