From d14c0e709231ae603b1aa2b1187893a4e2c1c3fc Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 20 Jan 2006 22:13:52 +0000
Subject: [PATCH] add missing if

---
 .../policy/modules/kernel/corenetwork.if.in      | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/refpolicy/policy/modules/kernel/corenetwork.if.in b/refpolicy/policy/modules/kernel/corenetwork.if.in
index 680714a9..58a3c918 100644
--- a/refpolicy/policy/modules/kernel/corenetwork.if.in
+++ b/refpolicy/policy/modules/kernel/corenetwork.if.in
@@ -702,6 +702,22 @@ interface(`corenet_tcp_bind_all_ports',`
 	allow $1 port_type:tcp_socket name_bind;
 ')
 
+########################################
+## <summary>
+##	Do not audit attepts to bind TCP sockets to any ports.
+## </summary>
+## <param name="domain">
+##	Domain to not audit.
+## </param>
+#
+interface(`corenet_dontaudit_tcp_bind_all_ports',`
+	gen_require(`
+		attribute port_type;
+	')
+
+	dontaudit $1 port_type:tcp_socket name_bind;
+')
+
 ########################################
 ## <summary>
 ##	Bind UDP sockets to all ports.