From f3da31d339f24788cbc63778c71fd3487859e5cd Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 3 Jan 2008 16:20:01 +0000
Subject: [PATCH] trunk: Labeled networking peer object class updates.

---
 Changelog                     |  2 ++
 policy/flask/access_vectors   | 10 ++++++++++
 policy/flask/security_classes |  3 +++
 3 files changed, 15 insertions(+)

diff --git a/Changelog b/Changelog
index 963472b0..38bf9477 100644
--- a/Changelog
+++ b/Changelog
@@ -1,3 +1,5 @@
+- Labeled networking peer object class updates.
+
 * Fri Dec 14 2007 Chris PeBenito <selinux@tresys.com> - 20071214
 - Patch for debian logrotate to handle syslogd-listfiles, from Vaclav Ovsik.
 - Improve several tunables descriptions from Dan Walsh.
diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 3150be64..c986778d 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -201,6 +201,8 @@ class node
 	enforce_dest
 	dccp_recv
 	dccp_send
+	recvfrom
+	sendto
 }
 
 class netif
@@ -213,6 +215,8 @@ class netif
 	rawip_send
 	dccp_recv
 	dccp_send
+	ingress
+	egress
 }
 
 class netlink_socket
@@ -726,3 +730,9 @@ inherits database
 	import
 	export
 }
+
+# network peer labels
+class peer
+{
+	recv
+}
diff --git a/policy/flask/security_classes b/policy/flask/security_classes
index 1a3ff7b3..121fcbc2 100644
--- a/policy/flask/security_classes
+++ b/policy/flask/security_classes
@@ -106,4 +106,7 @@ class db_column			# userspace
 class db_tuple			# userspace
 class db_blob			# userspace
 
+# network peer labels
+class peer
+
 # FLASK