Commit Graph

1755 Commits

Author SHA1 Message Date
Chris PeBenito
290a4a9360 use domtrans from initrc for insmod 2006-06-12 15:22:45 +00:00
Chris PeBenito
eeab5717d6 fix up bad ifdefs and remove foo.te definition for modules. 2006-06-12 14:17:40 +00:00
Chris PeBenito
c22705001e another script in the apr build dir 2006-06-09 13:49:22 +00:00
Chris PeBenito
5fe209552e shell scripts in the apr build dir 2006-06-09 13:47:58 +00:00
Chris PeBenito
9c1c08e38c fix most bad rules in cups, bug 1771 2006-06-08 17:18:25 +00:00
Chris PeBenito
522b59bb97 patch from dan Tue, 06 Jun 2006 22:50:46 -0400 2006-06-07 17:43:10 +00:00
Chris PeBenito
e51048a4e8 fix execmod all files rule in wine 2006-06-06 17:51:24 +00:00
Chris PeBenito
fc2dac60c9 improve warning message, with file and line numbers 2006-06-06 17:25:23 +00:00
Chris PeBenito
6e76320765 fix bad use of templates 2006-06-06 17:24:34 +00:00
Chris PeBenito
97c57a1b3a missing net_bind_service cap for bind_all_ports interfaces 2006-06-02 17:44:44 +00:00
Chris PeBenito
3d03a4f40f packets 2006-06-02 15:06:45 +00:00
Chris PeBenito
3152d15fa7 packets for inetd 2006-06-02 13:48:34 +00:00
Chris PeBenito
42d0536520 fill out networking perms 2006-06-01 18:17:53 +00:00
Chris PeBenito
9a879bd705 packets for ftp 2006-05-31 17:20:21 +00:00
Chris PeBenito
141cffdd83 packets for services 2006-05-30 19:46:34 +00:00
Chris PeBenito
9d0c9b3ed5 packets for admin modules 2006-05-29 19:53:43 +00:00
Chris PeBenito
c0d8c41e37 add packets for apps 2006-05-29 18:25:58 +00:00
Chris PeBenito
35a4b349f0 break packet_t into server_packet_t client_packet_t, and cover add packets to system modules where they make sense. 2006-05-29 15:04:49 +00:00
Chris PeBenito
5afdf0bca6 add gcc-config to portage 2006-05-29 14:16:22 +00:00
Chris PeBenito
968ace9365 apache packets 2006-05-26 20:46:37 +00:00
Chris PeBenito
b8373ee119 updates for nfs, squid, and mta 2006-05-26 20:29:51 +00:00
Chris PeBenito
72fcec8c66 more packets 2006-05-26 19:04:18 +00:00
Chris PeBenito
006e998287 packet updates for kernel, nscd, bind, ntp, spamassassin, and dhcpc 2006-05-26 18:04:46 +00:00
Chris PeBenito
bfad8863b4 packets for users 2006-05-26 14:40:12 +00:00
Chris PeBenito
332bb3f654 fix typos 2006-05-26 14:34:13 +00:00
Chris PeBenito
4b01e21d37 comment out .SECONDARY since its broken in make 3.81, and rawhide uses this make now 2006-05-26 14:33:44 +00:00
Chris PeBenito
2f8eec29c5 add client and server packet attributes 2006-05-26 13:49:13 +00:00
Chris PeBenito
7b643689e6 update ssh for packets 2006-05-25 20:18:24 +00:00
Chris PeBenito
189694126f reorganize the file 2006-05-25 18:42:32 +00:00
Chris PeBenito
8745d93c99 packets from configuring cups from a web browser and printing a test page to a jetdirect 2006-05-25 18:41:14 +00:00
Chris PeBenito
f6e83a7a5f typo 2006-05-25 17:59:50 +00:00
Chris PeBenito
378d5cda05 initial packet rules 2006-05-25 17:56:07 +00:00
Chris PeBenito
c5657a262b add generic packet interfaces, and fix up unconfined handling 2006-05-25 17:01:36 +00:00
Chris PeBenito
e4b30fb010 remove debugging statemnet 2006-05-25 16:40:52 +00:00
Chris PeBenito
6962bb3283 add makefile support for netfilter contexts 2006-05-25 15:14:19 +00:00
Chris PeBenito
6b873c4da0 fix copyright years 2006-05-25 15:09:06 +00:00
Chris PeBenito
d24259b7a7 fix handling of comments at the end of the line, and add copyright 2006-05-25 15:04:39 +00:00
Chris PeBenito
df15d004ef fix chain declaration 2006-05-25 14:10:55 +00:00
Chris PeBenito
d6d8b7037d add command line arguments support, and mls/mcs support 2006-05-25 14:02:41 +00:00
Chris PeBenito
29a0519186 add compute_av for doing rootok check 2006-05-25 13:14:08 +00:00
Chris PeBenito
c890249a4c use network_port()s to declare packets, since packets match up with these ports 2006-05-24 21:28:49 +00:00
Chris PeBenito
d6c62e7df7 initial commit of netfilter config generator tool, still needs work on mls/mcs side. 2006-05-24 21:27:52 +00:00
Chris PeBenito
6293baeacc allow iptables to relabelto all packets 2006-05-23 19:07:22 +00:00
Chris PeBenito
e37158e6b9 initial support for packets 2006-05-23 18:31:02 +00:00
Chris PeBenito
a013b55e3e initial addition of packet policy, allow unconfined to send unlabeled packets. 2006-05-22 20:47:05 +00:00
Chris PeBenito
e126047c73 no user contexts for strict policy 2006-05-22 18:24:19 +00:00
Chris PeBenito
263721b9a4 dontaudit just the kernel fd use, the others may indicate problems for other reasons. 2006-05-19 20:02:41 +00:00
Chris PeBenito
8fa4943032 add back stray file descriptors dontaudit for rhel4 2006-05-19 19:52:18 +00:00
Chris PeBenito
c55b6f28ee add packet security class 2006-05-19 17:45:46 +00:00
Chris PeBenito
2288381d08 cleanup init_t a little 2006-05-19 17:44:27 +00:00