Commit Graph

1312 Commits

Author SHA1 Message Date
Chris PeBenito
6e76320765 fix bad use of templates 2006-06-06 17:24:34 +00:00
Chris PeBenito
97c57a1b3a missing net_bind_service cap for bind_all_ports interfaces 2006-06-02 17:44:44 +00:00
Chris PeBenito
3d03a4f40f packets 2006-06-02 15:06:45 +00:00
Chris PeBenito
3152d15fa7 packets for inetd 2006-06-02 13:48:34 +00:00
Chris PeBenito
42d0536520 fill out networking perms 2006-06-01 18:17:53 +00:00
Chris PeBenito
9a879bd705 packets for ftp 2006-05-31 17:20:21 +00:00
Chris PeBenito
141cffdd83 packets for services 2006-05-30 19:46:34 +00:00
Chris PeBenito
9d0c9b3ed5 packets for admin modules 2006-05-29 19:53:43 +00:00
Chris PeBenito
c0d8c41e37 add packets for apps 2006-05-29 18:25:58 +00:00
Chris PeBenito
35a4b349f0 break packet_t into server_packet_t client_packet_t, and cover add packets to system modules where they make sense. 2006-05-29 15:04:49 +00:00
Chris PeBenito
5afdf0bca6 add gcc-config to portage 2006-05-29 14:16:22 +00:00
Chris PeBenito
968ace9365 apache packets 2006-05-26 20:46:37 +00:00
Chris PeBenito
b8373ee119 updates for nfs, squid, and mta 2006-05-26 20:29:51 +00:00
Chris PeBenito
72fcec8c66 more packets 2006-05-26 19:04:18 +00:00
Chris PeBenito
006e998287 packet updates for kernel, nscd, bind, ntp, spamassassin, and dhcpc 2006-05-26 18:04:46 +00:00
Chris PeBenito
bfad8863b4 packets for users 2006-05-26 14:40:12 +00:00
Chris PeBenito
332bb3f654 fix typos 2006-05-26 14:34:13 +00:00
Chris PeBenito
4b01e21d37 comment out .SECONDARY since its broken in make 3.81, and rawhide uses this make now 2006-05-26 14:33:44 +00:00
Chris PeBenito
2f8eec29c5 add client and server packet attributes 2006-05-26 13:49:13 +00:00
Chris PeBenito
7b643689e6 update ssh for packets 2006-05-25 20:18:24 +00:00
Chris PeBenito
189694126f reorganize the file 2006-05-25 18:42:32 +00:00
Chris PeBenito
8745d93c99 packets from configuring cups from a web browser and printing a test page to a jetdirect 2006-05-25 18:41:14 +00:00
Chris PeBenito
f6e83a7a5f typo 2006-05-25 17:59:50 +00:00
Chris PeBenito
378d5cda05 initial packet rules 2006-05-25 17:56:07 +00:00
Chris PeBenito
c5657a262b add generic packet interfaces, and fix up unconfined handling 2006-05-25 17:01:36 +00:00
Chris PeBenito
e4b30fb010 remove debugging statemnet 2006-05-25 16:40:52 +00:00
Chris PeBenito
6962bb3283 add makefile support for netfilter contexts 2006-05-25 15:14:19 +00:00
Chris PeBenito
6b873c4da0 fix copyright years 2006-05-25 15:09:06 +00:00
Chris PeBenito
d24259b7a7 fix handling of comments at the end of the line, and add copyright 2006-05-25 15:04:39 +00:00
Chris PeBenito
df15d004ef fix chain declaration 2006-05-25 14:10:55 +00:00
Chris PeBenito
d6d8b7037d add command line arguments support, and mls/mcs support 2006-05-25 14:02:41 +00:00
Chris PeBenito
29a0519186 add compute_av for doing rootok check 2006-05-25 13:14:08 +00:00
Chris PeBenito
c890249a4c use network_port()s to declare packets, since packets match up with these ports 2006-05-24 21:28:49 +00:00
Chris PeBenito
d6c62e7df7 initial commit of netfilter config generator tool, still needs work on mls/mcs side. 2006-05-24 21:27:52 +00:00
Chris PeBenito
6293baeacc allow iptables to relabelto all packets 2006-05-23 19:07:22 +00:00
Chris PeBenito
e37158e6b9 initial support for packets 2006-05-23 18:31:02 +00:00
Chris PeBenito
a013b55e3e initial addition of packet policy, allow unconfined to send unlabeled packets. 2006-05-22 20:47:05 +00:00
Chris PeBenito
e126047c73 no user contexts for strict policy 2006-05-22 18:24:19 +00:00
Chris PeBenito
263721b9a4 dontaudit just the kernel fd use, the others may indicate problems for other reasons. 2006-05-19 20:02:41 +00:00
Chris PeBenito
8fa4943032 add back stray file descriptors dontaudit for rhel4 2006-05-19 19:52:18 +00:00
Chris PeBenito
c55b6f28ee add packet security class 2006-05-19 17:45:46 +00:00
Chris PeBenito
2288381d08 cleanup init_t a little 2006-05-19 17:44:27 +00:00
Chris PeBenito
41a0f8bf3b move selinux unconfined to attribute setup, clean up unconfined interface a bit 2006-05-19 15:15:45 +00:00
Chris PeBenito
9d4538024a patch from russell Fri, 19 May 2006 20:28:29 +1000 2006-05-19 14:06:18 +00:00
Chris PeBenito
87eb5c84e7 patch from dan Thu, 18 May 2006 11:56:22 -0400 2006-05-19 14:02:24 +00:00
Chris PeBenito
46fc46cfdd fixes for gentoo 2006-05-19 13:14:37 +00:00
Chris PeBenito
5f4b5698c1 fix example.te 2006-05-18 17:55:03 +00:00
Chris PeBenito
b516e80f24 start cleaning up node binding and raw if/node access 2006-05-17 20:55:12 +00:00
Chris PeBenito
165b42d230 most of patch from dan Mon, 15 May 2006 11:58:01 -0400 2006-05-17 14:50:31 +00:00
Chris PeBenito
75c1c261c1 add info on build options 2006-05-16 15:05:40 +00:00