Snort network intrusion detection system

######################################## ##

## Execute a domain transition to run snort. ##

## ##

## Domain allowed to transition. ##

## # interface(`snort_domtrans',` gen_require(` type snort_t, snort_exec_t; ') domtrans_pattern($1, snort_exec_t, snort_t) ') ######################################## ##

## All of the rules required to administrate ## an snort environment ##

## ##

## Domain allowed access. ##

## ## ##

## The role to be allowed to manage the snort domain. ##

## ## # interface(`snort_admin',` gen_require(` type snort_t, snort_var_run_t, snort_log_t; type snort_initrc_exec_t; ') allow $1 snort_t:process { ptrace signal_perms }; ps_process_pattern($1, snort_t) init_labeled_script_domtrans($1, snort_initrc_exec_t) domain_system_change_exemption($1) role_transition $2 snort_initrc_exec_t system_r; allow $2 system_r; admin_pattern($1, snort_etc_t) files_search_etc($1) admin_pattern($1, snort_log_t) logging_search_logs($1) admin_pattern($1, snort_var_run_t) files_search_pids($1) ')