## <summary>Simple network management protocol services</summary> ######################################## ## <summary> ## Use snmp over a TCP connection. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`snmp_tcp_connect',` gen_require(` type snmpd_t; ') allow $1 snmpd_t:tcp_socket { connectto recvfrom }; allow snmpd_t $1:tcp_socket { acceptfrom recvfrom }; kernel_tcp_recvfrom($1) ') ######################################## ## <summary> ## Send and receive UDP traffic to SNMP ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`snmp_udp_chat',` gen_require(` type snmpd_t; ') allow $1 snmpd_t:udp_socket { sendto recvfrom }; allow snmpd_t $1:udp_socket { sendto recvfrom }; ') ######################################## ## <summary> ## Read snmpd libraries. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`snmp_read_snmp_var_lib_files',` gen_require(` type snmpd_var_lib_t; ') allow $1 snmpd_var_lib_t:dir r_dir_perms; allow $1 snmpd_var_lib_t:file r_file_perms; allow $1 snmpd_var_lib_t:lnk_file { getattr read }; ')