## Nessus network scanning daemon
########################################
##
## Connect to nessus over a TCP socket
##
##
##
## Domain allowed access.
##
##
#
interface(`nessus_tcp_connect',`
gen_require(`
type nessusd_t;
')
allow $1 nessusd_t:tcp_socket { connectto recvfrom };
allow nessusd_t $1:tcp_socket { acceptfrom recvfrom };
kernel_tcp_recvfrom($1)
')