85 lines
1.7 KiB
Plaintext
85 lines
1.7 KiB
Plaintext
## <summary>Ethernet activity monitor.</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Search arpwatch's data file directories.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## Domain allowed access.
|
|
## </param>
|
|
#
|
|
interface(`arpwatch_search_data',`
|
|
gen_require(`
|
|
type arpwatch_data_t;
|
|
')
|
|
|
|
allow $1 arpwatch_data_t:dir search;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Create arpwatch data files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## Domain allowed access.
|
|
## </param>
|
|
#
|
|
interface(`arpwatch_manage_data_files',`
|
|
gen_require(`
|
|
type arpwatch_data_t;
|
|
')
|
|
|
|
allow $1 arpwatch_data_t:dir rw_dir_perms;
|
|
allow $1 arpwatch_data_t:file create_file_perms;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Read and write arpwatch temporary files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## Domain allowed access.
|
|
## </param>
|
|
#
|
|
interface(`arpwatch_rw_tmp_files',`
|
|
gen_require(`
|
|
type arpwatch_tmp_t;
|
|
')
|
|
|
|
allow $1 arpwatch_tmp_t:file rw_file_perms;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Read and write arpwatch temporary files.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## Domain allowed access.
|
|
## </param>
|
|
#
|
|
interface(`arpwatch_manage_tmp_files',`
|
|
gen_require(`
|
|
type arpwatch_tmp_t;
|
|
')
|
|
|
|
allow $1 arpwatch_tmp_t:file manage_file_perms;
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Do not audit attempts to read and write
|
|
## arpwatch packet sockets.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## Domain to not audit.
|
|
## </param>
|
|
#
|
|
interface(`arpwatch_dontaudit_rw_packet_socket',`
|
|
gen_require(`
|
|
type arpwatch_t;
|
|
class packet_socket { read write };
|
|
')
|
|
|
|
dontaudit $1 arpwatch_t:packet_socket { read write };
|
|
')
|