From: Russell Coker <[email protected]>
Client control is used by the wide dhcp6 client, which can be controlled
via dhcp6ctl. This works by communicating over port 5546.
---
policy/modules/kernel/corenetwork.te.in | 2 +-
policy/modules/system/sysnetwork.te | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
index c054304..fbdcbce 100644
--- a/policy/modules/kernel/corenetwork.te.in
+++ b/policy/modules/kernel/corenetwork.te.in
@@ -115,7 +115,7 @@ network_port(daap, tcp,3689,s0, udp,3689,s0)
network_port(dbskkd, tcp,1178,s0)
network_port(dcc, udp,6276,s0, udp,6277,s0)
network_port(dccm, tcp,5679,s0, udp,5679,s0)
-network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0)
+network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0, udp,5546,s0, tcp,5546,s0)
network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0, tcp,647,s0, udp,647,s0, tcp,847,s0, udp,847,s0, tcp,7911,s0)
network_port(dict, tcp,2628,s0)
network_port(distccd, tcp,3632,s0)
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index 8f9d08d..4e255b4 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -103,6 +103,7 @@ corenet_tcp_sendrecv_all_ports(dhcpc_t)
corenet_udp_sendrecv_all_ports(dhcpc_t)
corenet_tcp_bind_all_nodes(dhcpc_t)
corenet_udp_bind_all_nodes(dhcpc_t)
+corenet_tcp_bind_dhcpc_port(dhcpc_t)
corenet_udp_bind_dhcpc_port(dhcpc_t)
corenet_tcp_connect_all_ports(dhcpc_t)
corenet_sendrecv_dhcpd_client_packets(dhcpc_t)
--
1.7.10.4
On 10/15/12 16:55, Mika Pfl?ger wrote:
> From: Russell Coker <[email protected]>
>
> Client control is used by the wide dhcp6 client, which can be controlled
> via dhcp6ctl. This works by communicating over port 5546.
> ---
> policy/modules/kernel/corenetwork.te.in | 2 +-
> policy/modules/system/sysnetwork.te | 1 +
> 2 files changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/policy/modules/kernel/corenetwork.te.in b/policy/modules/kernel/corenetwork.te.in
> index c054304..fbdcbce 100644
> --- a/policy/modules/kernel/corenetwork.te.in
> +++ b/policy/modules/kernel/corenetwork.te.in
> @@ -115,7 +115,7 @@ network_port(daap, tcp,3689,s0, udp,3689,s0)
> network_port(dbskkd, tcp,1178,s0)
> network_port(dcc, udp,6276,s0, udp,6277,s0)
> network_port(dccm, tcp,5679,s0, udp,5679,s0)
> -network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0)
> +network_port(dhcpc, udp,68,s0, tcp,68,s0, udp,546,s0, tcp, 546,s0, udp,5546,s0, tcp,5546,s0)
> network_port(dhcpd, udp,67,s0, udp,547,s0, tcp, 547,s0, udp,548,s0, tcp, 548,s0, tcp,647,s0, udp,647,s0, tcp,847,s0, udp,847,s0, tcp,7911,s0)
> network_port(dict, tcp,2628,s0)
> network_port(distccd, tcp,3632,s0)
> diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
> index 8f9d08d..4e255b4 100644
> --- a/policy/modules/system/sysnetwork.te
> +++ b/policy/modules/system/sysnetwork.te
> @@ -103,6 +103,7 @@ corenet_tcp_sendrecv_all_ports(dhcpc_t)
> corenet_udp_sendrecv_all_ports(dhcpc_t)
> corenet_tcp_bind_all_nodes(dhcpc_t)
> corenet_udp_bind_all_nodes(dhcpc_t)
> +corenet_tcp_bind_dhcpc_port(dhcpc_t)
> corenet_udp_bind_dhcpc_port(dhcpc_t)
> corenet_tcp_connect_all_ports(dhcpc_t)
> corenet_sendrecv_dhcpd_client_packets(dhcpc_t)
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com