From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 01 Sep 2009 10:01:53 -0400
Subject: [refpolicy] services_openvpn.patch
In-Reply-To: <4A9D2263.5090908@city-fan.org>
References: <4A9C1161.4040402@redhat.com> <4A9CDBCE.4010106@city-fan.org>
	<4A9D130B.4040501@redhat.com> <4A9D2263.5090908@city-fan.org>
Message-ID: <4A9D2951.9070309@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 09/01/2009 09:32 AM, Paul Howarth wrote:
> On 01/09/09 13:26, Daniel J Walsh wrote:
>> On 09/01/2009 04:31 AM, Paul Howarth wrote:
>>> On 31/08/09 19:07, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>>>>
>>>>
>>>>
>>>> Openvpn connects to cache ports and stores files in nfs and cifs
>>>> directories.
>>>
>>> Under what circumstances does openvpn connect to http or http_cache
>>> ports?
>>>
>>> Paul.
>>
>> I think they are using it to connect through firewalls.
>>
>> Google openvpn and 80 gives you 174000 messages talking about running
>> openvpn through port 80.
> 
> Ah right, so it'll use http_cache_t to do this with a proxy too.
> 
> Understood.
> 
> Paul.
Not that I have ever set one up.  I allow the Rawhide/Fedora users/testers to train me how people setup these apps.