http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_snort.patch
snort creates generic sockets
We can dontaudit read of system state
rearrage kernel calls and allow snort to request the kernel load a module.
uses usbmod and genrice usb devices.