From d73a8bb52ca2863adb410a6a208c8902a47ad871 Mon Sep 17 00:00:00 2001
From: Luis Ressel <aranea@aixah.de>
Date: Sat, 10 Dec 2016 00:54:39 +0100
Subject: [PATCH] netutils: Label iptstate as netutils_t

>From the package description: "IP Tables State displays states being kept
by iptables in a top-like format". The netutils_t permission set fits it
snugly.
---
 policy/modules/admin/netutils.fc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/policy/modules/admin/netutils.fc b/policy/modules/admin/netutils.fc
index a4672caed..f5be3f95a 100644
--- a/policy/modules/admin/netutils.fc
+++ b/policy/modules/admin/netutils.fc
@@ -11,7 +11,8 @@
 
 /usr/sbin/arping	--	gen_context(system_u:object_r:netutils_exec_t,s0)
 /usr/sbin/fping 	--	gen_context(system_u:object_r:ping_exec_t,s0)
-/usr/sbin/traceroute.*	--	gen_context(system_u:object_r:traceroute_exec_t,s0)
 /usr/sbin/hping2	--	gen_context(system_u:object_r:ping_exec_t,s0)
+/usr/sbin/iptstate	--	gen_context(system_u:object_r:netutils_exec_t,s0)
 /usr/sbin/send_arp	--	gen_context(system_u:object_r:ping_exec_t,s0)
 /usr/sbin/tcpdump	--	gen_context(system_u:object_r:netutils_exec_t,s0)
+/usr/sbin/traceroute.*	--	gen_context(system_u:object_r:traceroute_exec_t,s0)