iptables: calls to firewalld interfaces from Fedora. The firewalld_dontaudit_rw_tmp_files(iptables_t) was confirmed on Debian.
Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
This commit is contained in:
parent
872ece4bcf
commit
e784e78825
@ -49,6 +49,7 @@ allow iptables_t iptables_tmp_t:dir manage_dir_perms;
|
||||
allow iptables_t iptables_tmp_t:file manage_file_perms;
|
||||
files_tmp_filetrans(iptables_t, iptables_tmp_t, { file dir })
|
||||
|
||||
kernel_getattr_proc(iptables_t)
|
||||
kernel_request_load_module(iptables_t)
|
||||
kernel_read_system_state(iptables_t)
|
||||
kernel_read_network_state(iptables_t)
|
||||
@ -104,6 +105,11 @@ optional_policy(`
|
||||
fail2ban_append_log(iptables_t)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
firewalld_read_config_files(iptables_t)
|
||||
firewalld_dontaudit_rw_tmp_files(iptables_t)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
firstboot_use_fds(iptables_t)
|
||||
firstboot_rw_pipes(iptables_t)
|
||||
|
Loading…
Reference in New Issue
Block a user