blob: c67f456fd19e16449482461207d5678e1f69db27 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
# Network types
type node, node_type;
type netif, netif_type;
type port, port_type;
# Use network sockets.
allow netdomain self:tcp_socket create_stream_socket_perms;
allow netdomain self:{ udp_socket rawip_socket } create_socket_perms;
# Connect to ports.
allow netdomain port_type:tcp_socket name_connect;
# Bind to ports.
allow netdomain node_type:{ tcp_socket udp_socket } node_bind;
allow netdomain port_type:udp_socket name_bind;
allow netdomain port_type:tcp_socket name_bind;
# See changes to the routing table.
allow netdomain self:netlink_route_socket {
read
bind
create
nlmsg_read
ioctl
getattr
setattr
getopt
setopt
shutdown
};
# Talks to netd via dnsproxyd socket.
unix_socket_connect(netdomain, dnsproxyd, netd)
# Connect to mdnsd via mdnsd socket.
unix_socket_connect(netdomain, mdnsd, mdnsd)
|
