1 # Network types 2 type node, node_type; 3 type netif, netif_type; 4 type port, port_type; 5 6 # Use network sockets. 7 allow netdomain self:tcp_socket create_stream_socket_perms; 8 allow netdomain self:{ udp_socket rawip_socket } create_socket_perms; 9 # Connect to ports. 10 allow netdomain port_type:tcp_socket name_connect; 11 # Bind to ports. 12 allow netdomain node_type:{ tcp_socket udp_socket } node_bind; 13 allow netdomain port_type:udp_socket name_bind; 14 allow netdomain port_type:tcp_socket name_bind; 15 # See changes to the routing table. 16 allow netdomain self:netlink_route_socket { create read getattr write setattr lock append bind connect getopt setopt shutdown nlmsg_read }; 17 18 # Talks to netd via dnsproxyd socket. 19 unix_socket_connect(netdomain, dnsproxyd, netd) 20 21 # Talks to netd via fwmarkd socket. 22 unix_socket_connect(netdomain, fwmarkd, netd) 23 24 # Connect to mdnsd via mdnsd socket. 25 unix_socket_connect(netdomain, mdnsd, mdnsd) 26
