관리-도구

편집 파일: network.cpython-39.opt-1.pyc

a ������ye#5�������������������
���@���sT���d�Z�d
Z
dZdZdZdZdZdZdZd Z d Z dZdZd Z dZdZdZdZdZdZdS�)z= type TEMPLATETYPE_port_t; corenet_port(TEMPLATETYPE_port_t) zWsysnet_dns_name_resolve(TEMPLATETYPE_t) corenet_all_recvfrom_unlabeled(TEMPLATETYPE_t) z�allow TEMPLATETYPE_t self:tcp_socket create_stream_socket_perms; corenet_tcp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_tcp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_tcp_sendrecv_all_ports(TEMPLATETYPE_t) z.corenet_tcp_bind_generic_node(TEMPLATETYPE_t) z?allow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_bind; zBallow TEMPLATETYPE_t TEMPLATETYPE_port_t:tcp_socket name_connect; z�allow TEMPLATETYPE_t self:udp_socket { create_socket_perms listen }; corenet_udp_sendrecv_generic_if(TEMPLATETYPE_t) corenet_udp_sendrecv_generic_node(TEMPLATETYPE_t) corenet_udp_sendrecv_all_ports(TEMPLATETYPE_t) z.corenet_udp_bind_generic_node(TEMPLATETYPE_t) z?allow TEMPLATETYPE_t TEMPLATETYPE_port_t:udp_socket name_bind; z.corenet_tcp_connect_all_ports(TEMPLATETYPE_t) z2corenet_tcp_connect_all_rpc_ports(TEMPLATETYPE_t) z9corenet_tcp_connect_all_unreserved_ports(TEMPLATETYPE_t) z+corenet_tcp_bind_all_ports(TEMPLATETYPE_t) z/corenet_tcp_bind_all_rpc_ports(TEMPLATETYPE_t) z6corenet_tcp_bind_all_unreserved_ports(TEMPLATETYPE_t) z+corenet_udp_bind_all_ports(TEMPLATETYPE_t) z/corenet_udp_bind_all_rpc_ports(TEMPLATETYPE_t) z6corenet_udp_bind_all_unreserved_ports(TEMPLATETYPE_t) a�)��######################################## ## <summary> ## Send and receive TCP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_tcp_sendrecv_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket { send_msg recv_msg }; ') ######################################## ## <summary> ## Send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Do not audit attempts to send UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_send_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket send_msg; ') ######################################## ## <summary> ## Receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Do not audit attempts to receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_receive_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket recv_msg; ') ######################################## ## <summary> ## Send and receive UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_udp_sendrecv_TEMPLATETYPE_port',` corenet_udp_send_TEMPLATETYPE_port($1) corenet_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive ## UDP traffic on the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_sendrecv_TEMPLATETYPE_port',` corenet_dontaudit_udp_send_TEMPLATETYPE_port($1) corenet_dontaudit_udp_receive_TEMPLATETYPE_port($1) ') ######################################## ## <summary> ## Bind TCP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_tcp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_bind; ') ######################################## ## <summary> ## Bind UDP sockets to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Do not audit attempts to sbind to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_udp_bind_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:udp_socket name_bind; ') ######################################## ## <summary> ## Make a TCP connection to the TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') allow $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Do not audit attempts to make a TCP connection to TEMPLATETYPE port. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_dontaudit_tcp_connect_TEMPLATETYPE_port',` gen_require(` type TEMPLATETYPE_port_t; ') dontaudit $1 TEMPLATETYPE_port_t:tcp_socket name_connect; ') ######################################## ## <summary> ## Send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') dontaudit $1 TEMPLATETYPE_client_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_client_packets',` corenet_send_TEMPLATETYPE_client_packets($1) corenet_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_client packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_client_packets',` corenet_dontaudit_send_TEMPLATETYPE_client_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_client_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_client the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_client_packets',` gen_require(` type TEMPLATETYPE_client_packet_t; ') allow $1 TEMPLATETYPE_client_packet_t:packet relabelto; ') ######################################## ## <summary> ## Send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="write" weight="10"/> # interface(`corenet_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Do not audit attempts to send TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_send_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet send; ') ######################################## ## <summary> ## Receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="read" weight="10"/> # interface(`corenet_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Do not audit attempts to receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_receive_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') dontaudit $1 TEMPLATETYPE_server_packet_t:packet recv; ') ######################################## ## <summary> ## Send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <infoflow type="both" weight="10"/> # interface(`corenet_sendrecv_TEMPLATETYPE_server_packets',` corenet_send_TEMPLATETYPE_server_packets($1) corenet_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Do not audit attempts to send and receive TEMPLATETYPE_server packets. ## </summary> ## <param name="domain"> ## <summary> ## Domain to not audit. ## </summary> ## </param> ## <infoflow type="none"/> # interface(`corenet_dontaudit_sendrecv_TEMPLATETYPE_server_packets',` corenet_dontaudit_send_TEMPLATETYPE_server_packets($1) corenet_dontaudit_receive_TEMPLATETYPE_server_packets($1) ') ######################################## ## <summary> ## Relabel packets to TEMPLATETYPE_server the packet type. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`corenet_relabelto_TEMPLATETYPE_server_packets',` gen_require(` type TEMPLATETYPE_server_packet_t; ') allow $1 TEMPLATETYPE_server_packet_t:packet relabelto; ') �
N)Zte_typesZ te_networkZte_tcpZ te_in_tcpZte_in_need_port_tcpZte_out_need_port_tcpZte_udpZ te_in_udpZte_in_need_port_udpZte_out_all_ports_tcpZte_out_reserved_ports_tcpZte_out_unreserved_ports_tcpZte_in_all_ports_tcpZte_in_reserved_ports_tcpZte_in_unreserved_ports_tcpZte_in_all_ports_udpZte_in_reserved_ports_udpZte_in_unreserved_ports_udpZif_rulesZte_rules��r���r����>/usr/lib/python3.9/site-packages/sepolicy/templates/network.py�<module>���s,������b