Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# shiftn(num,list...)
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# shift the list num times
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
define(`shiftn',`ifelse($1,0,`shift($*)',`shiftn(decr($1),shift(shift($*)))')')
Chris PeBenito 17de1b
Chris PeBenito 49317e
#
Chris PeBenito 49317e
# build_option(option_name,true,[false])
Chris PeBenito 49317e
#
Chris PeBenito 49317e
# makes an ifdef.  hacky quoting changes because with
Chris PeBenito 49317e
# regular quoting, the macros in $2 and $3 will not be expanded
Chris PeBenito 49317e
#
Chris PeBenito 49317e
define(`build_option',`dnl
Chris PeBenito 49317e
changequote([,])dnl
Chris PeBenito 49317e
[ifdef(`$1',`]
Chris PeBenito 49317e
changequote(`,')dnl
Chris PeBenito 49317e
$2
Chris PeBenito 49317e
changequote([,])dnl
Chris PeBenito 49317e
[',`]
Chris PeBenito 49317e
changequote(`,')dnl
Chris PeBenito 49317e
$3
Chris PeBenito 49317e
changequote([,])dnl
Chris PeBenito 49317e
[')]
Chris PeBenito 49317e
changequote(`,')dnl
Chris PeBenito 49317e
')
Chris PeBenito 49317e
Chris PeBenito 17de1b
define(`declare_netifs',`dnl
Chris PeBenito 17de1b
netifcon $2 gen_context(system_u:object_r:$1,$3) gen_context(system_u:object_r:unlabeled_t,$3)
Chris PeBenito 17de1b
ifelse(`$4',`',`',`declare_netifs($1,shiftn(3,$*))')dnl
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# network_interface(if_name,linux_interface,mls_sensitivity)
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
define(`network_interface',`
Chris PeBenito 49317e
gen_require(``type unlabeled_t;'')
Chris PeBenito 17de1b
type $1_netif_t alias netif_$1_t, netif_type;
Chris PeBenito 17de1b
declare_netifs($1_netif_t,shift($*))
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 019dfa
define(`network_interface_controlled',`
Chris PeBenito 019dfa
ifdef(`__network_enabled_declared__',`',`
Chris PeBenito 019dfa
## <desc>
Chris PeBenito 019dfa
## 

Chris PeBenito 019dfa
## Enable network traffic on all controlled interfaces.
Chris PeBenito 019dfa
## 

Chris PeBenito 019dfa
## </desc>
Chris PeBenito 019dfa
gen_bool(network_enabled, true)
Chris PeBenito 019dfa
define(`__network_enabled_declared__')
Chris PeBenito 019dfa
')
Chris PeBenito 019dfa
gen_require(``type unlabeled_t;'')
Chris PeBenito 019dfa
type $1_netif_t alias netif_$1_t, netif_type;
Chris PeBenito 019dfa
declare_netifs($1_netif_t,shift($*))
Chris PeBenito 019dfa
')
Chris PeBenito 019dfa
Chris PeBenito 17de1b
define(`declare_nodes',`dnl
Chris PeBenito 17de1b
nodecon $3 $4 gen_context(system_u:object_r:$1,$2)
Chris PeBenito 17de1b
ifelse(`$5',`',`',`declare_nodes($1,shiftn(4,$*))')dnl
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# network_node(node_name,mls_sensitivity,address,netmask[, mls_sensitivity,address,netmask, [...]])
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
define(`network_node',`
Chris PeBenito 17de1b
type $1_node_t alias node_$1_t, node_type;
Chris PeBenito 17de1b
declare_nodes($1_node_t,shift($*))
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
define(`declare_ports',`dnl
Chris PeBenito 17de1b
ifelse(eval($3 < 1024),1,`
Chris PeBenito 17de1b
typeattribute $1 reserved_port_type;
Chris PeBenito 17de1b
#bindresvport in glibc starts searching for reserved ports at 600
Chris PeBenito 17de1b
ifelse(eval($3 >= 600),1,`typeattribute $1 rpc_port_type;',`dnl')
Chris PeBenito 17de1b
',`dnl')
Chris PeBenito 17de1b
portcon $2 $3 gen_context(system_u:object_r:$1,$4)
Chris PeBenito 17de1b
ifelse(`$5',`',`',`declare_ports($1,shiftn(4,$*))')dnl
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# network_port(port_name,protocol portnum mls_sensitivity [,protocol portnum mls_sensitivity[,...]])
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
define(`network_port',`
Chris PeBenito 17de1b
type $1_port_t, port_type;
Chris PeBenito 17de1b
type $1_client_packet_t, packet_type, client_packet_type;
Chris PeBenito 17de1b
type $1_server_packet_t, packet_type, server_packet_type;
Chris PeBenito 17de1b
declare_ports($1_port_t,shift($*))
Chris PeBenito 17de1b
')
Chris PeBenito 17de1b
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
# network_packet(packet_name)
Chris PeBenito 17de1b
#
Chris PeBenito 17de1b
define(`network_packet',`
Chris PeBenito 17de1b
type $1_client_packet_t, packet_type, client_packet_type;
Chris PeBenito 17de1b
type $1_server_packet_t, packet_type, server_packet_type;
Chris PeBenito 17de1b
')