Chris PeBenito 50527c
define(`declare_netifs',`dnl
Chris PeBenito e02c61
netifcon $2 gen_context(system_u:object_r:$1,$3) gen_context(system_u:object_r:unlabeled_t,$3)
Chris PeBenito 50527c
ifelse(`$4',`',`',`declare_netifs($1,shiftn(3,$*))')dnl
Chris PeBenito 50527c
')
Chris PeBenito 50527c
Chris PeBenito f2e4ab
#
Chris PeBenito 50527c
# network_interface(if_name,linux_interface,mls_sensitivity)
Chris PeBenito f2e4ab
#
Chris PeBenito f2e4ab
define(`network_interface',`
Chris PeBenito c24ac9
gen_require(`type unlabeled_t')
Chris PeBenito f2e4ab
type $1_netif_t alias netif_$1_t, netif_type;
Chris PeBenito 50527c
declare_netifs($1_netif_t,shift($*))
Chris PeBenito f2e4ab
')
Chris PeBenito f2e4ab
Chris PeBenito f2e4ab
#
Chris PeBenito f2e4ab
# network_node(node_name,mls_sensitivity,address,netmask)
Chris PeBenito f2e4ab
#
Chris PeBenito f2e4ab
define(`network_node',`
Chris PeBenito f2e4ab
type $1_node_t alias node_$1_t, node_type;
Chris PeBenito e02c61
nodecon $3 $4 gen_context(system_u:object_r:$1_node_t,$2)
Chris PeBenito f2e4ab
')
Chris PeBenito f2e4ab
Chris PeBenito f2e4ab
# These next three macros have formatting, and should not me indented
Chris PeBenito f2e4ab
define(`determine_reserved_capability',`dnl
Chris PeBenito f2e4ab
ifelse(eval($2 < 1024),1,``allow' dollarsone self:capability net_bind_service;',`dnl
Chris PeBenito f2e4ab
ifelse($4,`',`',`determine_reserved_capability(shiftn(3,$*))')dnl end inner ifelse
Chris PeBenito f2e4ab
')dnl end outer ifelse
Chris PeBenito f2e4ab
') dnl end determine reserved capability
Chris PeBenito f2e4ab
Chris PeBenito f2e4ab
define(`determine_reserved_capability_depend',`dnl
Chris PeBenito f2e4ab
ifelse(eval($2 < 1024),1,`class capability net_bind_service;',`dnl
Chris PeBenito f2e4ab
ifelse($4,`',`',`determine_reserved_capability_depend(shiftn(3,$*))')dnl end inner ifelse
Chris PeBenito f2e4ab
')dnl end outer ifelse
Chris PeBenito f2e4ab
') dnl end determine reserved capability depend
Chris PeBenito f2e4ab
Chris PeBenito f2e4ab
define(`declare_ports',`dnl
Chris PeBenito f2e4ab
ifelse(eval($3 < 1024),1,`typeattribute $1 reserved_port_type;',`dnl')
Chris PeBenito e02c61
portcon $2 $3 gen_context(system_u:object_r:$1,$4)
Chris PeBenito f2e4ab
ifelse(`$5',`',`',`declare_ports($1,shiftn(4,$*))')dnl
Chris PeBenito f2e4ab
')
Chris PeBenito f2e4ab
Chris PeBenito f2e4ab
#
Chris PeBenito f2e4ab
# network_port(port_name,protocol portnum mls_sensitivity [,protocol portnum mls_sensitivity[,...]])
Chris PeBenito f2e4ab
#
Chris PeBenito f2e4ab
define(`network_port',`
Chris PeBenito f2e4ab
type $1_port_t, port_type;
Chris PeBenito f2e4ab
declare_ports($1_port_t,shift($*))
Chris PeBenito f2e4ab
')