diff --git a/refpolicy/policy/modules/services/comsat.te b/refpolicy/policy/modules/services/comsat.te
index bb50e6e..3d5f28e 100644
--- a/refpolicy/policy/modules/services/comsat.te
+++ b/refpolicy/policy/modules/services/comsat.te
@@ -5,6 +5,7 @@ policy_module(comsat,1.0)
 #
 # Declarations
 #
+
 type comsat_t;
 type comsat_exec_t;
 inetd_udp_service_domain(comsat_t,comsat_exec_t)
@@ -27,7 +28,7 @@ allow comsat_t self:dir search;
 allow comsat_t self:fifo_file rw_file_perms;
 allow comsat_t self:{ lnk_file file } { getattr read };
 allow comsat_t self:netlink_tcpdiag_socket r_netlink_socket_perms;
-allow comsat_t self:tcp_socket { listen accept connected_socket_perms };
+allow comsat_t self:tcp_socket create_stream_socket_perms;
 
 allow comsat_t comsat_tmp_t:dir create_dir_perms;
 allow comsat_t comsat_tmp_t:file create_file_perms;
@@ -44,8 +45,8 @@ corenet_raw_sendrecv_all_if(comsat_t)
 corenet_tcp_sendrecv_all_if(comsat_t)
 corenet_raw_sendrecv_all_nodes(comsat_t)
 corenet_tcp_sendrecv_all_nodes(comsat_t)
-corenet_tcp_sendrecv_all_ports(comsat_t)
 corenet_tcp_bind_all_nodes(comsat_t)
+corenet_tcp_sendrecv_all_ports(comsat_t)
 
 dev_read_urand(comsat_t)