diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index ecf5b06..1010a8f 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,8 @@
+	* Rename ipsec connect interface for consistency.
+	* Add missing parts of unix stream socket connect interface
+	  of ipsec.
+	* Rename inetd connect interface for consistency.
+
 20050802 (2 Aug 2005)
 	* Fix comparison bug in fc_sort.
 	* Fix handling of ordered and unordered HTML lists.
diff --git a/refpolicy/policy/modules/services/inetd.if b/refpolicy/policy/modules/services/inetd.if
index 732db79..5ec77b3 100644
--- a/refpolicy/policy/modules/services/inetd.if
+++ b/refpolicy/policy/modules/services/inetd.if
@@ -119,7 +119,7 @@ interface(`inetd_service_domain',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`inetd_tcp_connectto',`
+interface(`inetd_tcp_connect',`
 	gen_require(`
 		type inetd_t;
 		class tcp_socket { connectto acceptfrom recvfrom };
diff --git a/refpolicy/policy/modules/system/ipsec.if b/refpolicy/policy/modules/system/ipsec.if
index b17231e..c48f7d3 100644
--- a/refpolicy/policy/modules/system/ipsec.if
+++ b/refpolicy/policy/modules/system/ipsec.if
@@ -26,18 +26,23 @@ interface(`ipsec_domtrans',`
 
 ########################################
 ## <summary>
-##	Connect to an IPSEC unix domain stream socket.
+##	Connect to IPSEC using a unix domain stream socket.
 ## </summary>
 ## <param name="domain">
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`ipsec_connectto_unix_stream_socket',`
+interface(`ipsec_stream_connect',`
 	gen_require(`
-		type ipsec_t;
+		type ipsec_t, ipsec_var_run_t;
+		class dir search;
+		class sock_file write;
 		class unix_stream_socket connectto;
 	')
 
+	files_search_pids($1)
+	allow $1 ipsec_var_run_t:dir search;
+	allow $1 ipsec_var_run_t:sock_file write;
 	allow $1 ipsec_t:unix_stream_socket connectto;
 ')
 
diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index 3e386ed..4b13e86 100644
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -241,7 +241,7 @@ template(`base_user_template',`
 	')
 
 	optional_policy(`inetd.te',`
-		inetd_tcp_connectto($1_t)
+		inetd_tcp_connect($1_t)
 	')
 
 	optional_policy(`nis.te',`
diff --git a/refpolicy/policy/modules/system/userdomain.te b/refpolicy/policy/modules/system/userdomain.te
index c7b76ec..4e6dd98 100644
--- a/refpolicy/policy/modules/system/userdomain.te
+++ b/refpolicy/policy/modules/system/userdomain.te
@@ -130,7 +130,7 @@ ifdef(`targeted_policy',`
 		# at things (e.g., ipsec auto --status)
 		# probably should create an ipsec_admin role for this kind of thing
 		ipsec_exec_mgmt(sysadm_t)
-		ipsec_connectto_unix_stream_socket(sysadm_t)
+		ipsec_stream_connect(sysadm_t)
 		# for lsof
 		ipsec_getattr_key_socket(sysadm_t)
 	')