From mboxrd@z Thu Jan  1 00:00:00 1970
From: dwalsh@redhat.com (Daniel J Walsh)
Date: Mon, 25 Aug 2008 13:52:47 -0400
Subject: [refpolicy] [patch 04/35] corenetwork policy update
In-Reply-To: <1219329708.16398.68.camel@gorn.columbia.tresys.com>
References: <20080804123456.679565839@hardeman.nu>	<20080804123735.158269348@hardeman.nu>
	<1219329708.16398.68.camel@gorn.columbia.tresys.com>
Message-ID: <48B2F16F.3030606@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Ok this is just adding additional ports to existing definitions.


--- nsaserefpolicy/policy/modules/kernel/corenetwork.te.in
2008-08-11 11:23:34.000000000 -0400
+++ serefpolicy-3.5.5/policy/modules/kernel/corenetwork.te.in
2008-08-25 13:35:01.000000000 -0400
@@ -149,11 +157,11 @@
 network_port(ricci_modcluster, tcp,16851,s0, udp,16851,s0)
 network_port(rlogind, tcp,513,s0)
 network_port(rndc, tcp,953,s0)
-network_port(router, udp,520,s0)
+network_port(router, udp,520,s0, udp,521,s0, tcp,521,s0)
 network_port(rsh, tcp,514,s0)
 network_port(rsync, tcp,873,s0, udp,873,s0)
 network_port(rwho, udp,513,s0)
-network_port(smbd, tcp,139,s0, tcp,445,s0)
+network_port(smbd, tcp,137-139,s0, tcp,445,s0)
 network_port(smtp, tcp,25,s0, tcp,465,s0, tcp,587,s0)
 network_port(snmp, udp,161,s0, udp,162,s0, tcp,199,s0)
 network_port(spamd, tcp,783,s0)