Daniel, Ivan, thanks for the helpful comments.
Appears that ptal only needs 'server', so I changed to 'can_network_server_tcp(ptal_t)'.
I defined 'ptal_port_t' in network.te, and bound it to port 5703 in network_contexts.
Hope this is better. Please correct.... tom
selinux@lists.fedoraproject.org