Constraints on netif and nodes no longer working after upgrading policy compiler

[Mantaray]

Hello,

I have been using the same policy, which I have customized, for a few 
years now.  When I upgrade my OS (I believe I originally developed the 
policy on Fedora 6) I use the same policy and compile it with the new 
compiler.  The message from checkpolicy when I started using this policy 
was that the binary representation was version 6.  I upgraded to version 
7 and version 8 without any difficulties.  I have recently upgraded to a 
version of the compiler that outputs version 10.  With this version all 
constraints on both netif and node have no effect on my policy.  I have 
done some troubleshooting by simplifying the personalized policy to the 
point that now I am only looking at the following constraint:

constrain netif { dccp_recv dccp_send egress ingress rawip_recv 
rawip_send tcp_send tcp_recv udp_send udp_recv }

(
	t1 == can_access_internet and r1 == standard_r
);

I had previously been able to successfully constrain Eth0, as well as 
several nodes I had defined.  One of these constraints was for an rdc 
connection to a company server (used on a "work" user account), which 
was restricted to one ip address; and another was for my young son, to 
keep him limited to his "pbs kids" site.  This is the primary reason I 
have used SELinux, although I am sure the other protections have been 
helpful as well.
I have already upgraded the policy to the most recent reference policy 
in an effort to resolve the issue.  The only result was additional 
difficulties which were the result of labeling changes in the policy. 
After resolving those difficulties, I am back to my original problem.
I am wondering what changes have been made in the policy compiler that 
could cause this change in behavior, and how I need to modify my policy 
in order to get the node and netif based constraints working again.  If 
anyone has any ideas that would help my to resolve the problem I would 
appreciate it.

-Ken-