matchportcon?
Dominick Grift
dominick.grift at gmail.com
Sun Jul 14 15:00:25 UTC 2013
On Sun, 2013-07-14 at 01:26 -0400, Dave Quigley wrote:
> Do we have an equivalent of matchpathcon for ports? Where we can specify
> a protocol and port and see what the policy thinks it labeled?
>
from man sepolicy-network:
> sepolicy-network(8) sepolicy-network(8)
>
> NAME
> sepolicy-network - Examine the SELinux Policy and generate a network report
>
> SYNOPSIS
> sepolicy network [-h] (-l | -p PORT [PORT ...] | -t TYPE [TYPE ...] | -d DOMAIN [DOMAIN ...])
>
> DESCRIPTION
> Use sepolicy network to examine SELinux Policy and generate network reports.
>
> OPTIONS
> -d, --domain
> Generate a report listing the ports to which the specified domain is allowed to connect and or bind.
>
> -l, --list
> List all Network Port Types defined in SELinux Policy
>
> -h, --help
> Display help message
>
> -t, --type
> Generate a report listing the port numbers associate with the specified SELinux port type.
>
> -p, --port
> Generate a report listing the SELinux port types associate with the specified port number.
>
> AUTHOR
> This man page was written by Daniel Walsh <dwalsh at redhat.com>
>
> SEE ALSO
> sepolicy(8), selinux(8), semanage(8)
>
> 20121005 sepolicy-network(8)
> Dave
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
More information about the selinux
mailing list