1# Network types 2type node, node_type; 3type netif, netif_type; 4type port, port_type; 5 6# Use network sockets. 7allow netdomain self:tcp_socket create_stream_socket_perms; 8allow netdomain self:{ udp_socket rawip_socket } create_socket_perms; 9# Connect to ports. 10allow netdomain port_type:tcp_socket name_connect; 11# Bind to ports. 12allow netdomain node_type:{ tcp_socket udp_socket } node_bind; 13allow netdomain port_type:udp_socket name_bind; 14allow netdomain port_type:tcp_socket name_bind; 15# See changes to the routing table. 16allow netdomain self:netlink_route_socket { create_socket_perms nlmsg_read }; 17 18# Talks to netd via dnsproxyd socket. 19unix_socket_connect(netdomain, dnsproxyd, netd) 20 21# Talks to netd via fwmarkd socket. 22unix_socket_connect(netdomain, fwmarkd, netd) 23 24# Connect to mdnsd via mdnsd socket. 25unix_socket_connect(netdomain, mdnsd, mdnsd) 26