def _network(self): from sepolicy import network self.fd.write(""" .SH NETWORK """) for net in ("tcp", "udp"): portdict = network.get_network_connect(self.type, net, "name_bind") if len(portdict) > 0: self.fd.write(""" .TP The SELinux user %s_u is able to listen on the following %s ports. """ % (self.domainname, net)) for p in portdict: for t, ports in portdict[p]: self.fd.write(""" .B %s """ % ",".join(ports)) portdict = network.get_network_connect(self.type, "tcp", "name_connect") if len(portdict) > 0: self.fd.write(""" .TP The SELinux user %s_u is able to connect to the following tcp ports. """ % (self.domainname)) for p in portdict: for t, ports in portdict[p]: self.fd.write(""" .B %s """ % ",".join(ports))
def _print_net(src, protocol, perm): from sepolicy.network import get_network_connect portdict = get_network_connect(src, protocol, perm) if len(portdict) > 0: print "%s: %s %s" % (src, protocol, perm) for p in portdict: for recs in portdict[p]: print "\t" + recs