def _network(self):
from sepolicy import network
self.fd.write("""
.SH NETWORK
""")
for net in ("tcp", "udp"):
portdict = network.get_network_connect(self.type, net, "name_bind")
if len(portdict) > 0:
self.fd.write("""
.TP
The SELinux user %s_u is able to listen on the following %s ports.
""" % (self.domainname, net))
for p in portdict:
for t, ports in portdict[p]:
self.fd.write("""
.B %s
""" % ",".join(ports))
portdict = network.get_network_connect(self.type, "tcp", "name_connect")
if len(portdict) > 0:
self.fd.write("""
.TP
The SELinux user %s_u is able to connect to the following tcp ports.
""" % (self.domainname))
for p in portdict:
for t, ports in portdict[p]:
self.fd.write("""
.B %s
""" % ",".join(ports))
def _network(self):
from sepolicy import network
self.fd.write("""
.SH NETWORK
""")
for net in ("tcp", "udp"):
portdict = network.get_network_connect(self.type, net, "name_bind")
if len(portdict) > 0:
self.fd.write("""
.TP
The SELinux user %s_u is able to listen on the following %s ports.
""" % (self.domainname, net))
for p in portdict:
for t, ports in portdict[p]:
self.fd.write("""
.B %s
""" % ",".join(ports))
portdict = network.get_network_connect(self.type, "tcp",
"name_connect")
if len(portdict) > 0:
self.fd.write("""
.TP
The SELinux user %s_u is able to connect to the following tcp ports.
""" % (self.domainname))
for p in portdict:
for t, ports in portdict[p]:
self.fd.write("""
.B %s
""" % ",".join(ports))
def _print_net(src, protocol, perm):
from sepolicy.network import get_network_connect
portdict = get_network_connect(src, protocol, perm)
if len(portdict) > 0:
print "%s: %s %s" % (src, protocol, perm)
for p in portdict:
for recs in portdict[p]:
print "\t" + recs
