centos man page for sepolicy-network

Centos Man Pages All Man Pages Latest Topics Forum Categories

Query: sepolicy-network

OS: centos

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

sepolicy-network(8)													       sepolicy-network(8)


NAME

       sepolicy-network - Examine the SELinux Policy and generate a network report


SYNOPSIS

       sepolicy network [-h] (-l | -a application [application ...] | -p PORT [PORT ...] | -t TYPE [TYPE ...] | -d DOMAIN [DOMAIN ...])


DESCRIPTION

       Use sepolicy network to examine SELinux Policy and generate network reports.


OPTIONS

       -a, --application
	      Generate a report listing the ports to which the specified init application is allowed to connect and or bind.

       -d, --domain
	      Generate a report listing the ports to which the specified domain is allowed to connect and or bind.

       -l, --list
	      List all Network Port Types defined in SELinux Policy

       -h, --help
	      Display help message

       -t, --type
	      Generate a report listing the port numbers associate with the specified SELinux port type.

       -p, --port
	      Generate a report listing the SELinux port types associate with the specified port number.


EXAMPLES

       sepolicy network -p 22
       22: tcp ssh_port_t 22
       22: udp reserved_port_t 1-511
       22: tcp reserved_port_t 1-511

       sepolicy network -a /usr/sbin/sshd
       sshd_t: tcp name_connect
	    111 (portmap_port_t)
	    53 (dns_port_t)
	    88, 750, 4444 (kerberos_port_t)
	    9080 (ocsp_port_t)
	    9180, 9701, 9443-9447 (pki_ca_port_t)
	    32768-61000 (ephemeral_port_t)
	    all ports < 1024 (reserved_port_type)
	    all ports with out defined types (port_t)
       sshd_t: tcp name_bind
	    22 (ssh_port_t)
	    5900-5983, 5985-5999 (vnc_port_t)
	    6000-6020 (xserver_port_t)
	    32768-61000 (ephemeral_port_t)
	    all ports > 500 and  < 1024 (rpc_port_type)
	    all ports with out defined types (port_t)
       sshd_t: udp name_bind
	    32768-61000 (ephemeral_port_t)
	    all ports > 500 and  < 1024 (rpc_port_type)
	    all ports with out defined types (port_t)


AUTHOR

       This man page was written by Daniel Walsh <dwalsh@redhat.com>


SEE ALSO

       sepolicy(8), selinux(8), semanage(8)

								     20121005						       sepolicy-network(8)
Related Man Pages
semanage(8) - centos
comsat_selinux(8) - centos
dbskkd_selinux(8) - centos
semanage-port(8) - centos
sepolicy-network(8) - centos
Similar Topics in the Unix Linux Community
Closing out ports???
Ports
tcp_ephemeral_high issue with AIX 5.2
Script to Monitor List of Ports
IPv6 address block assign/associate with an interface