Install Now
sepolicy-network - Examine the SELinux Policy and generate a network report
Contents
Description
Use sepolicynetwork to examine SELinux Policy and generate network reports.
Examples
sepolicynetwork-p22
22: tcp ssh_port_t 22
22: udp reserved_port_t 1-511
22: tcp reserved_port_t 1-511
sepolicynetwork-a/usr/sbin/sshd
sshd_t: tcp name_connect
111 (portmap_port_t)
53 (dns_port_t)
88, 750, 4444 (kerberos_port_t)
9080 (ocsp_port_t)
9180, 9701, 9443-9447 (pki_ca_port_t)
32768-61000 (ephemeral_port_t)
all ports < 1024 (reserved_port_type)
all ports with out defined types (port_t)
sshd_t: tcp name_bind
22 (ssh_port_t)
5900-5983, 5985-5999 (vnc_port_t)
6000-6020 (xserver_port_t)
32768-61000 (ephemeral_port_t)
all ports > 500 and < 1024 (rpc_port_type)
all ports with out defined types (port_t)
sshd_t: udp name_bind
32768-61000 (ephemeral_port_t)
all ports > 500 and < 1024 (rpc_port_type)
all ports with out defined types (port_t)
Name
sepolicy-network - Examine the SELinux Policy and generate a network report
Options
-a,--application
Generate a report listing the ports to which the specified init application is allowed to connect
and or bind
-d,--domain
Generate a report listing the ports to which the specified domain is allowed to connect and or
bind
-l,--list
List all Network Port Types defined in SELinux Policy
-h,--help
Display help message
-t,--type
Generate a report listing the port numbers associate with the specified SELinux port type
-p,--port
Generate a report listing the SELinux port types associate with the specified port number
See Also
sepolicy(8), selinux(8), semanage(8) 20121005 sepolicy-network(8)
Synopsis
sepolicynetwork[-h](-l|-aapplication[application...]|-pPORT[PORT...]|-tTYPE[TYPE...]|-dDOMAIN[DOMAIN...])
PNG Icons