(type netutils_t)
(roletype object_r netutils_t)
(type netutils_exec_t)
(roletype object_r netutils_exec_t)
(type netutils_tmp_t)
(roletype object_r netutils_tmp_t)
(type ping_t)
(roletype object_r ping_t)
(type ping_exec_t)
(roletype object_r ping_exec_t)
(type ss_t)
(roletype object_r ss_t)
(type ss_exec_t)
(roletype object_r ss_exec_t)
(type traceroute_t)
(roletype object_r traceroute_t)
(type traceroute_exec_t)
(roletype object_r traceroute_exec_t)
(boolean user_ping false)
(roleattributeset cil_gen_require system_r)
(roletype system_r netutils_t)
(roletype system_r ping_t)
(roletype system_r traceroute_t)
(typeattributeset cil_gen_require initrc_t)
(typeattributeset cil_gen_require systemprocess)
(typeattributeset systemprocess (netutils_t ping_t traceroute_t ))
(typeattributeset cil_gen_require application_domain_type)
(typeattributeset application_domain_type (netutils_t ping_t ss_t traceroute_t ))
(typeattributeset cil_gen_require domain)
(typeattributeset domain (netutils_t ping_t ss_t traceroute_t ))
(typeattributeset cil_gen_require init_t)
(typeattributeset cil_gen_require sysfs_t)
(typeattributeset cil_gen_require application_exec_type)
(typeattributeset application_exec_type (netutils_exec_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require exec_type)
(typeattributeset exec_type (netutils_exec_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require file_type)
(typeattributeset file_type (netutils_exec_t netutils_tmp_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require non_security_file_type)
(typeattributeset non_security_file_type (netutils_exec_t netutils_tmp_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require non_auth_file_type)
(typeattributeset non_auth_file_type (netutils_exec_t netutils_tmp_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require entry_type)
(typeattributeset entry_type (netutils_exec_t ping_exec_t ss_exec_t traceroute_exec_t ))
(typeattributeset cil_gen_require tmpfile)
(typeattributeset tmpfile (netutils_tmp_t ))
(typeattributeset cil_gen_require polymember)
(typeattributeset polymember (netutils_tmp_t ))
(typeattributeset cil_gen_require ubac_constrained_type)
(typeattributeset ubac_constrained_type (ss_t ))
(typeattributeset cil_gen_require tmp_t)
(typeattributeset cil_gen_require proc_t)
(typeattributeset cil_gen_require proc_net_t)
(typeattributeset cil_gen_require sysctl_type)
(typeattributeset cil_gen_require netlabel_peer_t)
(typeattributeset cil_gen_require netif_t)
(typeattributeset cil_gen_require node_t)
(typeattributeset cil_gen_require port_type)
(typeattributeset cil_gen_require client_packet_type)
(typeattributeset cil_gen_require fs_t)
(typeattributeset cil_gen_require privfd)
(typeattributeset cil_gen_require etc_t)
(typeattributeset cil_gen_require usr_t)
(typeattributeset cil_gen_require var_t)
(typeattributeset cil_gen_require initrc_devpts_t)
(typeattributeset cil_gen_require devpts_t)
(typeattributeset cil_gen_require device_t)
(typeattributeset cil_gen_require nsswitch_domain)
(typeattributeset nsswitch_domain (netutils_t ping_t traceroute_t ))
(typeattributeset cil_gen_require syslogd_t)
(typeattributeset cil_gen_require syslogd_runtime_t)
(typeattributeset cil_gen_require devlog_t)
(typeattributeset cil_gen_require init_runtime_t)
(typeattributeset cil_gen_require var_run_t)
(typeattributeset cil_gen_require console_device_t)
(typeattributeset cil_gen_require locale_t)
(typeattributeset cil_gen_require user_devpts_t)
(typeattributeset cil_gen_require user_tty_device_t)
(typeattributeset cil_gen_require icmp_packet_t)
(typeattributeset cil_gen_require urandom_device_t)
(typeattributeset cil_gen_require sysctl_t)
(typeattributeset cil_gen_require sysctl_net_t)
(typeattributeset cil_gen_require tty_device_t)
(typeattributeset cil_gen_require sysctl_fs_t)
(typeattributeset cil_gen_require bin_t)
(typeattributeset cil_gen_require traceroute_port_t)
(typeattributeset cil_gen_require traceroute_server_packet_t)
(typeattributeset cil_gen_require random_device_t)
(typeattributeset cil_gen_require cert_t)
(typeattributeset cil_gen_require user_home_dir_t)
(typeattributeset cil_gen_require user_home_t)
(typeattributeset cil_gen_require kernel_t)
(typeattributeset cil_gen_require debugfs_t)
(typeattributeset cil_gen_require usbmon_device_t)
(allow netutils_t netutils_exec_t (file (entrypoint)))
(allow netutils_t netutils_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t netutils_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t netutils_t (process (transition)))
(dontaudit initrc_t netutils_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t netutils_exec_t process netutils_t)
(allow netutils_t initrc_t (fd (use)))
(allow netutils_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow netutils_t initrc_t (process (sigchld)))
(allow ping_t ping_exec_t (file (entrypoint)))
(allow ping_t ping_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t ping_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t ping_t (process (transition)))
(dontaudit initrc_t ping_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t ping_exec_t process ping_t)
(allow ping_t initrc_t (fd (use)))
(allow ping_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow ping_t initrc_t (process (sigchld)))
(allow ss_t ss_exec_t (file (entrypoint)))
(allow ss_t ss_exec_t (file (ioctl read getattr lock map execute open)))
(allow traceroute_t traceroute_exec_t (file (entrypoint)))
(allow traceroute_t traceroute_exec_t (file (ioctl read getattr lock map execute open)))
(allow initrc_t traceroute_exec_t (file (ioctl read getattr map execute open)))
(allow initrc_t traceroute_t (process (transition)))
(dontaudit initrc_t traceroute_t (process (noatsecure siginh rlimitinh)))
(typetransition initrc_t traceroute_exec_t process traceroute_t)
(allow traceroute_t initrc_t (fd (use)))
(allow traceroute_t initrc_t (fifo_file (ioctl read write getattr lock append)))
(allow traceroute_t initrc_t (process (sigchld)))
(allow netutils_t self (capability (dac_read_search setgid setuid setpcap net_admin net_raw sys_chroot)))
(dontaudit netutils_t self (capability (dac_override sys_tty_config)))
(allow netutils_t self (process (sigchld sigkill sigstop signull signal getcap setcap)))
(allow netutils_t self (netlink_generic_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t self (netlink_route_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write)))
(allow netutils_t self (netlink_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t self (netlink_netfilter_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t self (packet_socket (ioctl read write create getattr setattr append map bind connect getopt setopt shutdown)))
(allow netutils_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
(allow netutils_t self (socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t netutils_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow netutils_t netutils_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open add_name remove_name reparent search rmdir)))
(allow netutils_t netutils_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(allow netutils_t netutils_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open)))
(allow netutils_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search)))
(typetransition netutils_t tmp_t dir netutils_tmp_t)
(typetransition netutils_t tmp_t file netutils_tmp_t)
(allow netutils_t proc_t (dir (getattr open search)))
(allow netutils_t proc_net_t (dir (getattr open search)))
(allow netutils_t proc_net_t (file (ioctl read getattr lock open)))
(allow netutils_t proc_t (dir (getattr open search)))
(allow netutils_t proc_net_t (dir (getattr open search)))
(allow netutils_t proc_net_t (lnk_file (read getattr)))
(allow netutils_t proc_t (dir (getattr open search)))
(allow netutils_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow netutils_t proc_t (dir (getattr open search)))
(allow netutils_t proc_net_t (dir (getattr open search)))
(allow netutils_t sysctl_type (dir (getattr open search)))
(allow netutils_t sysctl_type (file (ioctl read getattr lock open)))
(allow netutils_t proc_t (dir (getattr open search)))
(allow netutils_t proc_net_t (dir (getattr open search)))
(allow netutils_t sysctl_type (dir (ioctl read getattr lock open search)))
(allow netutils_t netlabel_peer_t (peer (recv)))
(allow netutils_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow netutils_t netlabel_peer_t (udp_socket (recvfrom)))
(allow netutils_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow netutils_t netif_t (netif (ingress egress)))
(allow netutils_t netif_t (netif (egress)))
(allow netutils_t netif_t (netif (ingress)))
(allow netutils_t netif_t (netif (egress)))
(allow netutils_t netif_t (netif (ingress)))
(allow netutils_t node_t (node (recvfrom sendto)))
(allow netutils_t node_t (node (sendto)))
(allow netutils_t node_t (node (recvfrom)))
(allow netutils_t node_t (node (sendto)))
(allow netutils_t node_t (node (recvfrom)))
(allow netutils_t port_type (tcp_socket (name_connect)))
(allow netutils_t client_packet_type (packet (send)))
(allow netutils_t client_packet_type (packet (recv)))
(allow netutils_t node_t (udp_socket (node_bind)))
(allow netutils_t sysfs_t (dir (getattr open search)))
(allow netutils_t sysfs_t (file (ioctl read getattr lock open)))
(allow netutils_t sysfs_t (dir (getattr open search)))
(allow netutils_t sysfs_t (lnk_file (read getattr)))
(allow netutils_t sysfs_t (dir (getattr open search)))
(allow netutils_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow netutils_t fs_t (filesystem (getattr)))
(allow netutils_t privfd (fd (use)))
(dontaudit netutils_t proc_t (filesystem (getattr)))
(allow netutils_t etc_t (dir (ioctl read getattr lock open search)))
(allow netutils_t etc_t (dir (getattr open search)))
(allow netutils_t etc_t (file (ioctl read getattr lock open)))
(allow netutils_t etc_t (dir (getattr open search)))
(allow netutils_t etc_t (lnk_file (read getattr)))
(allow netutils_t usr_t (dir (ioctl read getattr lock open search)))
(allow netutils_t usr_t (dir (getattr open search)))
(allow netutils_t usr_t (file (ioctl read getattr lock open)))
(allow netutils_t usr_t (dir (getattr open search)))
(allow netutils_t usr_t (lnk_file (read getattr)))
(dontaudit netutils_t var_t (dir (getattr open search)))
(allow netutils_t init_t (fd (use)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (dir (ioctl read getattr lock open search)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (lnk_file (read getattr)))
(allow netutils_t devpts_t (dir (ioctl read getattr lock open search)))
(allow netutils_t initrc_devpts_t (chr_file (ioctl read write getattr lock append open)))
(allow netutils_t devlog_t (sock_file (write getattr append open)))
(allow netutils_t var_run_t (lnk_file (read getattr)))
(allow netutils_t var_t (dir (getattr open search)))
(allow netutils_t var_run_t (dir (getattr open search)))
(allow netutils_t init_runtime_t (dir (getattr open search)))
(allow netutils_t syslogd_runtime_t (dir (getattr open search)))
(allow netutils_t syslogd_t (unix_dgram_socket (sendto)))
(allow netutils_t syslogd_t (unix_stream_socket (connectto)))
(allow netutils_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (dir (ioctl read getattr lock open search)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (lnk_file (read getattr)))
(allow netutils_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit netutils_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow netutils_t etc_t (dir (getattr open search)))
(allow netutils_t etc_t (lnk_file (read getattr)))
(allow netutils_t usr_t (dir (getattr open search)))
(allow netutils_t locale_t (dir (ioctl read getattr lock open search)))
(allow netutils_t locale_t (dir (getattr open search)))
(allow netutils_t locale_t (file (ioctl read getattr lock open)))
(allow netutils_t locale_t (dir (getattr open search)))
(allow netutils_t locale_t (lnk_file (read getattr)))
(allow netutils_t locale_t (file (map)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (dir (ioctl read getattr lock open search)))
(allow netutils_t device_t (dir (getattr open search)))
(allow netutils_t device_t (lnk_file (read getattr)))
(allow netutils_t devpts_t (dir (ioctl read getattr lock open search)))
(allow netutils_t user_devpts_t (chr_file (ioctl read write getattr append)))
(allow netutils_t user_tty_device_t (chr_file (ioctl read write getattr append)))
(allow ping_t self (capability (setuid net_raw)))
(allow ping_t self (process (getcap setcap)))
(dontaudit ping_t self (capability (sys_tty_config)))
(allow ping_t self (tcp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow ping_t self (rawip_socket (ioctl read write create getattr bind getopt setopt)))
(allow ping_t self (packet_socket (ioctl read write create bind getopt setopt)))
(allow ping_t self (netlink_route_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read nlmsg_write)))
(allow ping_t self (icmp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow ping_t netlabel_peer_t (peer (recv)))
(allow ping_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow ping_t netlabel_peer_t (udp_socket (recvfrom)))
(allow ping_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow ping_t icmp_packet_t (packet (send)))
(allow ping_t icmp_packet_t (packet (recv)))
(allow ping_t netif_t (netif (ingress egress)))
(allow ping_t netif_t (netif (egress)))
(allow ping_t netif_t (netif (ingress)))
(allow ping_t node_t (node (sendto)))
(allow ping_t node_t (node (recvfrom)))
(allow ping_t node_t (node (recvfrom sendto)))
(allow ping_t node_t (rawip_socket (node_bind)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow ping_t privfd (fd (use)))
(allow ping_t etc_t (dir (ioctl read getattr lock open search)))
(allow ping_t etc_t (dir (getattr open search)))
(allow ping_t etc_t (file (ioctl read getattr lock open)))
(allow ping_t etc_t (dir (getattr open search)))
(allow ping_t etc_t (lnk_file (read getattr)))
(allow ping_t proc_t (dir (getattr open search)))
(allow ping_t sysctl_t (dir (getattr open search)))
(allow ping_t sysctl_net_t (dir (getattr open search)))
(allow ping_t sysctl_net_t (file (ioctl read getattr lock open)))
(allow ping_t proc_t (dir (getattr open search)))
(allow ping_t sysctl_t (dir (getattr open search)))
(allow ping_t sysctl_net_t (dir (ioctl read getattr lock open search)))
(allow ping_t proc_t (dir (getattr open search)))
(allow ping_t proc_t (file (ioctl read getattr lock open)))
(allow ping_t proc_t (dir (getattr open search)))
(allow ping_t proc_t (lnk_file (read getattr)))
(allow ping_t proc_t (dir (getattr open search)))
(allow ping_t proc_t (dir (ioctl read getattr lock open search)))
(dontaudit ping_t init_t (fd (use)))
(allow ping_t devlog_t (sock_file (write getattr append open)))
(allow ping_t var_run_t (lnk_file (read getattr)))
(allow ping_t var_t (dir (getattr open search)))
(allow ping_t var_run_t (dir (getattr open search)))
(allow ping_t init_runtime_t (dir (getattr open search)))
(allow ping_t syslogd_runtime_t (dir (getattr open search)))
(allow ping_t syslogd_t (unix_dgram_socket (sendto)))
(allow ping_t syslogd_t (unix_stream_socket (connectto)))
(allow ping_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow ping_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (dir (ioctl read getattr lock open search)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (lnk_file (read getattr)))
(allow ping_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit ping_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow ping_t etc_t (dir (getattr open search)))
(allow ping_t etc_t (lnk_file (read getattr)))
(allow ping_t usr_t (dir (getattr open search)))
(allow ping_t locale_t (dir (ioctl read getattr lock open search)))
(allow ping_t locale_t (dir (getattr open search)))
(allow ping_t locale_t (file (ioctl read getattr lock open)))
(allow ping_t locale_t (dir (getattr open search)))
(allow ping_t locale_t (lnk_file (read getattr)))
(allow ping_t locale_t (file (map)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (dir (ioctl read getattr lock open search)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (lnk_file (read getattr)))
(allow ping_t devpts_t (dir (ioctl read getattr lock open search)))
(allow ping_t user_devpts_t (chr_file (ioctl read write getattr append)))
(allow ping_t user_tty_device_t (chr_file (ioctl read write getattr append)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (dir (ioctl read getattr lock open search)))
(allow ping_t device_t (dir (getattr open search)))
(allow ping_t device_t (lnk_file (read getattr)))
(allow ping_t tty_device_t (chr_file (ioctl read write getattr lock append open)))
(allow ss_t self (capability (net_admin)))
(allow ss_t self (netlink_tcpdiag_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown nlmsg_read)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t sysctl_t (dir (getattr open search)))
(allow ss_t sysctl_net_t (dir (getattr open search)))
(allow ss_t sysctl_net_t (file (ioctl read getattr lock open)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t sysctl_t (dir (getattr open search)))
(allow ss_t sysctl_net_t (dir (ioctl read getattr lock open search)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_net_t (dir (getattr open search)))
(allow ss_t proc_net_t (file (ioctl read getattr lock open)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_net_t (dir (getattr open search)))
(allow ss_t proc_net_t (lnk_file (read getattr)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_t (lnk_file (read getattr)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_t (file (ioctl read getattr lock open)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_t (lnk_file (read getattr)))
(allow ss_t proc_t (dir (getattr open search)))
(allow ss_t proc_t (dir (ioctl read getattr lock open search)))
(allow ss_t privfd (fd (use)))
(allow ss_t etc_t (dir (ioctl read getattr lock open search)))
(allow ss_t etc_t (dir (getattr open search)))
(allow ss_t etc_t (file (ioctl read getattr lock open)))
(allow ss_t etc_t (dir (getattr open search)))
(allow ss_t etc_t (lnk_file (read getattr)))
(allow ss_t device_t (dir (getattr open search)))
(allow ss_t device_t (dir (ioctl read getattr lock open search)))
(allow ss_t device_t (dir (getattr open search)))
(allow ss_t device_t (lnk_file (read getattr)))
(allow ss_t devpts_t (dir (ioctl read getattr lock open search)))
(allow ss_t user_devpts_t (chr_file (ioctl read write getattr append)))
(allow ss_t user_tty_device_t (chr_file (ioctl read write getattr append)))
(allow traceroute_t self (capability (setgid setuid net_admin net_raw)))
(allow traceroute_t self (fifo_file (ioctl read write getattr lock append)))
(allow traceroute_t self (process (signal)))
(allow traceroute_t self (netlink_generic_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow traceroute_t self (rawip_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow traceroute_t self (packet_socket (ioctl read write create getattr setattr append map bind connect getopt setopt shutdown)))
(allow traceroute_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow traceroute_t traceroute_exec_t (file (ioctl read getattr lock map execute open execute_no_trans)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_t (file (ioctl read getattr lock open)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_t (lnk_file (read getattr)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_net_t (dir (getattr open search)))
(allow traceroute_t proc_net_t (file (ioctl read getattr lock open)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_net_t (dir (getattr open search)))
(allow traceroute_t proc_net_t (lnk_file (read getattr)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t proc_net_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t proc_t (dir (getattr open search)))
(allow traceroute_t sysctl_t (dir (getattr open search)))
(allow traceroute_t sysctl_fs_t (dir (getattr open search)))
(allow traceroute_t sysctl_fs_t (dir (getattr open search)))
(allow traceroute_t bin_t (dir (getattr open search)))
(allow traceroute_t bin_t (lnk_file (read getattr)))
(allow traceroute_t usr_t (dir (getattr open search)))
(allow traceroute_t netlabel_peer_t (peer (recv)))
(allow traceroute_t netlabel_peer_t (tcp_socket (recvfrom)))
(allow traceroute_t netlabel_peer_t (udp_socket (recvfrom)))
(allow traceroute_t netlabel_peer_t (rawip_socket (recvfrom)))
(allow traceroute_t netif_t (netif (ingress egress)))
(allow traceroute_t netif_t (netif (egress)))
(allow traceroute_t netif_t (netif (ingress)))
(allow traceroute_t netif_t (netif (egress)))
(allow traceroute_t netif_t (netif (ingress)))
(allow traceroute_t node_t (node (recvfrom sendto)))
(allow traceroute_t node_t (node (sendto)))
(allow traceroute_t node_t (node (recvfrom)))
(allow traceroute_t node_t (node (sendto)))
(allow traceroute_t node_t (node (recvfrom)))
(allow traceroute_t node_t (udp_socket (node_bind)))
(allow traceroute_t node_t (tcp_socket (node_bind)))
(allow traceroute_t node_t (rawip_socket (node_bind)))
(allow traceroute_t traceroute_port_t (udp_socket (name_bind)))
(allow traceroute_t self (capability (net_bind_service)))
(allow traceroute_t port_type (tcp_socket (name_connect)))
(allow traceroute_t client_packet_type (packet (send)))
(allow traceroute_t client_packet_type (packet (recv)))
(allow traceroute_t traceroute_server_packet_t (packet (send)))
(allow traceroute_t traceroute_server_packet_t (packet (recv)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t random_device_t (chr_file (ioctl read getattr lock open)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t urandom_device_t (chr_file (ioctl read getattr lock open)))
(allow traceroute_t sysfs_t (dir (getattr open search)))
(allow traceroute_t sysfs_t (file (ioctl read getattr lock open)))
(allow traceroute_t sysfs_t (dir (getattr open search)))
(allow traceroute_t sysfs_t (lnk_file (read getattr)))
(allow traceroute_t sysfs_t (dir (getattr open search)))
(allow traceroute_t sysfs_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t privfd (fd (use)))
(allow traceroute_t etc_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t etc_t (dir (getattr open search)))
(allow traceroute_t etc_t (file (ioctl read getattr lock open)))
(allow traceroute_t etc_t (dir (getattr open search)))
(allow traceroute_t etc_t (lnk_file (read getattr)))
(allow traceroute_t usr_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t usr_t (dir (getattr open search)))
(allow traceroute_t usr_t (file (ioctl read getattr lock open)))
(allow traceroute_t usr_t (dir (getattr open search)))
(allow traceroute_t usr_t (lnk_file (read getattr)))
(allow traceroute_t init_t (fd (use)))
(allow traceroute_t devlog_t (sock_file (write getattr append open)))
(allow traceroute_t var_run_t (lnk_file (read getattr)))
(allow traceroute_t var_t (dir (getattr open search)))
(allow traceroute_t var_run_t (dir (getattr open search)))
(allow traceroute_t init_runtime_t (dir (getattr open search)))
(allow traceroute_t syslogd_runtime_t (dir (getattr open search)))
(allow traceroute_t syslogd_t (unix_dgram_socket (sendto)))
(allow traceroute_t syslogd_t (unix_stream_socket (connectto)))
(allow traceroute_t self (unix_dgram_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow traceroute_t self (unix_stream_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t device_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t device_t (lnk_file (read getattr)))
(allow traceroute_t console_device_t (chr_file (ioctl write getattr lock append open)))
(dontaudit traceroute_t console_device_t (chr_file (ioctl read getattr lock open)))
(allow traceroute_t cert_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t cert_t (dir (getattr open search)))
(allow traceroute_t cert_t (file (ioctl read getattr lock open)))
(allow traceroute_t cert_t (dir (getattr open search)))
(allow traceroute_t cert_t (lnk_file (read getattr)))
(allow traceroute_t etc_t (dir (getattr open search)))
(allow traceroute_t etc_t (lnk_file (read getattr)))
(allow traceroute_t usr_t (dir (getattr open search)))
(allow traceroute_t locale_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t locale_t (dir (getattr open search)))
(allow traceroute_t locale_t (file (ioctl read getattr lock open)))
(allow traceroute_t locale_t (dir (getattr open search)))
(allow traceroute_t locale_t (lnk_file (read getattr)))
(allow traceroute_t locale_t (file (map)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t device_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t device_t (dir (getattr open search)))
(allow traceroute_t device_t (lnk_file (read getattr)))
(allow traceroute_t devpts_t (dir (ioctl read getattr lock open search)))
(allow traceroute_t user_devpts_t (chr_file (ioctl read write getattr append)))
(allow traceroute_t user_tty_device_t (chr_file (ioctl read write getattr append)))
(dontaudit traceroute_t user_home_dir_t (dir (getattr open search)))
(dontaudit traceroute_t user_home_t (dir (getattr open search)))
(allow netutils_t kernel_t (system (module_request)))
(dontaudit netutils_t debugfs_t (dir (getattr open search)))
(dontaudit netutils_t usbmon_device_t (chr_file (ioctl read getattr lock open)))
(optional netutils_optional_2
    (typeattributeset cil_gen_require init_t)
    (allow netutils_t init_t (process (sigchld)))
    (allow netutils_t init_t (process (signull)))
    (optional netutils_optional_3
        (typeattributeset cil_gen_require rpm_t)
        (allow netutils_t rpm_t (fd (use)))
        (allow netutils_t rpm_t (fifo_file (ioctl read getattr lock open)))
    )
    (optional netutils_optional_4
        (typeattributeset cil_gen_require security_t)
        (typeattributeset cil_gen_require sysfs_t)
        (dontaudit netutils_t security_t (filesystem (getattr)))
        (dontaudit netutils_t sysfs_t (filesystem (getattr)))
        (dontaudit netutils_t sysfs_t (dir (getattr open search)))
        (dontaudit netutils_t security_t (dir (getattr open search)))
        (dontaudit netutils_t security_t (file (ioctl read getattr lock open)))
    )
    (optional netutils_optional_5
        (typeattributeset cil_gen_require selinux_config_t)
        (dontaudit netutils_t selinux_config_t (dir (getattr open search)))
        (dontaudit netutils_t selinux_config_t (file (ioctl read getattr lock open)))
    )
    (optional netutils_optional_6
        (typeattributeset cil_gen_require init_t)
        (allow ping_t init_t (process (sigchld)))
        (allow ping_t init_t (process (signull)))
        (optional netutils_optional_7
            (typeattributeset cil_gen_require rpm_t)
            (allow ping_t rpm_t (fd (use)))
            (allow ping_t rpm_t (fifo_file (ioctl read getattr lock open)))
        )
        (optional netutils_optional_8
            (typeattributeset cil_gen_require security_t)
            (typeattributeset cil_gen_require sysfs_t)
            (dontaudit ping_t security_t (filesystem (getattr)))
            (dontaudit ping_t sysfs_t (filesystem (getattr)))
            (dontaudit ping_t sysfs_t (dir (getattr open search)))
            (dontaudit ping_t security_t (dir (getattr open search)))
            (dontaudit ping_t security_t (file (ioctl read getattr lock open)))
        )
        (optional netutils_optional_9
            (typeattributeset cil_gen_require selinux_config_t)
            (dontaudit ping_t selinux_config_t (dir (getattr open search)))
            (dontaudit ping_t selinux_config_t (file (ioctl read getattr lock open)))
        )
        (optional netutils_optional_10
            (typeattributeset cil_gen_require init_t)
            (allow ss_t init_t (process (sigchld)))
            (allow ss_t init_t (process (signull)))
            (optional netutils_optional_11
                (typeattributeset cil_gen_require rpm_t)
                (allow ss_t rpm_t (fd (use)))
                (allow ss_t rpm_t (fifo_file (ioctl read getattr lock open)))
            )
            (optional netutils_optional_12
                (typeattributeset cil_gen_require security_t)
                (typeattributeset cil_gen_require sysfs_t)
                (dontaudit ss_t security_t (filesystem (getattr)))
                (dontaudit ss_t sysfs_t (filesystem (getattr)))
                (dontaudit ss_t sysfs_t (dir (getattr open search)))
                (dontaudit ss_t security_t (dir (getattr open search)))
                (dontaudit ss_t security_t (file (ioctl read getattr lock open)))
            )
            (optional netutils_optional_13
                (typeattributeset cil_gen_require selinux_config_t)
                (dontaudit ss_t selinux_config_t (dir (getattr open search)))
                (dontaudit ss_t selinux_config_t (file (ioctl read getattr lock open)))
            )
            (optional netutils_optional_14
                (typeattributeset cil_gen_require init_t)
                (allow traceroute_t init_t (process (sigchld)))
                (allow traceroute_t init_t (process (signull)))
                (optional netutils_optional_15
                    (typeattributeset cil_gen_require rpm_t)
                    (allow traceroute_t rpm_t (fd (use)))
                    (allow traceroute_t rpm_t (fifo_file (ioctl read getattr lock open)))
                )
                (optional netutils_optional_16
                    (typeattributeset cil_gen_require security_t)
                    (typeattributeset cil_gen_require sysfs_t)
                    (dontaudit traceroute_t security_t (filesystem (getattr)))
                    (dontaudit traceroute_t sysfs_t (filesystem (getattr)))
                    (dontaudit traceroute_t sysfs_t (dir (getattr open search)))
                    (dontaudit traceroute_t security_t (dir (getattr open search)))
                    (dontaudit traceroute_t security_t (file (ioctl read getattr lock open)))
                )
                (optional netutils_optional_17
                    (typeattributeset cil_gen_require selinux_config_t)
                    (dontaudit traceroute_t selinux_config_t (dir (getattr open search)))
                    (dontaudit traceroute_t selinux_config_t (file (ioctl read getattr lock open)))
                )
                (optional netutils_optional_18
                    (typeattributeset cil_gen_require netlabel_peer_t)
                    (typeattributeset cil_gen_require netif_t)
                    (typeattributeset cil_gen_require node_t)
                    (typeattributeset cil_gen_require port_type)
                    (typeattributeset cil_gen_require etc_t)
                    (typeattributeset cil_gen_require var_t)
                    (typeattributeset cil_gen_require var_run_t)
                    (typeattributeset cil_gen_require var_yp_t)
                    (typeattributeset cil_gen_require port_t)
                    (typeattributeset cil_gen_require defined_port_type)
                    (typeattributeset cil_gen_require reserved_port_type)
                    (typeattributeset cil_gen_require portmap_port_t)
                    (typeattributeset cil_gen_require reserved_port_t)
                    (typeattributeset cil_gen_require portmap_client_packet_t)
                    (typeattributeset cil_gen_require client_packet_t)
                    (typeattributeset cil_gen_require server_packet_t)
                    (typeattributeset cil_gen_require net_conf_t)
                    (booleanif (allow_ypbind)
                        (true
                            (allow netutils_t net_conf_t (lnk_file (read getattr)))
                            (allow netutils_t net_conf_t (file (ioctl read getattr lock open)))
                            (allow netutils_t net_conf_t (dir (ioctl read getattr lock open search)))
                            (allow netutils_t var_run_t (dir (getattr open search)))
                            (allow netutils_t var_t (dir (getattr open search)))
                            (allow netutils_t var_run_t (lnk_file (read getattr)))
                            (allow netutils_t etc_t (dir (getattr open search)))
                            (allow netutils_t server_packet_t (packet (recv)))
                            (allow netutils_t server_packet_t (packet (send)))
                            (allow netutils_t client_packet_t (packet (recv)))
                            (allow netutils_t client_packet_t (packet (send)))
                            (allow netutils_t portmap_client_packet_t (packet (recv)))
                            (allow netutils_t portmap_client_packet_t (packet (send)))
                            (dontaudit netutils_t port_type (tcp_socket (name_connect)))
                            (allow netutils_t port_t (tcp_socket (name_connect)))
                            (allow netutils_t reserved_port_t (tcp_socket (name_connect)))
                            (allow netutils_t portmap_port_t (tcp_socket (name_connect)))
                            (dontaudit netutils_t port_type (udp_socket (name_bind)))
                            (dontaudit netutils_t port_type (tcp_socket (name_bind)))
                            (dontaudit netutils_t reserved_port_type (udp_socket (name_bind)))
                            (dontaudit netutils_t reserved_port_type (tcp_socket (name_bind)))
                            (dontaudit netutils_t defined_port_type (udp_socket (name_bind)))
                            (allow netutils_t port_t (udp_socket (name_bind)))
                            (dontaudit netutils_t defined_port_type (tcp_socket (name_bind)))
                            (allow netutils_t port_t (tcp_socket (name_bind)))
                            (allow netutils_t node_t (udp_socket (node_bind)))
                            (allow netutils_t node_t (tcp_socket (node_bind)))
                            (allow netutils_t node_t (node (recvfrom)))
                            (allow netutils_t node_t (node (sendto)))
                            (allow netutils_t node_t (node (recvfrom sendto)))
                            (allow netutils_t netif_t (netif (ingress)))
                            (allow netutils_t netif_t (netif (egress)))
                            (allow netutils_t netif_t (netif (ingress egress)))
                            (allow netutils_t netlabel_peer_t (tcp_socket (recvfrom)))
                            (allow netutils_t netlabel_peer_t (udp_socket (recvfrom)))
                            (allow netutils_t netlabel_peer_t (rawip_socket (recvfrom)))
                            (allow netutils_t netlabel_peer_t (peer (recv)))
                            (allow netutils_t var_yp_t (lnk_file (read getattr)))
                            (allow netutils_t var_yp_t (file (ioctl read getattr lock open)))
                            (allow netutils_t var_yp_t (dir (ioctl read getattr lock open search)))
                            (allow netutils_t self (udp_socket (ioctl read write create getattr setattr append bind connect getopt setopt shutdown)))
                            (allow netutils_t self (tcp_socket (ioctl read write create getattr setattr append bind connect listen accept getopt setopt shutdown)))
                            (allow netutils_t self (capability (net_bind_service)))
                        )
                    )
                )
                (optional netutils_optional_19
                    (typeattributeset cil_gen_require var_t)
                    (typeattributeset cil_gen_require vmware_log_t)
                    (typeattributeset cil_gen_require var_log_t)
                    (allow netutils_t var_t (dir (getattr open search)))
                    (allow netutils_t var_log_t (dir (getattr open search)))
                    (allow netutils_t var_log_t (lnk_file (read getattr)))
                    (allow netutils_t vmware_log_t (dir (getattr open search)))
                    (allow netutils_t vmware_log_t (file (ioctl getattr lock append open)))
                )
                (optional netutils_optional_20
                    (typeattributeset cil_gen_require var_t)
                    (typeattributeset cil_gen_require var_log_t)
                    (typeattributeset cil_gen_require xen_log_t)
                    (allow netutils_t var_t (dir (getattr open search)))
                    (allow netutils_t var_log_t (dir (getattr open search)))
                    (allow netutils_t var_log_t (lnk_file (read getattr)))
                    (allow netutils_t xen_log_t (dir (getattr open search)))
                    (allow netutils_t xen_log_t (file (ioctl getattr lock append open)))
                    (dontaudit netutils_t xen_log_t (file (write)))
                )
                (optional netutils_optional_21
                    (typeattributeset cil_gen_require var_t)
                    (typeattributeset cil_gen_require var_log_t)
                    (typeattributeset cil_gen_require munin_log_t)
                    (allow ping_t var_t (dir (getattr open search)))
                    (allow ping_t var_log_t (dir (getattr open search)))
                    (allow ping_t var_log_t (lnk_file (read getattr)))
                    (allow ping_t munin_log_t (dir (ioctl read getattr lock open search)))
                    (allow ping_t munin_log_t (dir (getattr open search)))
                    (allow ping_t munin_log_t (file (ioctl getattr lock append open)))
                )
                (optional netutils_optional_22
                    (typeattributeset cil_gen_require nagios_log_t)
                    (typeattributeset cil_gen_require nagios_t)
                    (dontaudit ping_t nagios_log_t (file (ioctl read write getattr lock append open)))
                    (dontaudit ping_t nagios_t (fifo_file (ioctl read write getattr lock append open)))
                )
            )
        )
    )
)
(filecon "/usr/bin/arping" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/bin/fping" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/bin/hping2" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/bin/iptstate" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/bin/lft" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/mtr" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/mtr-packet" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/nmap" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/ping.*" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/bin/send_arp" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/bin/ss" file (system_u object_r ss_exec_t (systemlow systemlow)))
(filecon "/usr/bin/tcpdump" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/bin/tracepath.*" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/traceroute.*" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/arping" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/fping" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/hping2" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/iftop" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/iptstate" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/send_arp" file (system_u object_r ping_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/ss" file (system_u object_r ss_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/tcpdump" file (system_u object_r netutils_exec_t (systemlow systemlow)))
(filecon "/usr/sbin/traceroute.*" file (system_u object_r traceroute_exec_t (systemlow systemlow)))
(filecon "/usr/bin/iftop" file (system_u object_r netutils_exec_t (systemlow systemlow)))
