|
Chris PeBenito |
9401ae1 |
## <summary>Virtual Private Networking client</summary>
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Execute VPN clients in the vpnc domain.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed to transition.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_domtrans',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t, vpnc_exec_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
domtrans_pattern($1, vpnc_exec_t, vpnc_t)
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Execute VPN clients in the vpnc domain, and
|
|
Chris PeBenito |
9401ae1 |
## allow the specified role the vpnc domain.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed to transition.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
## <param name="role">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Role allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
## <rolecap/>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_run',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
b7fed43 |
attribute_role vpnc_roles;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
vpn_domtrans($1)
|
|
Chris PeBenito |
b7fed43 |
roleattribute $2 vpnc_roles;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Send VPN clients the kill signal.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_kill',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 vpnc_t:process sigkill;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Send generic signals to VPN clients.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_signal',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 vpnc_t:process signal;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Send signull to VPN clients.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_signull',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 vpnc_t:process signull;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Send and receive messages from
|
|
Chris PeBenito |
9401ae1 |
## Vpnc over dbus.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_dbus_chat',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t;
|
|
Chris PeBenito |
9401ae1 |
class dbus send_msg;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 vpnc_t:dbus send_msg;
|
|
Chris PeBenito |
9401ae1 |
allow vpnc_t $1:dbus send_msg;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
########################################
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Relabelfrom from vpnc socket.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## <param name="domain">
|
|
Chris PeBenito |
9401ae1 |
## <summary>
|
|
Chris PeBenito |
9401ae1 |
## Domain allowed access.
|
|
Chris PeBenito |
9401ae1 |
## </summary>
|
|
Chris PeBenito |
9401ae1 |
## </param>
|
|
Chris PeBenito |
9401ae1 |
#
|
|
Chris PeBenito |
9401ae1 |
interface(`vpn_relabelfrom_tun_socket',`
|
|
Chris PeBenito |
9401ae1 |
gen_require(`
|
|
Chris PeBenito |
9401ae1 |
type vpnc_t;
|
|
Chris PeBenito |
9401ae1 |
')
|
|
Chris PeBenito |
9401ae1 |
|
|
Chris PeBenito |
9401ae1 |
allow $1 vpnc_t:tun_socket relabelfrom;
|
|
Chris PeBenito |
9401ae1 |
')
|