diff --git a/policy-20071130.patch b/policy-20071130.patch
index cb0958b..b5b3b6a 100644
--- a/policy-20071130.patch
+++ b/policy-20071130.patch
@@ -11163,7 +11163,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.3.1/policy/modules/services/apache.te
 --- nsaserefpolicy/policy/modules/services/apache.te	2008-06-12 23:38:01.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/apache.te	2008-09-19 09:53:01.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/apache.te	2008-09-19 10:06:13.000000000 -0400
 @@ -20,6 +20,8 @@
  # Declarations
  #
@@ -11609,18 +11609,15 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
  
  files_read_etc_files(httpd_suexec_t)
  files_read_usr_files(httpd_suexec_t)
-@@ -626,8 +760,10 @@
- 	corenet_udp_sendrecv_all_ports(httpd_suexec_t)
- 	corenet_tcp_connect_all_ports(httpd_suexec_t)
+@@ -628,6 +762,7 @@
  	corenet_sendrecv_all_client_packets(httpd_suexec_t)
-+	sysnet_dns_name_resolve(httpd_suexec_t)
  ')
  
 +domain_entry_file(httpd_sys_script_t,httpd_sys_content_t)
  tunable_policy(`httpd_enable_cgi && httpd_unified',`
  	domtrans_pattern(httpd_suexec_t, httpdcontent, httpd_sys_script_t)
  ')
-@@ -638,6 +774,12 @@
+@@ -638,6 +773,12 @@
  	fs_exec_nfs_files(httpd_suexec_t)
  ')
  
@@ -11633,7 +11630,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
  tunable_policy(`httpd_enable_homedirs && use_samba_home_dirs',`
  	fs_read_cifs_files(httpd_suexec_t)
  	fs_read_cifs_symlinks(httpd_suexec_t)
-@@ -655,10 +797,6 @@
+@@ -655,10 +796,6 @@
  	dontaudit httpd_suexec_t httpd_t:unix_stream_socket { read write };
  ')
  
@@ -11644,7 +11641,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
  ########################################
  #
  # Apache system script local policy
-@@ -668,7 +806,8 @@
+@@ -668,7 +805,8 @@
  
  dontaudit httpd_sys_script_t httpd_config_t:dir search;
  
@@ -11654,7 +11651,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
  
  allow httpd_sys_script_t squirrelmail_spool_t:dir list_dir_perms;
  read_files_pattern(httpd_sys_script_t,squirrelmail_spool_t,squirrelmail_spool_t)
-@@ -682,15 +821,45 @@
+@@ -682,15 +820,46 @@
  # Should we add a boolean?
  apache_domtrans_rotatelogs(httpd_sys_script_t)
  
@@ -11679,6 +11676,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +	allow httpd_sys_script_t self:tcp_socket create_stream_socket_perms;
 +	allow httpd_sys_script_t self:udp_socket create_socket_perms;
 +
++	corenet_tcp_bind_all_nodes(httpd_sys_script_t)
++	corenet_udp_bind_all_nodes(httpd_sys_script_t)
 +	corenet_all_recvfrom_unlabeled(httpd_sys_script_t)
 +	corenet_all_recvfrom_netlabel(httpd_sys_script_t)
 +	corenet_tcp_sendrecv_all_if(httpd_sys_script_t)
@@ -11689,7 +11688,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apac
 +	corenet_udp_sendrecv_all_ports(httpd_sys_script_t)
 +	corenet_tcp_connect_all_ports(httpd_sys_script_t)
 +	corenet_sendrecv_all_client_packets(httpd_sys_script_t)
-+	sysnet_dns_name_resolve(httpd_sys_script_t)
 +')
 +
 +
@@ -23239,7 +23237,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
 +/var/spool/postfix/postgrey(/.*)?	gen_context(system_u:object_r:postgrey_spool_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/postgrey.if serefpolicy-3.3.1/policy/modules/services/postgrey.if
 --- nsaserefpolicy/policy/modules/services/postgrey.if	2008-06-12 23:38:01.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/services/postgrey.if	2008-09-08 11:45:12.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/postgrey.if	2008-09-19 10:23:53.000000000 -0400
 @@ -12,10 +12,82 @@
  #
  interface(`postgrey_stream_connect',`
@@ -23249,8 +23247,9 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/post
          ')
  
  	allow $1 postgrey_t:unix_stream_socket connectto;
-         allow $1 postgrey_var_run_t:sock_file write;
-+        allow $1 postgrey_spool_t:sock_file write;
+-        allow $1 postgrey_var_run_t:sock_file write;
++	write_sock_files_pattern($1, postgrey_var_run_t,  postgrey_var_run_t)
++	write_sock_files_pattern($1, postgrey_spool_t,  postgrey_spool_t)
  	files_search_pids($1)
  ')
 +
@@ -23764,7 +23763,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prelude.te serefpolicy-3.3.1/policy/modules/services/prelude.te
 --- nsaserefpolicy/policy/modules/services/prelude.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/prelude.te	2008-09-19 09:41:26.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/prelude.te	2008-09-19 10:06:47.000000000 -0400
 @@ -0,0 +1,260 @@
 +
 +policy_module(prelude, 1.0.0)
@@ -23998,7 +23997,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/prel
 +')
 +
 +optional_policy(`
-+	apache_search_sys_content(httpd_lml_t)
++	apache_search_sys_content(prelude_lml_t)
 +	apache_read_log(prelude_lml_t)
 +')
 +
@@ -36006,7 +36005,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnet
 +/etc/firestarter/firestarter\.sh gen_context(system_u:object_r:dhcpc_helper_exec_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/sysnetwork.if serefpolicy-3.3.1/policy/modules/system/sysnetwork.if
 --- nsaserefpolicy/policy/modules/system/sysnetwork.if	2008-06-12 23:38:01.000000000 -0400
-+++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.if	2008-09-08 11:45:13.000000000 -0400
++++ serefpolicy-3.3.1/policy/modules/system/sysnetwork.if	2008-09-19 10:05:27.000000000 -0400
 @@ -145,6 +145,25 @@
  
  ########################################