Blame netlabelctl/netlabel.rules

Packit 51d0f7
#
Packit 51d0f7
# Configuration file for the NetLabel subsystem.  This file should contain
Packit 51d0f7
# individual commands for the netlabelctl utility to be run in order from the
Packit 51d0f7
# top of the file to the bottom.
Packit 51d0f7
#
Packit 51d0f7
# See the netlabel-config(8) and netlabelctl(8) manpages for more information.
Packit 51d0f7
#
Packit 51d0f7
# https://github.com/netlabel
Packit 51d0f7
#
Packit 51d0f7
Packit 51d0f7
##
Packit 51d0f7
## Example: Remove the default configuration and replace it with an address
Packit 51d0f7
##          selector based configuration that send unlabeled traffic to all
Packit 51d0f7
##          IPv4 and IPv6 addresses.
Packit 51d0f7
##
Packit 51d0f7
#
Packit 51d0f7
# map del default
Packit 51d0f7
# map add default address:0.0.0.0/0 protocol:unlbl
Packit 51d0f7
# map add default address:::0/0 protocol:unlbl
Packit 51d0f7
Packit 51d0f7
##
Packit 51d0f7
## Example: Remove the default configuration and replace it with an address
Packit 51d0f7
##          selector based configuration that send unlabeled traffic to all
Packit 51d0f7
##          IPv4 and IPv6 addresses except for 127.0.0.1, which uses CIPSO
Packit 51d0f7
##          DOI 9999 to pass LSM security labels over the loopback network
Packit 51d0f7
##          device.
Packit 51d0f7
##
Packit 51d0f7
#
Packit 51d0f7
# cipso add doi:9999 local
Packit 51d0f7
# map del default
Packit 51d0f7
# map add default address:0.0.0.0/0 protocol:unlbl
Packit 51d0f7
# map add default address:::0/0 protocol:unlbl
Packit 51d0f7
# map add default address:127.0.0.1 protocol:cipso,9999
Packit 51d0f7