diff --git a/deployment/fail2ban-curl-allow.te b/deployment/fail2ban-curl-allow.te
index 14c604d..12475fd 100644
--- a/deployment/fail2ban-curl-allow.te
+++ b/deployment/fail2ban-curl-allow.te
@@ -1,11 +1,23 @@
-
-module fail2ban-curl-allow 1.0;
+# deployment/fail2ban-curl-allow.te
+module fail2ban-curl-allow 1.1;
 
 require {
-	type fail2ban_t;
-	type http_cache_port_t;
-	class tcp_socket name_connect;
+    type fail2ban_t;
+    type http_cache_port_t;
+    type var_run_t;
+    type etc_t;
+    type var_log_t;
+    class tcp_socket name_connect;
+    class file { read write open execute };
+    class dir { search read };
 }
 
 #============= fail2ban_t ==============
 allow fail2ban_t http_cache_port_t:tcp_socket name_connect;
+
+# Zusätzliche benötigte Berechtigungen
+allow fail2ban_t etc_t:file { read open };
+allow fail2ban_t var_log_t:file { read open };
+allow fail2ban_t var_run_t:file { read write open };
+allow fail2ban_t var_run_t:dir search;
+allow fail2ban_t etc_t:dir search;
\ No newline at end of file