From ed95571b391f6b6a4c161f940ead6fc76b2a5097 Mon Sep 17 00:00:00 2001
From: Michael Reber <michael.reber@rlinfp02.swissmakers.corp>
Date: Wed, 29 Jan 2025 23:49:04 +0100
Subject: [PATCH] Add SELinux Module, to allow fail2ban communication via
 localhost on port 8080

---
 internal/fail2ban-curl-allow.pp | Bin 0 -> 983 bytes
 internal/fail2ban-curl-allow.te |  11 +++++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 internal/fail2ban-curl-allow.pp
 create mode 100644 internal/fail2ban-curl-allow.te

diff --git a/internal/fail2ban-curl-allow.pp b/internal/fail2ban-curl-allow.pp
new file mode 100644
index 0000000000000000000000000000000000000000..936404a5a97dfd4d04211abf3bf36358d3264213
GIT binary patch
literal 983
zcmb_aO-lnY5MA4gh)_km_YYLmUoe;6>d7Av(imwqO_psIJ@^;I-|I=|)qQN*A_(=t
z%gns_$fli-ueZ;ms;a;<<-5iswfEEUY#H0v@m+dogCD4LsYKba61Y%4+GV(%+c<G;
z6DBr<^fFZW=IUD1?1C4abP2|=Kz6lRC-?00sYXzvU3ueDjNWBd<9>Fe`IBZ$BdQTX
zM{Vg-E;YOhJnt;;&~U4Fk#lXFbqjCm)MS(K1QzpS1YI5Y!<bCvH@iCpb=2TXN8UmU
zy@Y50GLL5gvN`*Mvsu??wrkM`vW^xSA?kq4;lBrDbN(EE@zIYukh5r^5kg1pfBD78
kgIs(swxVBRC?&DDT-ZU8gO3H=Te7klqx+>QGn&}LH~U0I*Z=?k

literal 0
HcmV?d00001

diff --git a/internal/fail2ban-curl-allow.te b/internal/fail2ban-curl-allow.te
new file mode 100644
index 0000000..14c604d
--- /dev/null
+++ b/internal/fail2ban-curl-allow.te
@@ -0,0 +1,11 @@
+
+module fail2ban-curl-allow 1.0;
+
+require {
+	type fail2ban_t;
+	type http_cache_port_t;
+	class tcp_socket name_connect;
+}
+
+#============= fail2ban_t ==============
+allow fail2ban_t http_cache_port_t:tcp_socket name_connect;