mirror of
https://github.com/swissmakers/fail2ban-ui.git
synced 2026-04-11 13:47:05 +02:00
23 lines
656 B
Plaintext
23 lines
656 B
Plaintext
# deployment/fail2ban-curl-allow.te
|
|
module fail2ban-curl-allow 1.1;
|
|
|
|
require {
|
|
type fail2ban_t;
|
|
type http_cache_port_t;
|
|
type var_run_t;
|
|
type etc_t;
|
|
type var_log_t;
|
|
class tcp_socket name_connect;
|
|
class file { read write open execute };
|
|
class dir { search read };
|
|
}
|
|
|
|
#============= fail2ban_t ==============
|
|
allow fail2ban_t http_cache_port_t:tcp_socket name_connect;
|
|
|
|
# Zusätzliche benötigte Berechtigungen
|
|
allow fail2ban_t etc_t:file { read open };
|
|
allow fail2ban_t var_log_t:file { read open };
|
|
allow fail2ban_t var_run_t:file { read write open };
|
|
allow fail2ban_t var_run_t:dir search;
|
|
allow fail2ban_t etc_t:dir search; |