1*e4a36f41SAndroid Build Coastguard Worker## Network types 2*e4a36f41SAndroid Build Coastguard Workertype node, node_type; 3*e4a36f41SAndroid Build Coastguard Workertype netif, netif_type; 4*e4a36f41SAndroid Build Coastguard Workertype port, port_type; 5*e4a36f41SAndroid Build Coastguard Worker 6*e4a36f41SAndroid Build Coastguard Worker### 7*e4a36f41SAndroid Build Coastguard Worker### Domain with network access 8*e4a36f41SAndroid Build Coastguard Worker### 9*e4a36f41SAndroid Build Coastguard Worker 10*e4a36f41SAndroid Build Coastguard Worker# Use network sockets. 11*e4a36f41SAndroid Build Coastguard Workerallow netdomain self:tcp_socket create_stream_socket_perms; 12*e4a36f41SAndroid Build Coastguard Workerallow netdomain self:{ icmp_socket udp_socket rawip_socket } create_socket_perms; 13*e4a36f41SAndroid Build Coastguard Worker 14*e4a36f41SAndroid Build Coastguard Worker# Connect to ports. 15*e4a36f41SAndroid Build Coastguard Workerallow netdomain port_type:tcp_socket name_connect; 16*e4a36f41SAndroid Build Coastguard Worker# Bind to ports. 17*e4a36f41SAndroid Build Coastguard Workerallow {netdomain -ephemeral_app} node_type:{ icmp_socket rawip_socket tcp_socket udp_socket } node_bind; 18*e4a36f41SAndroid Build Coastguard Workerallow {netdomain -ephemeral_app} port_type:udp_socket name_bind; 19*e4a36f41SAndroid Build Coastguard Workerallow {netdomain -ephemeral_app} port_type:tcp_socket name_bind; 20*e4a36f41SAndroid Build Coastguard Worker# See changes to the routing table. 21*e4a36f41SAndroid Build Coastguard Workerallow netdomain self:netlink_route_socket { create read getattr write setattr lock append bind connect getopt setopt shutdown nlmsg_read }; 22*e4a36f41SAndroid Build Coastguard Worker 23*e4a36f41SAndroid Build Coastguard Worker# Talks to netd via dnsproxyd socket. 24*e4a36f41SAndroid Build Coastguard Workerunix_socket_connect(netdomain, dnsproxyd, netd) 25*e4a36f41SAndroid Build Coastguard Worker 26*e4a36f41SAndroid Build Coastguard Worker# Talks to netd via fwmarkd socket. 27*e4a36f41SAndroid Build Coastguard Workerunix_socket_connect(netdomain, fwmarkd, netd) 28*e4a36f41SAndroid Build Coastguard Worker 29*e4a36f41SAndroid Build Coastguard Worker# Connect to mdnsd via mdnsd socket. 30*e4a36f41SAndroid Build Coastguard Workerunix_socket_connect(netdomain, mdnsd, mdnsd) 31