Hi List, I'm facing the following problem: I want to allow my domain to access certain ports on the local interface and certain ports on a nonlocal interface. Example: Domain may connect to port 25 over eth0 Domain may connect to port 4242 only on the loopback interface. But if I allow my domain to access port 25 over eth0 it can also access port 25 on the local interface because I have to allow full access to both, local and remote nodes and sending traffic over both network interfaces. I think I need to have some kind of condition, or do I missunderstand something here? Constraint: Switching to SECMARKing instead of the "old" network confinement code is not an option at the moment. :( Regards, Chris -- tarent Gesellschaft für Softwareentwicklung und IT-Beratung mbH Heilsbachstr. 24, 53123 Bonn | Poststr. 4-5, 10178 Berlin fon: +49(228) / 52675-0 | fon: +49(30) / 27594853 fax: +49(228) / 52675-25 | fax: +49(30) / 78709617 Geschäftsführer Boris Esser, Elmar Geese HRB AG Bonn 5168 Ust-ID: DE122264941 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
