mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

parser: add fine grained conditionals to network rule

Browse Source 
Options available are ip= and port= inside the peer group or outside,
representing local addresses and ports:

network peer=(ip=127.0.0.1 port=8080),
network ip=::1 port=8080 peer=(ip=::2 port=8081),

The 'ip' option supports both IPv4 and IPv6. Examples would be
ip=192.168.0.4, or ip=::578d

The 'port' option accepts a 16-bit unsigned integer. An example would
be port=1234

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
This commit is contained in:
Georgia Garcia
2023-08-22 18:12:29 -03:00
parent 746f76d3e1
commit ddefe11a40
4 changed files with 267 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
parser/all_rule.cc
View File

@@ -83,7 +83,7 @@ void all_rule::add_implied_rules(Profile &prof)
(void) rule->add_prefix(*prefix);
prof.rule_ents.push_back(rule);
rule = new network_rule(0, NULL);
rule = new network_rule(0, (struct cond_entry *)NULL, (struct cond_entry *)NULL);
(void) rule->add_prefix(*prefix);
prof.rule_ents.push_back(rule);