| type setup_network, domain; | |
| type setup_network_exec, exec_type, vendor_file_type, file_type; | |
| init_daemon_domain(setup_network) | |
| allow setup_network self:capability { net_admin net_raw sys_module }; | |
| allow setup_network self:udp_socket { create ioctl }; | |
| allow setup_network self:netlink_route_socket { bind create nlmsg_write read write }; | |
| allow setup_network kernel:system module_request; |