*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:selinux_input - [0:0]
:selinux_output - [0:0]
:selinux_new_input - [0:0]
:selinux_new_output - [0:0]
-A INPUT -j selinux_input
-A OUTPUT -j selinux_output
-A selinux_input -m state --state NEW -j selinux_new_input
-A selinux_input -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore
-A selinux_output -m state --state NEW -j selinux_new_output
-A selinux_output -m state --state RELATED,ESTABLISHED -j CONNSECMARK --restore
-A selinux_new_input -j SECMARK --selctx system_u:object_r:server_packet_t:s0
-A selinux_new_input -p udp --dport 7007 -j SECMARK --selctx system_u:object_r:afs_bos_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2040 -j SECMARK --selctx system_u:object_r:afs_fs_server_packet_t:s0
-A selinux_new_input -p udp --dport 7000 -j SECMARK --selctx system_u:object_r:afs_fs_server_packet_t:s0
-A selinux_new_input -p udp --dport 7005 -j SECMARK --selctx system_u:object_r:afs_fs_server_packet_t:s0
-A selinux_new_input -p udp --dport 7004 -j SECMARK --selctx system_u:object_r:afs_ka_server_packet_t:s0
-A selinux_new_input -p udp --dport 7002 -j SECMARK --selctx system_u:object_r:afs_pt_server_packet_t:s0
-A selinux_new_input -p udp --dport 7003 -j SECMARK --selctx system_u:object_r:afs_vl_server_packet_t:s0
-A selinux_new_input -p udp --dport 705 -j SECMARK --selctx system_u:object_r:agentx_server_packet_t:s0
-A selinux_new_input -p tcp --dport 705 -j SECMARK --selctx system_u:object_r:agentx_server_packet_t:s0
-A selinux_new_input -p udp --dport 10080 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10080 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p udp --dport 10081 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10081 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10082 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10083 -j SECMARK --selctx system_u:object_r:amanda_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10024 -j SECMARK --selctx system_u:object_r:amavisd_recv_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10025 -j SECMARK --selctx system_u:object_r:amavisd_send_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3551 -j SECMARK --selctx system_u:object_r:apcupsd_server_packet_t:s0
-A selinux_new_input -p udp --dport 3551 -j SECMARK --selctx system_u:object_r:apcupsd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1720 -j SECMARK --selctx system_u:object_r:asterisk_server_packet_t:s0
-A selinux_new_input -p udp --dport 2427 -j SECMARK --selctx system_u:object_r:asterisk_server_packet_t:s0
-A selinux_new_input -p udp --dport 2727 -j SECMARK --selctx system_u:object_r:asterisk_server_packet_t:s0
-A selinux_new_input -p udp --dport 4569 -j SECMARK --selctx system_u:object_r:asterisk_server_packet_t:s0
-A selinux_new_input -p udp --dport 5060 -j SECMARK --selctx system_u:object_r:asterisk_server_packet_t:s0
-A selinux_new_input -p tcp --dport 60 -j SECMARK --selctx system_u:object_r:audit_server_packet_t:s0
-A selinux_new_input -p tcp --dport 113 -j SECMARK --selctx system_u:object_r:auth_server_packet_t:s0
-A selinux_new_input -p tcp --dport 179 -j SECMARK --selctx system_u:object_r:bgp_server_packet_t:s0
-A selinux_new_input -p udp --dport 179 -j SECMARK --selctx system_u:object_r:bgp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2605 -j SECMARK --selctx system_u:object_r:bgp_server_packet_t:s0
-A selinux_new_input -p udp --dport 2605 -j SECMARK --selctx system_u:object_r:bgp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3310 -j SECMARK --selctx system_u:object_r:clamd_server_packet_t:s0
-A selinux_new_input -p udp --dport 4041 -j SECMARK --selctx system_u:object_r:clockspeed_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5149 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 5149 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p tcp --dport 40040 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p tcp --dport 50006 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 50006 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p tcp --dport 50007 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 50007 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p tcp --dport 50008 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 50008 -j SECMARK --selctx system_u:object_r:cluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 512 -j SECMARK --selctx system_u:object_r:comsat_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2401 -j SECMARK --selctx system_u:object_r:cvs_server_packet_t:s0
-A selinux_new_input -p udp --dport 2401 -j SECMARK --selctx system_u:object_r:cvs_server_packet_t:s0
-A selinux_new_input -p udp --dport 6276 -j SECMARK --selctx system_u:object_r:dcc_server_packet_t:s0
-A selinux_new_input -p udp --dport 6277 -j SECMARK --selctx system_u:object_r:dcc_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1178 -j SECMARK --selctx system_u:object_r:dbskkd_server_packet_t:s0
-A selinux_new_input -p udp --dport 68 -j SECMARK --selctx system_u:object_r:dhcpc_server_packet_t:s0
-A selinux_new_input -p udp --dport 67 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 647 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p udp --dport 647 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 847 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p udp --dport 847 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7911 -j SECMARK --selctx system_u:object_r:dhcpd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2628 -j SECMARK --selctx system_u:object_r:dict_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3632 -j SECMARK --selctx system_u:object_r:distccd_server_packet_t:s0
-A selinux_new_input -p udp --dport 53 -j SECMARK --selctx system_u:object_r:dns_server_packet_t:s0
-A selinux_new_input -p tcp --dport 53 -j SECMARK --selctx system_u:object_r:dns_server_packet_t:s0
-A selinux_new_input -p tcp --dport 79 -j SECMARK --selctx system_u:object_r:fingerd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 20 -j SECMARK --selctx system_u:object_r:ftp_data_server_packet_t:s0
-A selinux_new_input -p tcp --dport 21 -j SECMARK --selctx system_u:object_r:ftp_server_packet_t:s0
-A selinux_new_input -p udp --dport 1718 -j SECMARK --selctx system_u:object_r:gatekeeper_server_packet_t:s0
-A selinux_new_input -p udp --dport 1719 -j SECMARK --selctx system_u:object_r:gatekeeper_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1721 -j SECMARK --selctx system_u:object_r:gatekeeper_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7000 -j SECMARK --selctx system_u:object_r:gatekeeper_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1213 -j SECMARK --selctx system_u:object_r:giftd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 70 -j SECMARK --selctx system_u:object_r:gopher_server_packet_t:s0
-A selinux_new_input -p udp --dport 70 -j SECMARK --selctx system_u:object_r:gopher_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3128 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p udp --dport 3130 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8080 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8118 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11211 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p udp --dport 11211 -j SECMARK --selctx system_u:object_r:http_cache_server_packet_t:s0
-A selinux_new_input -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 443 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 488 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8008 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8009 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8443 -j SECMARK --selctx system_u:object_r:http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5335 -j SECMARK --selctx system_u:object_r:howl_server_packet_t:s0
-A selinux_new_input -p udp --dport 5353 -j SECMARK --selctx system_u:object_r:howl_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1782 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2207 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2208 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8290 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 50000 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 50002 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8292 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9100 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9101 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9102 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9220 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9221 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9222 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9280 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9281 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9282 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9290 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9291 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9292 -j SECMARK --selctx system_u:object_r:hplip_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9010 -j SECMARK --selctx system_u:object_r:i18n_input_server_packet_t:s0
-A selinux_new_input -p tcp --dport 4500 -j SECMARK --selctx system_u:object_r:ipsecnat_server_packet_t:s0
-A selinux_new_input -p udp --dport 4500 -j SECMARK --selctx system_u:object_r:ipsecnat_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5323 -j SECMARK --selctx system_u:object_r:imaze_server_packet_t:s0
-A selinux_new_input -p udp --dport 5323 -j SECMARK --selctx system_u:object_r:imaze_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 1 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 7 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 9 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 13 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 19 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 19 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 37 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 37 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 512 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 543 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 544 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 891 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 891 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 892 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p udp --dport 892 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2105 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5666 -j SECMARK --selctx system_u:object_r:inetd_child_server_packet_t:s0
-A selinux_new_input -p tcp --dport 119 -j SECMARK --selctx system_u:object_r:innd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 631 -j SECMARK --selctx system_u:object_r:ipp_server_packet_t:s0
-A selinux_new_input -p udp --dport 631 -j SECMARK --selctx system_u:object_r:ipp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6667 -j SECMARK --selctx system_u:object_r:ircd_server_packet_t:s0
-A selinux_new_input -p udp --dport 500 -j SECMARK --selctx system_u:object_r:isakmp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3260 -j SECMARK --selctx system_u:object_r:iscsi_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3205 -j SECMARK --selctx system_u:object_r:isns_server_packet_t:s0
-A selinux_new_input -p udp --dport 3205 -j SECMARK --selctx system_u:object_r:isns_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5222 -j SECMARK --selctx system_u:object_r:jabber_client_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5223 -j SECMARK --selctx system_u:object_r:jabber_client_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5269 -j SECMARK --selctx system_u:object_r:jabber_interserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 464 -j SECMARK --selctx system_u:object_r:kerberos_admin_server_packet_t:s0
-A selinux_new_input -p udp --dport 464 -j SECMARK --selctx system_u:object_r:kerberos_admin_server_packet_t:s0
-A selinux_new_input -p tcp --dport 749 -j SECMARK --selctx system_u:object_r:kerberos_admin_server_packet_t:s0
-A selinux_new_input -p tcp --dport 4444 -j SECMARK --selctx system_u:object_r:kerberos_master_server_packet_t:s0
-A selinux_new_input -p udp --dport 4444 -j SECMARK --selctx system_u:object_r:kerberos_master_server_packet_t:s0
-A selinux_new_input -p tcp --dport 88 -j SECMARK --selctx system_u:object_r:kerberos_server_packet_t:s0
-A selinux_new_input -p udp --dport 88 -j SECMARK --selctx system_u:object_r:kerberos_server_packet_t:s0
-A selinux_new_input -p tcp --dport 750 -j SECMARK --selctx system_u:object_r:kerberos_server_packet_t:s0
-A selinux_new_input -p udp --dport 750 -j SECMARK --selctx system_u:object_r:kerberos_server_packet_t:s0
-A selinux_new_input -p tcp --dport 754 -j SECMARK --selctx system_u:object_r:kprop_server_packet_t:s0
-A selinux_new_input -p udp --dport 517 -j SECMARK --selctx system_u:object_r:ktalkd_server_packet_t:s0
-A selinux_new_input -p udp --dport 518 -j SECMARK --selctx system_u:object_r:ktalkd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 389 -j SECMARK --selctx system_u:object_r:ldap_server_packet_t:s0
-A selinux_new_input -p udp --dport 389 -j SECMARK --selctx system_u:object_r:ldap_server_packet_t:s0
-A selinux_new_input -p tcp --dport 636 -j SECMARK --selctx system_u:object_r:ldap_server_packet_t:s0
-A selinux_new_input -p udp --dport 636 -j SECMARK --selctx system_u:object_r:ldap_server_packet_t:s0
-A selinux_new_input -p tcp --dport 24 -j SECMARK --selctx system_u:object_r:lmtp_server_packet_t:s0
-A selinux_new_input -p udp --dport 24 -j SECMARK --selctx system_u:object_r:lmtp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2000 -j SECMARK --selctx system_u:object_r:mail_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3905 -j SECMARK --selctx system_u:object_r:mail_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1234 -j SECMARK --selctx system_u:object_r:monopd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1186 -j SECMARK --selctx system_u:object_r:mysqld_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3306 -j SECMARK --selctx system_u:object_r:mysqld_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1241 -j SECMARK --selctx system_u:object_r:nessus_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5405 -j SECMARK --selctx system_u:object_r:netsupport_server_packet_t:s0
-A selinux_new_input -p udp --dport 5405 -j SECMARK --selctx system_u:object_r:netsupport_server_packet_t:s0
-A selinux_new_input -p udp --dport 137 -j SECMARK --selctx system_u:object_r:nmbd_server_packet_t:s0
-A selinux_new_input -p udp --dport 138 -j SECMARK --selctx system_u:object_r:nmbd_server_packet_t:s0
-A selinux_new_input -p udp --dport 139 -j SECMARK --selctx system_u:object_r:nmbd_server_packet_t:s0
-A selinux_new_input -p udp --dport 123 -j SECMARK --selctx system_u:object_r:ntp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9080 -j SECMARK --selctx system_u:object_r:ocsp_server_packet_t:s0
-A selinux_new_input -p udp --dport 1194 -j SECMARK --selctx system_u:object_r:openvpn_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1194 -j SECMARK --selctx system_u:object_r:openvpn_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9997 -j SECMARK --selctx system_u:object_r:openvpn_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5988 -j SECMARK --selctx system_u:object_r:pegasus_http_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5989 -j SECMARK --selctx system_u:object_r:pegasus_https_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9180 -j SECMARK --selctx system_u:object_r:pki_ca_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9701 -j SECMARK --selctx system_u:object_r:pki_ca_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9443 -j SECMARK --selctx system_u:object_r:pki_ca_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9444 -j SECMARK --selctx system_u:object_r:pki_ca_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9445 -j SECMARK --selctx system_u:object_r:pki_ca_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10180 -j SECMARK --selctx system_u:object_r:pki_kra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10701 -j SECMARK --selctx system_u:object_r:pki_kra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10443 -j SECMARK --selctx system_u:object_r:pki_kra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10444 -j SECMARK --selctx system_u:object_r:pki_kra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 10445 -j SECMARK --selctx system_u:object_r:pki_kra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11180 -j SECMARK --selctx system_u:object_r:pki_ocsp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11701 -j SECMARK --selctx system_u:object_r:pki_ocsp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11443 -j SECMARK --selctx system_u:object_r:pki_ocsp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11444 -j SECMARK --selctx system_u:object_r:pki_ocsp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11445 -j SECMARK --selctx system_u:object_r:pki_ocsp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13180 -j SECMARK --selctx system_u:object_r:pki_tks_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13701 -j SECMARK --selctx system_u:object_r:pki_tks_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13443 -j SECMARK --selctx system_u:object_r:pki_tks_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13444 -j SECMARK --selctx system_u:object_r:pki_tks_server_packet_t:s0
-A selinux_new_input -p tcp --dport 13445 -j SECMARK --selctx system_u:object_r:pki_tks_server_packet_t:s0
-A selinux_new_input -p tcp --dport 12888 -j SECMARK --selctx system_u:object_r:pki_ra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 12889 -j SECMARK --selctx system_u:object_r:pki_ra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7888 -j SECMARK --selctx system_u:object_r:pki_tps_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7889 -j SECMARK --selctx system_u:object_r:pki_tps_server_packet_t:s0
-A selinux_new_input -p udp --dport 11371 -j SECMARK --selctx system_u:object_r:pgpkeyserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11371 -j SECMARK --selctx system_u:object_r:pgpkeyserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 106 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 109 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 110 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 143 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 220 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 993 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 995 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1109 -j SECMARK --selctx system_u:object_r:pop_server_packet_t:s0
-A selinux_new_input -p udp --dport 111 -j SECMARK --selctx system_u:object_r:portmap_server_packet_t:s0
-A selinux_new_input -p tcp --dport 111 -j SECMARK --selctx system_u:object_r:portmap_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5432 -j SECMARK --selctx system_u:object_r:postgresql_server_packet_t:s0
-A selinux_new_input -p tcp --dport 60000 -j SECMARK --selctx system_u:object_r:postgrey_server_packet_t:s0
-A selinux_new_input -p tcp --dport 4690 -j SECMARK --selctx system_u:object_r:prelude_server_packet_t:s0
-A selinux_new_input -p udp --dport 4690 -j SECMARK --selctx system_u:object_r:prelude_server_packet_t:s0
-A selinux_new_input -p tcp --dport 515 -j SECMARK --selctx system_u:object_r:printer_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5703 -j SECMARK --selctx system_u:object_r:ptal_server_packet_t:s0
-A selinux_new_input -p udp --dport 4011 -j SECMARK --selctx system_u:object_r:pxe_server_packet_t:s0
-A selinux_new_input -p udp --dport 24441 -j SECMARK --selctx system_u:object_r:pyzor_server_packet_t:s0
-A selinux_new_input -p udp --dport 1646 -j SECMARK --selctx system_u:object_r:radacct_server_packet_t:s0
-A selinux_new_input -p udp --dport 1813 -j SECMARK --selctx system_u:object_r:radacct_server_packet_t:s0
-A selinux_new_input -p udp --dport 1645 -j SECMARK --selctx system_u:object_r:radius_server_packet_t:s0
-A selinux_new_input -p udp --dport 1812 -j SECMARK --selctx system_u:object_r:radius_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2703 -j SECMARK --selctx system_u:object_r:razor_server_packet_t:s0
-A selinux_new_input -p tcp --dport 11111 -j SECMARK --selctx system_u:object_r:ricci_server_packet_t:s0
-A selinux_new_input -p udp --dport 11111 -j SECMARK --selctx system_u:object_r:ricci_server_packet_t:s0
-A selinux_new_input -p tcp --dport 16851 -j SECMARK --selctx system_u:object_r:ricci_modcluster_server_packet_t:s0
-A selinux_new_input -p udp --dport 16851 -j SECMARK --selctx system_u:object_r:ricci_modcluster_server_packet_t:s0
-A selinux_new_input -p tcp --dport 513 -j SECMARK --selctx system_u:object_r:rlogind_server_packet_t:s0
-A selinux_new_input -p tcp --dport 953 -j SECMARK --selctx system_u:object_r:rndc_server_packet_t:s0
-A selinux_new_input -p udp --dport 520 -j SECMARK --selctx system_u:object_r:router_server_packet_t:s0
-A selinux_new_input -p udp --dport 521 -j SECMARK --selctx system_u:object_r:router_server_packet_t:s0
-A selinux_new_input -p tcp --dport 521 -j SECMARK --selctx system_u:object_r:router_server_packet_t:s0
-A selinux_new_input -p tcp --dport 514 -j SECMARK --selctx system_u:object_r:rsh_server_packet_t:s0
-A selinux_new_input -p tcp --dport 873 -j SECMARK --selctx system_u:object_r:rsync_server_packet_t:s0
-A selinux_new_input -p udp --dport 873 -j SECMARK --selctx system_u:object_r:rsync_server_packet_t:s0
-A selinux_new_input -p tcp --dport 25 -j SECMARK --selctx system_u:object_r:smtp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 465 -j SECMARK --selctx system_u:object_r:smtp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 587 -j SECMARK --selctx system_u:object_r:smtp_server_packet_t:s0
-A selinux_new_input -p udp --dport 161 -j SECMARK --selctx system_u:object_r:snmp_server_packet_t:s0
-A selinux_new_input -p udp --dport 162 -j SECMARK --selctx system_u:object_r:snmp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 199 -j SECMARK --selctx system_u:object_r:snmp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1161 -j SECMARK --selctx system_u:object_r:snmp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 783 -j SECMARK --selctx system_u:object_r:spamd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 22 -j SECMARK --selctx system_u:object_r:ssh_server_packet_t:s0
-A selinux_new_input -p udp --dport 3401 -j SECMARK --selctx system_u:object_r:squid_server_packet_t:s0
-A selinux_new_input -p tcp --dport 3401 -j SECMARK --selctx system_u:object_r:squid_server_packet_t:s0
-A selinux_new_input -p udp --dport 4827 -j SECMARK --selctx system_u:object_r:squid_server_packet_t:s0
-A selinux_new_input -p tcp --dport 4827 -j SECMARK --selctx system_u:object_r:squid_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8000 -j SECMARK --selctx system_u:object_r:soundd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9433 -j SECMARK --selctx system_u:object_r:soundd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 16001 -j SECMARK --selctx system_u:object_r:soundd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 901 -j SECMARK --selctx system_u:object_r:swat_server_packet_t:s0
-A selinux_new_input -p udp --dport 514 -j SECMARK --selctx system_u:object_r:syslogd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 23 -j SECMARK --selctx system_u:object_r:telnetd_server_packet_t:s0
-A selinux_new_input -p udp --dport 69 -j SECMARK --selctx system_u:object_r:tftp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 1701 -j SECMARK --selctx system_u:object_r:tomcat_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6969 -j SECMARK --selctx system_u:object_r:tor_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9001 -j SECMARK --selctx system_u:object_r:tor_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9030 -j SECMARK --selctx system_u:object_r:tor_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9050 -j SECMARK --selctx system_u:object_r:tor_server_packet_t:s0
-A selinux_new_input -p tcp --dport 9051 -j SECMARK --selctx system_u:object_r:tor_server_packet_t:s0
-A selinux_new_input -p udp --dport 64000 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64001 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64002 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64003 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64004 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64005 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64006 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64007 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64008 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64009 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p udp --dport 64010 -j SECMARK --selctx system_u:object_r:traceroute_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8081 -j SECMARK --selctx system_u:object_r:transproxy_server_packet_t:s0
-A selinux_new_input -p tcp --dport 540 -j SECMARK --selctx system_u:object_r:uucpd_server_packet_t:s0
-A selinux_new_input -p tcp --dport 16509 -j SECMARK --selctx system_u:object_r:virt_server_packet_t:s0
-A selinux_new_input -p udp --dport 16509 -j SECMARK --selctx system_u:object_r:virt_server_packet_t:s0
-A selinux_new_input -p tcp --dport 16514 -j SECMARK --selctx system_u:object_r:virt_server_packet_t:s0
-A selinux_new_input -p udp --dport 16514 -j SECMARK --selctx system_u:object_r:virt_server_packet_t:s0
-A selinux_new_input -p tcp --dport 5900 -j SECMARK --selctx system_u:object_r:vnc_server_packet_t:s0
-A selinux_new_input -p udp --dport 2048 -j SECMARK --selctx system_u:object_r:wccp_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8002 -j SECMARK --selctx system_u:object_r:xen_server_packet_t:s0
-A selinux_new_input -p tcp --dport 7100 -j SECMARK --selctx system_u:object_r:xfs_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6000 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6001 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6002 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6003 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6004 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6005 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6006 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6007 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6008 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6009 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6010 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6011 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6012 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6013 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6014 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6015 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6016 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6017 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6018 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6019 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 6020 -j SECMARK --selctx system_u:object_r:xserver_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2600 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2601 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2602 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2603 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2604 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 2606 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2600 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2601 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2602 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2603 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2604 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p udp --dport 2606 -j SECMARK --selctx system_u:object_r:zebra_server_packet_t:s0
-A selinux_new_input -p tcp --dport 8021 -j SECMARK --selctx system_u:object_r:zope_server_packet_t:s0
-A selinux_new_output -j SECMARK --selctx system_u:object_r:client_packet_t:s0
-A selinux_new_output -p udp --dport 7007 -j SECMARK --selctx system_u:object_r:afs_bos_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2040 -j SECMARK --selctx system_u:object_r:afs_fs_client_packet_t:s0
-A selinux_new_output -p udp --dport 7000 -j SECMARK --selctx system_u:object_r:afs_fs_client_packet_t:s0
-A selinux_new_output -p udp --dport 7005 -j SECMARK --selctx system_u:object_r:afs_fs_client_packet_t:s0
-A selinux_new_output -p udp --dport 7004 -j SECMARK --selctx system_u:object_r:afs_ka_client_packet_t:s0
-A selinux_new_output -p udp --dport 7002 -j SECMARK --selctx system_u:object_r:afs_pt_client_packet_t:s0
-A selinux_new_output -p udp --dport 7003 -j SECMARK --selctx system_u:object_r:afs_vl_client_packet_t:s0
-A selinux_new_output -p udp --dport 705 -j SECMARK --selctx system_u:object_r:agentx_client_packet_t:s0
-A selinux_new_output -p tcp --dport 705 -j SECMARK --selctx system_u:object_r:agentx_client_packet_t:s0
-A selinux_new_output -p udp --dport 10080 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10080 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p udp --dport 10081 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10081 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10082 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10083 -j SECMARK --selctx system_u:object_r:amanda_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10024 -j SECMARK --selctx system_u:object_r:amavisd_recv_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10025 -j SECMARK --selctx system_u:object_r:amavisd_send_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3551 -j SECMARK --selctx system_u:object_r:apcupsd_client_packet_t:s0
-A selinux_new_output -p udp --dport 3551 -j SECMARK --selctx system_u:object_r:apcupsd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1720 -j SECMARK --selctx system_u:object_r:asterisk_client_packet_t:s0
-A selinux_new_output -p udp --dport 2427 -j SECMARK --selctx system_u:object_r:asterisk_client_packet_t:s0
-A selinux_new_output -p udp --dport 2727 -j SECMARK --selctx system_u:object_r:asterisk_client_packet_t:s0
-A selinux_new_output -p udp --dport 4569 -j SECMARK --selctx system_u:object_r:asterisk_client_packet_t:s0
-A selinux_new_output -p udp --dport 5060 -j SECMARK --selctx system_u:object_r:asterisk_client_packet_t:s0
-A selinux_new_output -p tcp --dport 60 -j SECMARK --selctx system_u:object_r:audit_client_packet_t:s0
-A selinux_new_output -p tcp --dport 113 -j SECMARK --selctx system_u:object_r:auth_client_packet_t:s0
-A selinux_new_output -p tcp --dport 179 -j SECMARK --selctx system_u:object_r:bgp_client_packet_t:s0
-A selinux_new_output -p udp --dport 179 -j SECMARK --selctx system_u:object_r:bgp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2605 -j SECMARK --selctx system_u:object_r:bgp_client_packet_t:s0
-A selinux_new_output -p udp --dport 2605 -j SECMARK --selctx system_u:object_r:bgp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3310 -j SECMARK --selctx system_u:object_r:clamd_client_packet_t:s0
-A selinux_new_output -p udp --dport 4041 -j SECMARK --selctx system_u:object_r:clockspeed_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5149 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 5149 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p tcp --dport 40040 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p tcp --dport 50006 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 50006 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p tcp --dport 50007 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 50007 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p tcp --dport 50008 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 50008 -j SECMARK --selctx system_u:object_r:cluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 512 -j SECMARK --selctx system_u:object_r:comsat_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2401 -j SECMARK --selctx system_u:object_r:cvs_client_packet_t:s0
-A selinux_new_output -p udp --dport 2401 -j SECMARK --selctx system_u:object_r:cvs_client_packet_t:s0
-A selinux_new_output -p udp --dport 6276 -j SECMARK --selctx system_u:object_r:dcc_client_packet_t:s0
-A selinux_new_output -p udp --dport 6277 -j SECMARK --selctx system_u:object_r:dcc_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1178 -j SECMARK --selctx system_u:object_r:dbskkd_client_packet_t:s0
-A selinux_new_output -p udp --dport 68 -j SECMARK --selctx system_u:object_r:dhcpc_client_packet_t:s0
-A selinux_new_output -p udp --dport 67 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 647 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p udp --dport 647 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 847 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p udp --dport 847 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7911 -j SECMARK --selctx system_u:object_r:dhcpd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2628 -j SECMARK --selctx system_u:object_r:dict_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3632 -j SECMARK --selctx system_u:object_r:distccd_client_packet_t:s0
-A selinux_new_output -p udp --dport 53 -j SECMARK --selctx system_u:object_r:dns_client_packet_t:s0
-A selinux_new_output -p tcp --dport 53 -j SECMARK --selctx system_u:object_r:dns_client_packet_t:s0
-A selinux_new_output -p tcp --dport 79 -j SECMARK --selctx system_u:object_r:fingerd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 20 -j SECMARK --selctx system_u:object_r:ftp_data_client_packet_t:s0
-A selinux_new_output -p tcp --dport 21 -j SECMARK --selctx system_u:object_r:ftp_client_packet_t:s0
-A selinux_new_output -p udp --dport 1718 -j SECMARK --selctx system_u:object_r:gatekeeper_client_packet_t:s0
-A selinux_new_output -p udp --dport 1719 -j SECMARK --selctx system_u:object_r:gatekeeper_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1721 -j SECMARK --selctx system_u:object_r:gatekeeper_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7000 -j SECMARK --selctx system_u:object_r:gatekeeper_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1213 -j SECMARK --selctx system_u:object_r:giftd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 70 -j SECMARK --selctx system_u:object_r:gopher_client_packet_t:s0
-A selinux_new_output -p udp --dport 70 -j SECMARK --selctx system_u:object_r:gopher_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3128 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p udp --dport 3130 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8080 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8118 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11211 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p udp --dport 11211 -j SECMARK --selctx system_u:object_r:http_cache_client_packet_t:s0
-A selinux_new_output -p tcp --dport 80 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 443 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 488 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8008 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8009 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8443 -j SECMARK --selctx system_u:object_r:http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5335 -j SECMARK --selctx system_u:object_r:howl_client_packet_t:s0
-A selinux_new_output -p udp --dport 5353 -j SECMARK --selctx system_u:object_r:howl_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1782 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2207 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2208 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8290 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 50000 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 50002 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8292 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9100 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9101 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9102 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9220 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9221 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9222 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9280 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9281 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9282 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9290 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9291 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9292 -j SECMARK --selctx system_u:object_r:hplip_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9010 -j SECMARK --selctx system_u:object_r:i18n_input_client_packet_t:s0
-A selinux_new_output -p tcp --dport 4500 -j SECMARK --selctx system_u:object_r:ipsecnat_client_packet_t:s0
-A selinux_new_output -p udp --dport 4500 -j SECMARK --selctx system_u:object_r:ipsecnat_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5323 -j SECMARK --selctx system_u:object_r:imaze_client_packet_t:s0
-A selinux_new_output -p udp --dport 5323 -j SECMARK --selctx system_u:object_r:imaze_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 1 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 7 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 9 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 13 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 19 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 19 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 37 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 37 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 512 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 543 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 544 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 891 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 891 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 892 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p udp --dport 892 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2105 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5666 -j SECMARK --selctx system_u:object_r:inetd_child_client_packet_t:s0
-A selinux_new_output -p tcp --dport 119 -j SECMARK --selctx system_u:object_r:innd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 631 -j SECMARK --selctx system_u:object_r:ipp_client_packet_t:s0
-A selinux_new_output -p udp --dport 631 -j SECMARK --selctx system_u:object_r:ipp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6667 -j SECMARK --selctx system_u:object_r:ircd_client_packet_t:s0
-A selinux_new_output -p udp --dport 500 -j SECMARK --selctx system_u:object_r:isakmp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3260 -j SECMARK --selctx system_u:object_r:iscsi_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3205 -j SECMARK --selctx system_u:object_r:isns_client_packet_t:s0
-A selinux_new_output -p udp --dport 3205 -j SECMARK --selctx system_u:object_r:isns_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5222 -j SECMARK --selctx system_u:object_r:jabber_client_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5223 -j SECMARK --selctx system_u:object_r:jabber_client_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5269 -j SECMARK --selctx system_u:object_r:jabber_interserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 464 -j SECMARK --selctx system_u:object_r:kerberos_admin_client_packet_t:s0
-A selinux_new_output -p udp --dport 464 -j SECMARK --selctx system_u:object_r:kerberos_admin_client_packet_t:s0
-A selinux_new_output -p tcp --dport 749 -j SECMARK --selctx system_u:object_r:kerberos_admin_client_packet_t:s0
-A selinux_new_output -p tcp --dport 4444 -j SECMARK --selctx system_u:object_r:kerberos_master_client_packet_t:s0
-A selinux_new_output -p udp --dport 4444 -j SECMARK --selctx system_u:object_r:kerberos_master_client_packet_t:s0
-A selinux_new_output -p tcp --dport 88 -j SECMARK --selctx system_u:object_r:kerberos_client_packet_t:s0
-A selinux_new_output -p udp --dport 88 -j SECMARK --selctx system_u:object_r:kerberos_client_packet_t:s0
-A selinux_new_output -p tcp --dport 750 -j SECMARK --selctx system_u:object_r:kerberos_client_packet_t:s0
-A selinux_new_output -p udp --dport 750 -j SECMARK --selctx system_u:object_r:kerberos_client_packet_t:s0
-A selinux_new_output -p tcp --dport 754 -j SECMARK --selctx system_u:object_r:kprop_client_packet_t:s0
-A selinux_new_output -p udp --dport 517 -j SECMARK --selctx system_u:object_r:ktalkd_client_packet_t:s0
-A selinux_new_output -p udp --dport 518 -j SECMARK --selctx system_u:object_r:ktalkd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 389 -j SECMARK --selctx system_u:object_r:ldap_client_packet_t:s0
-A selinux_new_output -p udp --dport 389 -j SECMARK --selctx system_u:object_r:ldap_client_packet_t:s0
-A selinux_new_output -p tcp --dport 636 -j SECMARK --selctx system_u:object_r:ldap_client_packet_t:s0
-A selinux_new_output -p udp --dport 636 -j SECMARK --selctx system_u:object_r:ldap_client_packet_t:s0
-A selinux_new_output -p tcp --dport 24 -j SECMARK --selctx system_u:object_r:lmtp_client_packet_t:s0
-A selinux_new_output -p udp --dport 24 -j SECMARK --selctx system_u:object_r:lmtp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2000 -j SECMARK --selctx system_u:object_r:mail_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3905 -j SECMARK --selctx system_u:object_r:mail_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1234 -j SECMARK --selctx system_u:object_r:monopd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1186 -j SECMARK --selctx system_u:object_r:mysqld_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3306 -j SECMARK --selctx system_u:object_r:mysqld_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1241 -j SECMARK --selctx system_u:object_r:nessus_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5405 -j SECMARK --selctx system_u:object_r:netsupport_client_packet_t:s0
-A selinux_new_output -p udp --dport 5405 -j SECMARK --selctx system_u:object_r:netsupport_client_packet_t:s0
-A selinux_new_output -p udp --dport 137 -j SECMARK --selctx system_u:object_r:nmbd_client_packet_t:s0
-A selinux_new_output -p udp --dport 138 -j SECMARK --selctx system_u:object_r:nmbd_client_packet_t:s0
-A selinux_new_output -p udp --dport 139 -j SECMARK --selctx system_u:object_r:nmbd_client_packet_t:s0
-A selinux_new_output -p udp --dport 123 -j SECMARK --selctx system_u:object_r:ntp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9080 -j SECMARK --selctx system_u:object_r:ocsp_client_packet_t:s0
-A selinux_new_output -p udp --dport 1194 -j SECMARK --selctx system_u:object_r:openvpn_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1194 -j SECMARK --selctx system_u:object_r:openvpn_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9997 -j SECMARK --selctx system_u:object_r:openvpn_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5988 -j SECMARK --selctx system_u:object_r:pegasus_http_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5989 -j SECMARK --selctx system_u:object_r:pegasus_https_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9180 -j SECMARK --selctx system_u:object_r:pki_ca_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9701 -j SECMARK --selctx system_u:object_r:pki_ca_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9443 -j SECMARK --selctx system_u:object_r:pki_ca_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9444 -j SECMARK --selctx system_u:object_r:pki_ca_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9445 -j SECMARK --selctx system_u:object_r:pki_ca_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10180 -j SECMARK --selctx system_u:object_r:pki_kra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10701 -j SECMARK --selctx system_u:object_r:pki_kra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10443 -j SECMARK --selctx system_u:object_r:pki_kra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10444 -j SECMARK --selctx system_u:object_r:pki_kra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 10445 -j SECMARK --selctx system_u:object_r:pki_kra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11180 -j SECMARK --selctx system_u:object_r:pki_ocsp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11701 -j SECMARK --selctx system_u:object_r:pki_ocsp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11443 -j SECMARK --selctx system_u:object_r:pki_ocsp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11444 -j SECMARK --selctx system_u:object_r:pki_ocsp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11445 -j SECMARK --selctx system_u:object_r:pki_ocsp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13180 -j SECMARK --selctx system_u:object_r:pki_tks_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13701 -j SECMARK --selctx system_u:object_r:pki_tks_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13443 -j SECMARK --selctx system_u:object_r:pki_tks_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13444 -j SECMARK --selctx system_u:object_r:pki_tks_client_packet_t:s0
-A selinux_new_output -p tcp --dport 13445 -j SECMARK --selctx system_u:object_r:pki_tks_client_packet_t:s0
-A selinux_new_output -p tcp --dport 12888 -j SECMARK --selctx system_u:object_r:pki_ra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 12889 -j SECMARK --selctx system_u:object_r:pki_ra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7888 -j SECMARK --selctx system_u:object_r:pki_tps_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7889 -j SECMARK --selctx system_u:object_r:pki_tps_client_packet_t:s0
-A selinux_new_output -p udp --dport 11371 -j SECMARK --selctx system_u:object_r:pgpkeyserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11371 -j SECMARK --selctx system_u:object_r:pgpkeyserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 106 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 109 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 110 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 143 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 220 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 993 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 995 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1109 -j SECMARK --selctx system_u:object_r:pop_client_packet_t:s0
-A selinux_new_output -p udp --dport 111 -j SECMARK --selctx system_u:object_r:portmap_client_packet_t:s0
-A selinux_new_output -p tcp --dport 111 -j SECMARK --selctx system_u:object_r:portmap_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5432 -j SECMARK --selctx system_u:object_r:postgresql_client_packet_t:s0
-A selinux_new_output -p tcp --dport 60000 -j SECMARK --selctx system_u:object_r:postgrey_client_packet_t:s0
-A selinux_new_output -p tcp --dport 4690 -j SECMARK --selctx system_u:object_r:prelude_client_packet_t:s0
-A selinux_new_output -p udp --dport 4690 -j SECMARK --selctx system_u:object_r:prelude_client_packet_t:s0
-A selinux_new_output -p tcp --dport 515 -j SECMARK --selctx system_u:object_r:printer_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5703 -j SECMARK --selctx system_u:object_r:ptal_client_packet_t:s0
-A selinux_new_output -p udp --dport 4011 -j SECMARK --selctx system_u:object_r:pxe_client_packet_t:s0
-A selinux_new_output -p udp --dport 24441 -j SECMARK --selctx system_u:object_r:pyzor_client_packet_t:s0
-A selinux_new_output -p udp --dport 1646 -j SECMARK --selctx system_u:object_r:radacct_client_packet_t:s0
-A selinux_new_output -p udp --dport 1813 -j SECMARK --selctx system_u:object_r:radacct_client_packet_t:s0
-A selinux_new_output -p udp --dport 1645 -j SECMARK --selctx system_u:object_r:radius_client_packet_t:s0
-A selinux_new_output -p udp --dport 1812 -j SECMARK --selctx system_u:object_r:radius_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2703 -j SECMARK --selctx system_u:object_r:razor_client_packet_t:s0
-A selinux_new_output -p tcp --dport 11111 -j SECMARK --selctx system_u:object_r:ricci_client_packet_t:s0
-A selinux_new_output -p udp --dport 11111 -j SECMARK --selctx system_u:object_r:ricci_client_packet_t:s0
-A selinux_new_output -p tcp --dport 16851 -j SECMARK --selctx system_u:object_r:ricci_modcluster_client_packet_t:s0
-A selinux_new_output -p udp --dport 16851 -j SECMARK --selctx system_u:object_r:ricci_modcluster_client_packet_t:s0
-A selinux_new_output -p tcp --dport 513 -j SECMARK --selctx system_u:object_r:rlogind_client_packet_t:s0
-A selinux_new_output -p tcp --dport 953 -j SECMARK --selctx system_u:object_r:rndc_client_packet_t:s0
-A selinux_new_output -p udp --dport 520 -j SECMARK --selctx system_u:object_r:router_client_packet_t:s0
-A selinux_new_output -p udp --dport 521 -j SECMARK --selctx system_u:object_r:router_client_packet_t:s0
-A selinux_new_output -p tcp --dport 521 -j SECMARK --selctx system_u:object_r:router_client_packet_t:s0
-A selinux_new_output -p tcp --dport 514 -j SECMARK --selctx system_u:object_r:rsh_client_packet_t:s0
-A selinux_new_output -p tcp --dport 873 -j SECMARK --selctx system_u:object_r:rsync_client_packet_t:s0
-A selinux_new_output -p udp --dport 873 -j SECMARK --selctx system_u:object_r:rsync_client_packet_t:s0
-A selinux_new_output -p tcp --dport 25 -j SECMARK --selctx system_u:object_r:smtp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 465 -j SECMARK --selctx system_u:object_r:smtp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 587 -j SECMARK --selctx system_u:object_r:smtp_client_packet_t:s0
-A selinux_new_output -p udp --dport 161 -j SECMARK --selctx system_u:object_r:snmp_client_packet_t:s0
-A selinux_new_output -p udp --dport 162 -j SECMARK --selctx system_u:object_r:snmp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 199 -j SECMARK --selctx system_u:object_r:snmp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1161 -j SECMARK --selctx system_u:object_r:snmp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 783 -j SECMARK --selctx system_u:object_r:spamd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 22 -j SECMARK --selctx system_u:object_r:ssh_client_packet_t:s0
-A selinux_new_output -p udp --dport 3401 -j SECMARK --selctx system_u:object_r:squid_client_packet_t:s0
-A selinux_new_output -p tcp --dport 3401 -j SECMARK --selctx system_u:object_r:squid_client_packet_t:s0
-A selinux_new_output -p udp --dport 4827 -j SECMARK --selctx system_u:object_r:squid_client_packet_t:s0
-A selinux_new_output -p tcp --dport 4827 -j SECMARK --selctx system_u:object_r:squid_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8000 -j SECMARK --selctx system_u:object_r:soundd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9433 -j SECMARK --selctx system_u:object_r:soundd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 16001 -j SECMARK --selctx system_u:object_r:soundd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 901 -j SECMARK --selctx system_u:object_r:swat_client_packet_t:s0
-A selinux_new_output -p udp --dport 514 -j SECMARK --selctx system_u:object_r:syslogd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 23 -j SECMARK --selctx system_u:object_r:telnetd_client_packet_t:s0
-A selinux_new_output -p udp --dport 69 -j SECMARK --selctx system_u:object_r:tftp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 1701 -j SECMARK --selctx system_u:object_r:tomcat_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6969 -j SECMARK --selctx system_u:object_r:tor_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9001 -j SECMARK --selctx system_u:object_r:tor_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9030 -j SECMARK --selctx system_u:object_r:tor_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9050 -j SECMARK --selctx system_u:object_r:tor_client_packet_t:s0
-A selinux_new_output -p tcp --dport 9051 -j SECMARK --selctx system_u:object_r:tor_client_packet_t:s0
-A selinux_new_output -p udp --dport 64000 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64001 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64002 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64003 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64004 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64005 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64006 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64007 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64008 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64009 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p udp --dport 64010 -j SECMARK --selctx system_u:object_r:traceroute_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8081 -j SECMARK --selctx system_u:object_r:transproxy_client_packet_t:s0
-A selinux_new_output -p tcp --dport 540 -j SECMARK --selctx system_u:object_r:uucpd_client_packet_t:s0
-A selinux_new_output -p tcp --dport 16509 -j SECMARK --selctx system_u:object_r:virt_client_packet_t:s0
-A selinux_new_output -p udp --dport 16509 -j SECMARK --selctx system_u:object_r:virt_client_packet_t:s0
-A selinux_new_output -p tcp --dport 16514 -j SECMARK --selctx system_u:object_r:virt_client_packet_t:s0
-A selinux_new_output -p udp --dport 16514 -j SECMARK --selctx system_u:object_r:virt_client_packet_t:s0
-A selinux_new_output -p tcp --dport 5900 -j SECMARK --selctx system_u:object_r:vnc_client_packet_t:s0
-A selinux_new_output -p udp --dport 2048 -j SECMARK --selctx system_u:object_r:wccp_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8002 -j SECMARK --selctx system_u:object_r:xen_client_packet_t:s0
-A selinux_new_output -p tcp --dport 7100 -j SECMARK --selctx system_u:object_r:xfs_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6000 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6001 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6002 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6003 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6004 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6005 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6006 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6007 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6008 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6009 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6010 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6011 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6012 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6013 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6014 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6015 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6016 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6017 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6018 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6019 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 6020 -j SECMARK --selctx system_u:object_r:xserver_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2600 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2601 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2602 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2603 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2604 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 2606 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2600 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2601 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2602 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2603 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2604 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p udp --dport 2606 -j SECMARK --selctx system_u:object_r:zebra_client_packet_t:s0
-A selinux_new_output -p tcp --dport 8021 -j SECMARK --selctx system_u:object_r:zope_client_packet_t:s0
-A selinux_new_input -j CONNSECMARK --save
-A selinux_new_input -j RETURN
-A selinux_new_output -j CONNSECMARK --save
-A selinux_new_output -j RETURN
COMMIT