semanage port− SELinux Policy Management port mapping tool
semanage port [−h] [−n] [−N] [−S STORE] [ −−add −t TYPE −p PROTOCOL −r RANGE port_name | port_range | −−delete −p PROTOCOL port_name | port_range | −−deleteall | −−extract | −−list [−C] | −−modify −t TYPE −p PROTOCOL −r RANGE port_name | port_range ]
semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources. semanage port controls the port number to port type defitions.
−h, −−help
show this help message and exit
−n, −−noheading
Do not print heading when listing the specified object type
−N, −−noreload
Do not reload policy after commit
−S STORE, −−store STORE
Select an alternate SELinux Policy Store to manage
−C, −−locallist
List local customizations
−a, −−add
Add a record of the specified object type
−d, −−delete
Delete a record of the specified object type
−m, −−modify
Modify a record of the specified object type
−l, −−list
List records of the specified object type
−E, −−extract
Extract customizable commands, for use within a transaction
−D, −−deleteall
Remove all local customizations
−t TYPE, −−type TYPE
SELinux type for the object
−r RANGE, −−range RANGE
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. SELinux Range for SELinux user defaults to s0.
−p PROTO, −−proto PROTO
Protocol for the specified port (tcp|udp) or internet protocol version for the specified node (ipv4|ipv6).
List all port
defitions
# semanage port −l
Allow Apache to listen on tcp port 81
# semanage port −a −t http_port_t −p tcp
81
Allow sshd to listen on tcp port 8991
# semanage port −a −t ssh_port_t −p tcp
8991
selinux (8), semanage (8)
This man page was written by Daniel Walsh <dwalsh@redhat.com>