1netlabelctl(1) NetLabel Documentation netlabelctl(1)
2
6 netlabelctl - NetLabel control utility
7
9 netlabelctl [<flags>] <module> [<commands>]
10
12 netlabelctl allows privileged users to query and manipulate the NetLa‐
13 bel subsystem within the kernel.
14
16 Flags
17 -h Help message
19 -p Attempt to make the output "pretty"
21 -t <seconds>
23 Set a timeout to be used when waiting for the NetLabel subsystem
24 to respond
25 -v Enable extra output
27 -V Display the version information
29 Modules
31 mgmt The following commands are valid within this module
33 version
35 protocols
36 map The following commands are valid within this module
38 add default|domain:<domain> protocol:<protocol>[,<extra>]
40 del default|domain:<domain>
41 list
42 unlbl The following commands are valid within this module
44 accept on|off
46 list
47 cipsov4
49 The following commands are valid within this module
50 add std doi:<DOI> tags:<T1>,<Tn> levels:<LL1>=<RL1>,<LLn>=<RLn>
52 categories:<LC1>=<RC1>,<LCn>=<RCn>
53 add pass doi:<DOI> tags:<T1>,<Tn>
54 del doi:<DOI>
55 list [doi:<DOI>]
56
58 netlabelctl cipsov4 add std doi:8 tags:1 levels:0=0,1=1 cate‐
59 gories:0=1,1=0
60 Add a CIPSO/IPv4 mapping with a DOI value of "8", using CIPSO
61 tag "1" (the permissive bitmap tag). The specified mapping con‐
62 verts local LSM levels "0" and "1" to CIPSO levels "0" and "1"
63 respectively while local LSM categories "0" and "1" are mapped
64 to CIPSO categories "1" and "0" respectively.
65 netlabelctl map add domain:lsm_specific_string protocol:cipsov4,8
67 Add a domain mapping so that all outgoing packets asscoiated
68 with the specified LSM domain string will be labeled according
69 to the CIPSO/IPv4 protocol using DOI 8.
70
72 This program is currently under development, please report any bugs to
73 the author.
74
76 Paul Moore <paul.moore@hp.com>
77
79 <other pages to be created at a future date>
80paul.moore@hp.com 14 July 2006 netlabelctl(1)