The NSA policy files for Snort specify an incorrect location for the Gentoo executable, and contain several omissions that prevent proper operation. These policy files resolve these problems. They have been tested with Snort 2.0.6 and can be reasonably expected to work with other releases of Snort.
Created attachment 23783 [details] Snort TE file
Created attachment 23784 [details] Snort FC file
Hmm, it looks like you could change the log_domain(snort) into a logdir_domain(snort), and then the extra logging lines you added at the bottom can be removed. Would you test this to make sure? Otherwise it looks good.
Created attachment 23810 [details] SELinux TE file for Snort Revised to use logdir_domain(), eliminating need for two allows related to logging. Also revised to include permissions necessary for startup via run_init.
committed to policy cvs
committed to portage