# vpn tunneling protocol manager
type mtp, domain;
type mtp_exec, system_file_type, exec_type, file_type;

net_domain(mtp)

# pptp policy
allow mtp self:{ socket pppox_socket } create_socket_perms_no_ioctl;
allow mtp self:global_capability_class_set net_raw;
allow mtp ppp:process signal;
allow mtp vpn_data_file:dir search;