module local-waydroid-nft 1.0;

require {
	type virtd_t;
	type iptables_t;
	class process { noatsecure rlimitinh siginh };
}

#============= virtd_t ==============
allow virtd_t iptables_t:process { noatsecure rlimitinh siginh };