module my-iptables 1.0;

require {
	type admin_home_t;
	type iptables_t;
	class file read;
}

#============= iptables_t ==============
allow iptables_t admin_home_t:file read;