From Debian package 0.0.20080702-11

Allow freshclam_t to read the routing table and talk to http_cache_port_t

Index: policy/modules/services/clamav.te
===================================================================
--- policy/modules/services/clamav.te.orig
+++ policy/modules/services/clamav.te
@@ -57,6 +57,8 @@
 type freshclam_exec_t;
 init_daemon_domain(freshclam_t, freshclam_exec_t)
 
+allow freshclam_t self:netlink_route_socket r_netlink_socket_perms;
+
 # log files
 type freshclam_var_log_t;
 logging_log_file(freshclam_var_log_t)
@@ -208,6 +210,7 @@
 corenet_tcp_sendrecv_all_ports(freshclam_t)
 corenet_tcp_sendrecv_clamd_port(freshclam_t)
 corenet_tcp_connect_http_port(freshclam_t)
+corenet_tcp_connect_http_cache_port(freshclam_t)
 corenet_sendrecv_http_client_packets(freshclam_t)
 
 dev_read_rand(freshclam_t)