diff --git a/public/racoon.te b/public/racoon.te
index 3255b9e3ce7948a7bd0187037eeef29973f3c2f6..476981e43fa25cd88186341db7f28c261ad19bdf 100644
--- a/public/racoon.te
+++ b/public/racoon.te
@@ -5,7 +5,7 @@ type racoon_exec, exec_type, file_type;
 typeattribute racoon mlstrustedsubject;
 
 net_domain(racoon)
-allowxperm racoon self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFADDR };
+allowxperm racoon self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFADDR SIOCSIFNETMASK };
 
 binder_use(racoon)