dhclient-script avc error f7

[Tim Fenn]

I recently upgraded a machine from FC6 to F7, and I used to use a
/etc/dhclient-exit-hooks script to call some iptables functions after
bringing up my external interface.  This used to work on FC6 as long
as I setsebool -P dhcpc_disable_trans 1, but the policy in F7 no
longer contains such a boolean, so dhclient-script is prevented from
getattr/executing iptables.  Is there a simple fix to this, or do I
need to write a policy and compile it?  If the latter, any pointers on
what the policy file should contain?

Thanks for any help,
tim