I hope this is an appropriate place for this question; if not, if you
have any good suggestions on where I might get an answer, let me
know. I've searched all over and found very little.
Briefly, I would like to be able to attach a socket filter to sockets
(including listeners) that were created prior to the loading of my NKE.
I looked at how netstat worked, using a sysctl to get at tcbinfo, and
after digging through various structs, I wasn't convinced that I'd be
able to get a socket_t out of that, even if I could figure out how to
get at that symbol.
I also saw that every open socket is added to the associated proc
struct (I think), but I wasn't sure how I could distinguish between
sockets and non-sockets. And I thought I might be reduced to
iterating through all possible pids, unless I could similarly get
access to the pidhashtbl symbol.
And both of those ideas relied on symbols that I'm probably not
supposed to be using, directly, anyway.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/darwin-dev/email@hidden
This email sent to email@hidden
